{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,13]],"date-time":"2026-01-13T22:40:32Z","timestamp":1768344032701,"version":"3.49.0"},"reference-count":42,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2010,12,1]],"date-time":"2010-12-01T00:00:00Z","timestamp":1291161600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100000180","name":"U.S. Department of Homeland Security","doi-asserted-by":"publisher","award":["2006-CS-001-000001"],"award-info":[{"award-number":["2006-CS-001-000001"]}],"id":[{"id":"10.13039\/100000180","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000144","name":"Division of Computer and Network Systems","doi-asserted-by":"publisher","award":["CNS 05-24695"],"award-info":[{"award-number":["CNS 05-24695"]}],"id":[{"id":"10.13039\/100000144","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000144","name":"Division of Computer and Network Systems","doi-asserted-by":"publisher","award":["CNS 07-16626"],"award-info":[{"award-number":["CNS 07-16626"]}],"id":[{"id":"10.13039\/100000144","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000144","name":"Division of Computer and Network Systems","doi-asserted-by":"publisher","award":["CNS 05-24516"],"award-info":[{"award-number":["CNS 05-24516"]}],"id":[{"id":"10.13039\/100000144","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000144","name":"Division of Computer and Network Systems","doi-asserted-by":"publisher","award":["CNS 07-16421"],"award-info":[{"award-number":["CNS 07-16421"]}],"id":[{"id":"10.13039\/100000144","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N00014-04-1-0562"],"award-info":[{"award-number":["N00014-04-1-0562"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N00014-06-1-1108N00014-07-1-1173"],"award-info":[{"award-number":["N00014-06-1-1108N00014-07-1-1173"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000006","name":"Office of Naval Research","doi-asserted-by":"publisher","award":["N00014-08-1-0248"],"award-info":[{"award-number":["N00014-08-1-0248"]}],"id":[{"id":"10.13039\/100000006","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Inf. Syst. Secur."],"published-print":{"date-parts":[[2010,12]]},"abstract":"\n Attribute-Based Messaging<\/jats:italic>\n (ABM) enables messages to be addressed using attributes of recipients rather than an explicit list of recipients. Such messaging offers benefits of efficiency, exclusiveness, and intensionality, but faces challenges in access control and confidentiality. In this article we explore an approach to intraenterprise ABM based on providing access control and confidentiality using information from the same attribute database exploited by the addressing scheme. We show how to address three key challenges. First, we demonstrate a manageable access control system based on attributes. Second, we demonstrate use of attribute-based encryption to provide end-to-end confidentiality. Third, we show that such a system can be efficient enough to support ABM for mid-size enterprises. Our implementation can dispatch confidential ABM messages approved by XACML policy review for an enterprise of at least 60,000 users with only seconds of latency.\n <\/jats:p>","DOI":"10.1145\/1880022.1880025","type":"journal-article","created":{"date-parts":[[2010,12,29]],"date-time":"2010-12-29T14:32:48Z","timestamp":1293633168000},"page":"1-35","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":25,"title":["Attribute-Based Messaging"],"prefix":"10.1145","volume":"13","author":[{"given":"Rakesh","family":"Bobba","sequence":"first","affiliation":[{"name":"University of Illinois Urbana-Champaign"}]},{"given":"Omid","family":"Fatemieh","sequence":"additional","affiliation":[{"name":"University of Illinois Urbana-Champaign"}]},{"given":"Fariba","family":"Khan","sequence":"additional","affiliation":[{"name":"University of Illinois Urbana-Champaign"}]},{"given":"Arindam","family":"Khan","sequence":"additional","affiliation":[{"name":"University of Illinois Urbana-Champaign"}]},{"given":"Carl A.","family":"Gunter","sequence":"additional","affiliation":[{"name":"University of Illinois Urbana-Champaign"}]},{"given":"Himanshu","family":"Khurana","sequence":"additional","affiliation":[{"name":"University of Illinois Urbana-Champaign"}]},{"given":"Manoj","family":"Prabhakaran","sequence":"additional","affiliation":[{"name":"University of Illinois Urbana-Champaign"}]}],"member":"320","published-online":{"date-parts":[[2010,12]]},"reference":[{"key":"e_1_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1109\/ECOWS.2006.9"},{"key":"e_1_2_1_2_1","volume-title":"Proceedings of the 14th Annual Network and Distributed System Security Symposium (NDSS\u201907)","author":"Ateniese G.","unstructured":"Ateniese , G. , Kirsch , J. , and Blanton , M . 