报告题目：Anonymous Access and User Revocation System using ABS in Cloud Environment
报告人：美国纽约高盛集团（Goldman Sachs, in New York, USA）Zhiqian Xu
摘要：Cloud computing provides service models to both businesses and individual users for either paid or free computing resources. Those service models enable on-demand computing capacity, and management to users anywhere via the Internet. The trust required for the public cloud service providers (CSPs) and the shared multi-tenant environment present special challenges for data protection and access control. Attribute-Based Signature (ABS) schemes not only protect user secrecy, but also have fine-grain access policies that are automatically enforced during the user identification and authorization process. ABS can therefore be used to facilitate anonymous access control and allow users to sign messages without disclosing their identities. However, access control approaches associated with existing ABS schemes also have practical limitations concerning dynamic user and attribute revocation, in particular anonymous user revocation. In this talk, we will discuss how to adopt existing ABSs and provide them with more flexible user and attribute management capability.
报告人概况：Zhiqian Xu received her B.S. degree from Beijing University of Posts and Telecommunications, China, M.A. degree from Wayne State University, Detroit, MI, USA. She is a Ph.D. candidate at Royal Holloway, University of London and a Vice President at Goldman Sachs, in New York, USA.
Zhiqian’s research topics include data access control and privacy protection in cloud environments. She has published 11 papers in refereed journals and conference proceedings. Her current research interests include attribute-based cryptography, homomorphic encryption, anonymous access control, and data protection in cloud environments.
Zhiqian also has more than 20-year industry experience as a software developer and information security professional. Her major skills include application and data security design and architecture, risk management, application penetration test and vulnerability management, security governance and strategy/framework development, IT project management, software development and support.