Abstract
In recent years, we have seen the development of key assignment schemes that use cryptography to enforce time-based authorization policies. One of the most important aspects of these schemes is the balance between the time required to derive keys and the amount of storage required for the public information from which keys are derived. The derivation time and storage are dependent on the number of time periods used in the authorization policy. In this paper, we discuss novel schemes that achieve good trade-offs between these competing parameters and for which explicit bounds can be given in terms of the number of time periods.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Akl, S.G., Taylor, P.D.: Cryptographic solution to a problem of access control in a hierarchy. ACM Transactions on Computer Systems 1(3), 239–248 (1983)
Atallah, M.J., Blanton, M., Frikken, K.B.: Incorporating temporal capabilities in existing key management schemes. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 515–530. Springer, Heidelberg (2007)
Atallah, M.J., Frikken, K.B., Blanton, M.: Dynamic and efficient key management for access hierarchies. In: Proceedings of 12th ACM Conference on Computer and Communications Security, pp. 190–202 (2005)
Ateniese, G., De Santis, A., Ferrara, A.L., Masucci, B.: Provably-secure time-bound hierarchical key assignment schemes. In: Proceedings of 13th ACM Conference on Computer and Communications Security, pp. 288–297 (2006)
Bell, D.E., LaPadula, L.: Secure computer systems: Unified exposition and Multics interpretation. Technical Report MTR-2997, Mitre Corporation, Bedford, Massachusetts (1976)
Bertino, E., Bonatti, P.A., Ferrari, E.: TRBAC: A temporal role-based access control model. TISSEC 4(3), 191–223 (2001)
Bertino, E., Carminati, B., Ferrari, E.: A temporal key management scheme for secure broadcasting of XML documents. In: Proceedings of the 8th ACM Conference on Computer and Communications Security, pp. 31–40 (2002)
Crampton, J.: Cryptographically-enforced hierarchical access control with multiple keys. In: Journal of Logic and Algebraic Programming (to appear, 2009); electronic preprint available from doi:10.1016/j.jlap.2009.04.001
Crampton, J., Martin, K., Wild, P.: On key assignment for hierarchical access control. In: Proceedings of 19th Computer Security Foundations Workshop, pp. 98–111 (2006)
Davey, B.A., Priestley, H.A.: Introduction to Lattices and Order. Cambridge University Press, Cambridge (1990)
De Santis, A., Ferrara, A.L., Masucci, B.: New constructions for provably-secure time-bound hierarchical key assignment schemes. In: Proceedings of 12th ACM Symposium on Access Control Models and Technologies, pp. 133–138 (2007)
Denning, D.E.: A lattice model of secure information flow. Communications of the ACM 19(5), 236–243 (1976)
Dushnik, B., Miller, E.W.: Partially ordered sets. American Journal of Mathematics 63(3), 600–610 (1941)
Thorup, M.: Shortcutting planar digraphs. Technical Report 93-60, DIMACS (1993)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Crampton, J. (2009). Trade-Offs in Cryptographic Implementations of Temporal Access Control. In: Jøsang, A., Maseng, T., Knapskog, S.J. (eds) Identity and Privacy in the Internet Age. NordSec 2009. Lecture Notes in Computer Science, vol 5838. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-04766-4_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-04766-4_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-04765-7
Online ISBN: 978-3-642-04766-4
eBook Packages: Computer ScienceComputer Science (R0)