2007. Secret handshakes with dynamic and fuzzy matching . In Proceedings of the 14th Annual Network and Distributed System Security Symposium (NDSS\u201907) . Ateniese, G., Kirsch, J., and Blanton, M. 2007. Secret handshakes with dynamic and fuzzy matching. In Proceedings of the 14th Annual Network and Distributed System Security Symposium (NDSS\u201907)."},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2007.11"},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/1533057.1533093"},{"key":"e_1_2_1_5_1","volume-title":"Proceedings of the European Symposium on Research in Computer Security (ESORICS\u201909)","volume":"5789","author":"Bobba R.","unstructured":"Bobba , R. , Khurana , H. , and Prabhakaran , M . 2009b. Attribute-sets: A practically motivated enhancement to attribute-based encryption . In Proceedings of the European Symposium on Research in Computer Security (ESORICS\u201909) . M. Backes and P. Ning Eds., Lecture Notes in Computer Science , vol. 5789 , Springer, 587--604. Bobba, R., Khurana, H., and Prabhakaran, M. 2009b. Attribute-sets: A practically motivated enhancement to attribute-based encryption. In Proceedings of the European Symposium on Research in Computer Security (ESORICS\u201909). M. Backes and P. Ning Eds., Lecture Notes in Computer Science, vol. 5789, Springer, 587--604."},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455823"},{"key":"e_1_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.5555\/603404.603407"},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1137\/S0097539701398521"},{"key":"e_1_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1145\/1102120.1102142"},{"key":"e_1_2_1_10_1","volume-title":"Proceedings of the 8th IFIP TC-6 TC-11 Conference on Communications and Multimedia Security (CMS\u201904)","author":"Chadwick D.","unstructured":"Chadwick , D. , Lunt , G. , and Zhao , G . 2004. Secure role-based messaging . In Proceedings of the 8th IFIP TC-6 TC-11 Conference on Communications and Multimedia Security (CMS\u201904) . Springer, 263--275. Chadwick, D., Lunt, G., and Zhao, G. 2004. Secure role-based messaging. In Proceedings of the 8th IFIP TC-6 TC-11 Conference on Communications and Multimedia Security (CMS\u201904). Springer, 263--275."},{"key":"e_1_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653678"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.5555\/647995.742435"},{"key":"e_1_2_1_13_1","volume-title":"Proceedings of the 5th IEEE International Symposium on Signal Processing and Information.","author":"Damiani E.","unstructured":"Damiani , E. , Di Vimercati , S. D. C. , and Samarati , P . 2005. New paradigms for access control in open environments . In Proceedings of the 5th IEEE International Symposium on Signal Processing and Information. Damiani, E., Di Vimercati, S. D. C., and Samarati, P. 2005. New paradigms for access control in open environments. In Proceedings of the 5th IEEE International Symposium on Signal Processing and Information."},{"key":"e_1_2_1_14_1","unstructured":"Ferraiolo D. Khun D. and Chandramouli R. 2003. Role Based Access Control. Artech House Norwood MA. Ferraiolo D. Khun D. and Chandramouli R. 2003. Role Based Access Control . Artech House Norwood MA."},{"key":"e_1_2_1_15_1","volume-title":"Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology (CRYPTO\u201999)","author":"Fujisaki E.","unstructured":"Fujisaki , E. and Okamoto , T . 1999. Secure integration of asymmetric and symmetric encryption schemes . In Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology (CRYPTO\u201999) . Springer, 537--554. Fujisaki, E. and Okamoto, T. 1999. Secure integration of asymmetric and symmetric encryption schemes. In Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology (CRYPTO\u201999). Springer, 537--554."