Skip to main content
SpringerLink
Log in
Book cover

Italian Conference on Theoretical Computer Science

ICTCS 2003: Theoretical Computer Science pp 342–354Cite as

An Information-Theoretic Approach to the Access Control Problem

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2841))

Abstract

In this paper we propose an information-theoretic approach to the access control problem in a scenario where a group of users is divided into a number of disjoint classes. The set of rules that specify the information flow between different user classes in the system defines an access control policy. An access control policy can be implemented by using a key assignment scheme, where a trusted central authority (CA) assigns an encryption key and some private information to each class. We consider key assignment schemes which are unconditionally secure against attacks carried out by any coalition of classes. We show lower bounds on the size of the private information that each class has to store and on the amount of randomness needed by the CA to set up any key assignment scheme. Finally, we propose an optimal construction for unconditionally secure key assignment schemes.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Akl, S.G., Taylor, P.D.: Cryptographic Solution to a Problem of Access Control in a Hierarchy. ACM Trans. Comput. Syst. 1(3), 239–248 (1983)

    Article  Google Scholar 

  2. Chang, C.C., Hwang, R.J., Wu, T.C.: Cryptographic Key Assignment Scheme for Access Control in a Hierarchy. Information Systems 17(3), 243–247 (1992)

    Article  Google Scholar 

  3. Cover, T.M., Thomas, J.A.: Elements of Information Theory. John Wiley & Sons, Chichester (1991)

    Book  MATH  Google Scholar 

  4. De Santis, A., Ferrara, A.L., Masucci, B.: Cryptographic Key Assignment Schemes for Any Access Control Policy (submitted for publication)

    Google Scholar 

  5. De Santis, A., Ferrara, A.L., Masucci, B.: Unconditionally Secure Hierarchical Key Assignment Schemes. In: Proc. of the International Workshop on Coding and Cryptography - WCC 2003, Versailles, France, March 24–28 (2003)

    Google Scholar 

  6. Harn, L., Lin, H.Y.: A Cryptographic Key Generation Scheme for Multilevel Data Security. Computers and Security 9(6), 539–546 (1990)

    Article  Google Scholar 

  7. Hwang, M.S.: A Cryptographic Key Assignment Scheme in a Hierarchy for Access Control. Math. Comput. Modeling 26(1), 27–31 (1997)

    Article  MATH  Google Scholar 

  8. Hwang, M.S.: An Improvement of a Dynamic Cryptographic Key Assignment Scheme in a Tree Hierarchy. Comput. Math. Appl. 37(3), 19–22 (1999)

    Article  MathSciNet  Google Scholar 

  9. Hwang, M.S.: Cryptanalysis of YCN Key Assignment Scheme in a Hierarchy. Information Processing Letters 73, 97–101 (2000)

    Article  MATH  MathSciNet  Google Scholar 

  10. Hwang, M.S., Yang, W.P., Chang, C.C.: Modified Chang-Hwang-Wu Access Control Scheme. Electronic Letters 29(24), 2095–2096 (1993)

    Article  Google Scholar 

  11. Knuth, D.E., Yao, A.C.: The Complexity of Nonuniform Random Number Generation. In: Algorithms and Complexity, pp. 357–428. Academic Press, London (1976)

    Google Scholar 

  12. Liaw, H.T., Wang, S.J., Lei, C.L.: A Dynamic Cryptographic Key Assignment Scheme in a Tree Structure. Comput. Math. Appl. 25(6), 109–114 (1993)

    Article  MATH  MathSciNet  Google Scholar 

  13. Liaw, H.T., Lei, C.L.: An Optimal Algorithm to Assign Cryptographic Keys in a Tree Structure for Access Control. BIT 33, 46–56 (1993)

    Article  MATH  MathSciNet  Google Scholar 

  14. Lin, C.H.: Dynamic Key Management Schemes for Access Control in a Hierarchy. Computer Communications 20, 1381–1385 (1997)

    Article  Google Scholar 

  15. MacKinnon, S.J., Taylor, P.D., Meijer, H., Akl, S.G.: An Optimal Algorithm for Assigning Cryptographic Keys to Control Access in a Hierarchy. IEEE Trans. Comput. C-34(9), 797–802 (1985)

    Article  Google Scholar 

  16. Ray, I., Ray, I., Narasimhamurthi, N.: A Cryptographic Solution to Implement Access Control in a Hierarchy and More. In: Proc. of the Seventh ACM Symposium on Access Models and Technologies, pp. 65–73. ACM Press, New York (2002)

    Chapter  Google Scholar 

  17. Sandhu, R.S.: Cryptographic Implementation of a Tree Hierarchy for Access Control. Information Processing Letters 27, 95–98 (1988)

    Article  Google Scholar 

  18. Shen, V.R.L., Chen, T.S., Lai, F.: Novel Cryptographic Key Assignment Scheme for Dynamic Access Control in a Hierarchy. IEICE Trans. on Fundamentals E80- A(10), 2035–2037 (1997)

    Google Scholar 

  19. Yeh, J.H., Chow, R., Newman, R.: A Key Assignment for Enforcing Access Control Policy Exceptions. In: Proc. of the International Symposium on Internet Technology, pp. 54–59 (1998)

    Google Scholar 

  20. Tzeng, W.-G.: A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy. IEEE Trans. on Knowledge and Data Eng. 14 (2002)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Informatica ed Applicazioni, Università di Salerno, 84081, Baronissi (SA), Italy

    Anna Lisa Ferrara & Barbara Masucci

Authors
  1. Anna Lisa Ferrara
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Barbara Masucci
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dipartimento di Informatica e Applicazioni, Università degli Studi di Salerno, Via Ponte Don Melillo, I-84084, Fisciano, SA, Italy

    Carlo Blundo

  2. Department of Computer Science, University of Bologna,  

    Cosimo Laneve

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Ferrara, A.L., Masucci, B. (2003). An Information-Theoretic Approach to the Access Control Problem. In: Blundo, C., Laneve, C. (eds) Theoretical Computer Science. ICTCS 2003. Lecture Notes in Computer Science, vol 2841. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45208-9_27

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-45208-9_27

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-20216-5

  • Online ISBN: 978-3-540-45208-9

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation