In any scheme for protecting the confidentiality of data, selecting a key and encrypting the data is the easy part. The difficult part is controlling access to decryption keys. This becomes particularly significant with object-based protection, that is protection of an object, such as a file or a message, regardless of where the object is currently being stored or transferred within a distributed environment. An example of object-based protection is traditional electronic mail encryption, where access control amounts to selecting a list of individuals permitted to decrypt a message and attaching copies of the symmetric encryption key, encrypted using their public keys, to the encrypted message content. We present a different means of controlling access to decryption keys which can support more flexible access control rules and can better reflect security policy. It is particularly suitable for use in such data distribution environments as public file servers, bulletin boards, commercial information dissemination services, and groupware applications. Because all participants need to trust central servers, the method is less suitable for loosely-connected groups than for medium to large commercial or government organizations.

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	DIF1	W. Diffie and M. Hellman, "New Directions in Cryptography", IEEE Transactions on Information Theory, vol. 1T-22, no. 6 (1976), pp. 644-654.
	ECM1	European Computer Manufacturers Association, Security in Open Systems ~ A Security Framework, Technical Report ECMA TR/46, July 1988.
	ISO1	ISO/IEC and ITU, Information Technology Message Handling Systems, ISO/IEC 10021 International Standard and ITU CCITT X.400 series Recommendations, 1988.
	KOH1	J.T. Kohl and B.C. Neuman, The Kerberos Network Authentication Service (V5), Internet Request for Comments (RFC) 1510, Intemet Activities Board, U.S.A., 1993.
	LIN1	J. Linn, Privacy Enhancement for lnternet Electronic Mail, Part I: Message Encryption and Authentication Procedures, Request for Comments (RFC) 1421, Internet Activities Board, U.S.A., 1993.
	RIV1	R. L. Rivest , A. Shamir , L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, v.21 n.2, p.120-126, Feb. 1978  [doi>10.1145/359340.359342]

• Data structures for quadtree approximation and compression Communications of the ACM   28, 9
  Hanan Samet
  
  
• A hierarchical single-key-lock access control using the Chinese remainder theorem Proceedings of the 1992 ACM/SIGAPP Symposium on Applied computing
  Kim S. Lee ,  Huizhu Lu ,  D. D. Fisher
  
  
• The GemStone object database management system Communications of the ACM   34, 10
  Paul Butterworth ,  Allen Otis ,  Jacob Stein
  
  
• An intelligent component database for behavioral synthesis Proceedings of the 27th ACM/IEEE Design Automation Conference on
  Gwo-Dong Chen ,  Daniel D. Gajski
  
  
• Putting innovation to work: adoption strategies for multimedia communication systems Communications of the ACM   34, 12
  Ellen Francik ,  Susan Ehrlich Rudman ,  Donna Cooper ,  Stephen Levine