},{"key":"e_1_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICIMP.2007.15"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180418"},{"key":"e_1_2_1_18_1","unstructured":"Hofmann W. D. and Hurley P. E. 1999. Method and apparatus for attribute-based addressing of messages in a networked system. Tech. rep. WO\/1999\/039271 Aveo Inc. Hofmann W. D. and Hurley P. E. 1999. Method and apparatus for attribute-based addressing of messages in a networked system. Tech. rep. WO\/1999\/039271 Aveo Inc."},{"key":"e_1_2_1_19_1","doi-asserted-by":"crossref","unstructured":"Katz J. Sahai A. and \n Waters B\n . \n 2008\n . Predicate encryption supporting disjunctions polynomial equations and inner products. In Proceedings of the 27th Annual International Conference on Advances in Cryptology Theory and Applications of Cryptographic Techniques (CRYPTO\u201908). N. P. Smart Ed. Lecture Notes in Computer Science vol. \n 4965 Springer 146--162. Katz J. Sahai A. and Waters B. 2008. Predicate encryption supporting disjunctions polynomial equations and inner products. In Proceedings of the 27th Annual International Conference on Advances in Cryptology Theory and Applications of Cryptographic Techniques (CRYPTO\u201908). N. P. Smart Ed. Lecture Notes in Computer Science vol. 4965 Springer 146--162.","DOI":"10.1007\/978-3-540-78967-3_9"},{"key":"e_1_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1007\/11935308_19"},{"key":"e_1_2_1_21_1","volume-title":"Proceedings of the IEEE Symposium on Security and Privacy (SP\u201902)","author":"Li N.","unstructured":"Li , N. , Mitchell , J. C. , and Winsborough , W. H . 2002. Design of a role-based trust-management framework . In Proceedings of the IEEE Symposium on Security and Privacy (SP\u201902) . IEEE, 114. Li, N., Mitchell, J. C., and Winsborough, W. H. 2002. Design of a role-based trust-management framework. In Proceedings of the IEEE Symposium on Security and Privacy (SP\u201902). IEEE, 114."},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1007\/11687238_44"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/1292609.1292620"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/968559.968563"},{"key":"e_1_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICWS.2005.138"},{"key":"e_1_2_1_26_1","article-title":"Proxy cryptosystem: Delegation of the power to decrypt ciphertexts. IEICE","author":"Mambo M.","year":"1997","unstructured":"Mambo , M. and Okamoto , E. 1997 . Proxy cryptosystem: Delegation of the power to decrypt ciphertexts. IEICE Trans. Fundam. Electron. Comm. Comput. Sci. E80, A(1), 54--63. Mambo, M. and Okamoto, E. 1997. Proxy cryptosystem: Delegation of the power to decrypt ciphertexts. IEICE Trans. Fundam. Electron. Comm. Comput. Sci. E80, A(1), 54--63.","journal-title":"Trans. Fundam. Electron. Comm. Comput. Sci. E80, A(1), 54--63."},{"key":"e_1_2_1_27_1","volume-title":"Proceedings of the 14th International Workshop on Database and Expert Systems Applications (DEXA\u201903)","author":"Mont M. C.","unstructured":"Mont , M. C. , Bramhall , P. , and Harrison , K . 2003. A flexible role-based secure messaging service: Exploiting IBE technology for privacy in health care . In Proceedings of the 14th International Workshop on Database and Expert Systems Applications (DEXA\u201903) . IEEE, 432. Mont, M. C., Bramhall, P., and Harrison, K. 2003. A flexible role-based secure messaging service: Exploiting IBE technology for privacy in health care. In Proceedings of the 14th International Workshop on Database and Expert Systems Applications (DEXA\u201903). IEEE, 432."