A protocol for anonymous access to a database where the different records have different access control permissions is described. The permissions can be attributes, roles or rights that an authorized user needs to have to access the record. The database provider does not learn which record the user accesses and which attributes or roles the user has when she accesses the database. The database provider publishes the encrypted database where each record is encrypted with a key that is derived from at least the index of the record, its access control attributes and a secret key of the database provider. The user obtains a credential from an issuer for each access control attribute (ACL) that is associated with the user. Then the user retrieves the key for a particular record from the database provider and uses this key to decrypt the encrypted record.
展开▼
