The enforcement of access control policies using cryptography has received considerable attention in recent years and the security of such enforcement schemes is increasingly well understood. Recent work in the area has considered the efficient enforcement of temporal and geo-spatial access control policies, and asymptotic results for the time and space complexity of efficient enforcement schemes have been obtained. However, for practical purposes, it is useful to have explicit bounds for the complexity of enforcement schemes. In this article we consider interval-based access control policies, of which temporal and geo-spatial access control policies are special cases. We define enforcement schemes for interval-based access control policies for which it is possible, in almost all cases, to obtain exact values for the schemes ’ complexity, thereby subsuming a substantial body of work in the literature. Moreover, our enforcement schemes are more practical than existing schemes, in the sense that they operate in the same way as standard cryptographic enforcement schemes, unlike other efficient schemes in the literature. The main difference between our approach and earlier work is that we develop techniques that are specific to the cryptographic enforcement of intervalbased access control policies, rather than applying generic techniques that give rise to complex constructions and asymptotic bounds.

Publicly Verifiable Outsourced Computation (PVC) allows devices with restricted re-sources to delegate expensive computations to more powerful external servers, and to verify the correctness of results. Whilst highlybeneficial in many situations, this increases the visi-bility and availability of potentially sensitive data, so we may wish to limit the sets of entities that can view input data and results. Additionally, it is highly unlikely that all users have identical and uncontrolled access to all functionality within an organization. Thus there is a need for access control mechanisms in PVC environments. In this work, we define a new framework for Publicly Verifiable Outsourced Computation with Access Control (PVC-AC). We formally define algorithms to provide different PVC functionality for each entity within a large outsourced computation environment, and discuss the forms of access control policies that are applicable, and necessary, in such environments, as well as formally modelling the resulting security properties. Finally, we give an example instantiation that (in a black-box and generic fashion) combines existing PVC schemes with symmetric Key Assignment Schemes to cryptographically enforce the policies of interest. 1