},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.4134\/BKMS.2009.46.4.803"},{"key":"e_1_2_1_29_1","doi-asserted-by":"crossref","unstructured":"Myers J. 1999. SMTP service extension for authentication. RFC 2554 Internet Engineering Task Force. Myers J. 1999. SMTP service extension for authentication. RFC 2554 Internet Engineering Task Force.","DOI":"10.17487\/rfc2554"},{"key":"e_1_2_1_30_1","doi-asserted-by":"crossref","unstructured":"Nishide T. Yoneyama K. and \n Ohta K\n . \n 2008\n . Attribute-based encryption with partially hidden encryptor-specified access structures. In Proceedings of the 6th International Conference on Applied Cryptography and Network Security (ACNS\u201908). S. M. Bellovin et al. Eds. Lecture Notes in Computer Science vol. \n 5037 Springer 111--129. Nishide T. Yoneyama K. and Ohta K. 2008. Attribute-based encryption with partially hidden encryptor-specified access structures. In Proceedings of the 6th International Conference on Applied Cryptography and Network Security (ACNS\u201908). S. M. Bellovin et al. Eds. Lecture Notes in Computer Science vol. 5037 Springer 111--129.","DOI":"10.1007\/978-3-540-68914-0_7"},{"key":"e_1_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1145\/1455770.1455808"},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315270"},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1145\/1180405.1180419"},{"key":"e_1_2_1_34_1","doi-asserted-by":"crossref","unstructured":"Ramsdell E. 2004a. Secure\/Multipurpose internet mail extensions (S\/MIME) version 3.1 certificate handling. RFC 3850 Internet Engineering Task Force. Ramsdell E. 2004a. Secure\/Multipurpose internet mail extensions (S\/MIME) version 3.1 certificate handling. RFC 3850 Internet Engineering Task Force.","DOI":"10.17487\/rfc3850"},{"key":"e_1_2_1_35_1","doi-asserted-by":"crossref","unstructured":"Ramsdell E. 2004b. Secure\/Multipurpose internet mail extensions (S\/MIME) version 3.1 message specification. RFC 3851 Internet Engineering Task Force. Ramsdell E. 2004b. Secure\/Multipurpose internet mail extensions (S\/MIME) version 3.1 message specification. RFC 3851 Internet Engineering Task Force.","DOI":"10.17487\/rfc3851"},{"key":"e_1_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1007\/11426639_27"},{"key":"e_1_2_1_37_1","doi-asserted-by":"publisher","DOI":"10.1109\/PROC.1975.9939"},{"key":"e_1_2_1_38_1","volume-title":"Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS\u201908)","author":"Traynor P.","year":"2008","unstructured":"Traynor , P. , Butler , K. , Enck , W. , and McDaniel , P. 2008 . Realizing massive-scale conditional access systems through attribute-based cryptosystems . In Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS\u201908) . Traynor, P., Butler, K., Enck, W., and McDaniel, P. 2008. Realizing massive-scale conditional access systems through attribute-based cryptosystems. In Proceedings of the 15th Annual Network and Distributed System Security Symposium (NDSS\u201908)."},{"key":"e_1_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1145\/1029133.1029140"},{"key":"e_1_2_1_40_1","unstructured":"Waters B. 2008. Ciphertext-policy attribute-based encryption: An expressive efficient and provably secure realization. Cryptology ePrint Archive rep. 2008\/290. http:\/\/eprint.iacr.org\/. Waters B. 2008. Ciphertext-policy attribute-based encryption: An expressive efficient and provably secure realization. Cryptology ePrint Archive rep. 2008\/290. http:\/\/eprint.iacr.org\/."},{"key":"e_1_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/605434.605435"},{"key":"e_1_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICWS.2005.25"}],"container-title":["ACM Transactions on Information and System Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1880022.1880025","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1880022.1880025","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T10:52:15Z","timestamp":1750243935000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1880022.1880025"}},"subtitle":["Access Control and Confidentiality"],"short-title":[],"issued":{"date-parts":[[2010,12]]},"references-count":42,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2010,12]]}},"alternative-id":["10.1145\/1880022.1880025"],"URL":"https:\/\/doi.org\/10.1145\/1880022.1880025","relation":{},"ISSN":["1094-9224","1557-7406"],"issn-type":[{"value":"1094-9224","type":"print"},{"value":"1557-7406","type":"electronic"}],"subject":[],"published":{"date-parts":[[2010,12]]},"assertion":[{"value":"2008-05-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2010-01-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2010-12-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}