This thesis examines a new approach to attribute-based access control with hidden policies and hidden credentials. In this setting, a resource owner has an access control policy that is a function of Boolean-valued attributes of the resource requester. Access to the resource should be granted if and only if the resource owner's policy is satisfied, but we wish to hide the access control policy from the resource requester and the requester's attributes from the resource owner.Previous solutions to this problem involved the use of cryptographic credentials held by the resource requester, but it is obvious that if no information is provided about the access control policy, then the resource requester must try to satisfy the policy using every available credential. An initial contribution of this thesis is the first published empirical evaluation of the state-of-the-art protocol of Frikken, Atallah, and Li for access control with hidden policies and hidden credentials, demonstrating that the computational cost of the required cryptographic operations is highly burdensome.A new system model is then proposed that includes the active involvement of online certification authorities (CAs). These are entities that can provide authoritative information about the attributes in a resource owner's access control policy. Allowing the resource owner to query these online CAs immediately removes the need for the resource requester to guess which credentials to use.If the resource owner was allowed to learn the values of a requester's attributes from online CAs, however, the requester's credentials would no longer be private. This thesis examines cryptographic solutions in which the CAs' replies do not directly reveal any attribute information to the resource owner, but can nevertheless be used in the enforcement of an access control policy. The techniques considered involve scrambled circuit evaluation, homomorphic encryption, and secure multiparty computation using arithmetic circuits and Shamir secret sharing. Empirical experiments demonstrate that the proposed protocols can provide an order-of-magnitude performance improvement over existing solutions
