ABSTRACT
The problem of key management in an access hierarchy has elicited much interest in the literature. The hierarchy is modeled as a set of partially ordered classes (represented as a directed graph), and a user who obtains access (i.e., a key) to a certain class can also obtain access to all descendant classes of her class through key derivation. Our solution to the above problem has the following properties: (i) only hash functions are used for a node to derive a descendant's key from its own key; (ii) the space complexity of the public information is the same as that of storing the hierarchy; (iii) the private information at a class consists of a single key associated with that class; (iv) updates (revocations, additions, etc.) are handled locally in the hierarchy; (v) the scheme is provably secure against collusion; and (vi) key derivation by a node of its descendant's key is bounded by the number of bit operations linear in the length of the path between the nodes. Whereas many previous schemes had some of these properties, ours is the first that satisfies all of them. Moreover, for trees (and other "recursively decomposable" hierarchies), we are the first to achieve a worst- and average-case number of bit operations for key derivation that is exponentially better than the depth of a balanced hierarchy (double-exponentially better if the hierarchy is unbalanced, i.e., "tall and skinny"); this is achieved with only a constant increase in the space for the hierarchy. We also show how with simple modifications our scheme can handle extensions proposed by Crampton of the standard hierarchies to "limited depth" and reverse inheritance [13]. The security of our scheme relies only on the use of pseudo-random functions.
- S. Akl and P. Taylor. Cryptographic solution to a problem of access control in a hierarchy. ACM Transactions on Computer Systems, 1(3):239--248, September 1983. Google ScholarDigital Library
- R. Anderson and M. Kuhn. Tamper resistance - a cautionary note. In USENIX Workshop on Electronic Commerce, pages 1--11, November 1996. Google ScholarDigital Library
- R. Anderson and M. Kuhn. Low cost attacks on tamper resistant devices. In Security Protocols Workshop, volume 1361 of LNCS, pages 125--136, April 1997. Google ScholarDigital Library
- D. Bell and L. LaPadula. Secure computer systems: Mathematical foundations. Technical Report MTR-2547, MITRE Corporation, March 1973.Google Scholar
- J. Birget, X. Zou, G. Noubir, and B. Ramamurthy. Hierarchy-based access control in distributed environments. In ICC Conference 2001, June 2001.Google ScholarCross Ref
- C. Chang and D. Buehrer. Access control in a hierarchy using a one-way trapdoor function. Computers and Mathematics with Applications, 26(5):71--76, 1993.Google ScholarCross Ref
- C. Chang, I. Lin, H. Tsai, H. Wang, and T. Taichung. A key assignment scheme for controlling access in partially ordered user hierarchies. In International Conference on Advanced Information Networking and Application (AINA'04), 2004. Google ScholarDigital Library
- T. Chen and Y Chung. Hierarchical access control based on chinese remainder theorem and symmetric algorithm. Computers & Security, 2002.Google ScholarDigital Library
- T. Chen, Y. Chung, and C. Tian. A novel key management scheme for dynamic access control in a user hierarchy. In IEEE Annual International Computer Software and Applications Conference (COMPSAC'04), pages 396--401, September 2004. Google ScholarDigital Library
- G. Chick and S. Tavares. Flexible access control with master keys. In Advances in Cryptology - CRYPTO'89, volume 435 of LNCS, pages 316--322, 1990. Google ScholarDigital Library
- H. Chien and J. Jan. New hierarchical assignment without public key cryptography. Computers & Security, 22(6):523--526, 2003.Google ScholarDigital Library
- J. Chou, C. Lin, and T. Lee. A novel hierarchical key management scheme based on quadratic residues. In Internation Symposium on Parallel and Distributed Processing and Applications (ISPA'04), volume 3358, pages 858--865, December 2004. Google ScholarDigital Library
- J. Crampton. On permissions, inheritance and role hierarchies. In ACM Conference on Computer and Communications Security (CCS), pages 85--92, October 2003. Google ScholarDigital Library
- M. Das, A. Saxena, V. Gulati, and D. Phatak. Hierarchical key management scheme using polynomial interpolation. ACM SIGOPS Operating Systems Review, 39(1):40--47, January 2005. Google ScholarDigital Library
- D. Denning, S. Akl, M. Morgenstern, and P. Neumann. Views for multilevel database security. In IEEE Symposium on Security and Privacy, pages 156--172, April 1986.Google ScholarCross Ref
- D. Ferraiolo and D. Kuhn. Role based access control. In National Computer Security Conference, 1992.Google Scholar
- A. Ferrara and B. Masucci. An information-theoretic approach to the access control problem. In Italian Conference on Theoretical Computer Science (ICTCS'03), volume 2841, pages 342--354, October 2003.Google ScholarCross Ref
- L. Fraim. Scomp: a solution to multilevel security problem. IEEE Computer, 16(7):126--143, July 1983.Google ScholarDigital Library
- J. Gilbert, J. Hutchinson, and R. Tarjan. A separation theorem for graphs of bounded genus. Journal of Algorithms, 5:391--407, 1984. Google ScholarDigital Library
- M. Goodrich. Planar separators and parallel polygon triangulation. In Annual ACM Symposium on Theory of Computing, pages 507--516, 1992. Google ScholarDigital Library
- L. Guibas, J. Hershberger, D. Leven, M. Sharir, and R. Tarjan. Linear time algorithms for visibility and shortest path problems inside simple polygons. In Annual ACM Symposium on Computational Geometry, pages 1--13, 1986. Google ScholarDigital Library
- L. Harn and H. Lin. A cryptographic key generation scheme for multilevel data security. Computers & Security, 9(6):539--546, October 1990. Google ScholarDigital Library
- M. He, P. Fan, F. Kaderali, and D. Yuan. Access key distribution scheme for level-based hierarchy. In International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT'03), pages 942--945, August 2003.Google Scholar
- H. Huang and C. Chang. A new cryptographic key assignment scheme with time-constraint access control in a hierarchy. Computer Standards & Interfaces, 26:159--166, 2004.Google ScholarCross Ref
- M. Hwang. An improvement of novel cryptographic key assignment scheme for dynamic access control in a hierarchy. IEICE Trans. Fundamentals, E82-A(2):548--550, March 1999.Google Scholar
- M. Hwang. A new dynamic key generation scheme for access control in a hierarchy. Nordic Journal of Computing, 6(4):363--371, Winter 1999. Google ScholarDigital Library
- M. Hwang and W. Yang. Controlling access in large partially ordered hierarchies using cryptographic keys. Journal of Systems and Software, 67(2):99--107, August 2003. Google ScholarDigital Library
- D. Knuth. Sorting and Searching, volume 3 of The Art of Computer Programming. Addison-Wesley, 1973.Google Scholar
- H. Liaw, S. Wang, and C. Lei. A dynamic cryptographic key assignment scheme in a tree structure. Computers and Mathematics with Applications, 25(6):109--114, 1993.Google ScholarCross Ref
- C. Lin. Hierarchical key assignment without public-key cryptography. Computers & Security, 20(7):612--619, 2001.Google ScholarDigital Library
- I. Lin, M. Hwang, and C. Chang. A new key assignment scheme for enforcing complicated access control policies in hierarchy. Future Generation Computer Systems, 19(4):457--462, 2003. Google ScholarDigital Library
- R. Lipton and R. Tarjan. A separator theorem for planar graphs. SIAM Journal Applied Mathemathics, 36:177--189, 1979.Google ScholarCross Ref
- W. Lu and M. Sundareshan. A moredle for multilevel security in computer networks. In INFOCOM'88, pages 1095--1104, 1988.Google Scholar
- S. MacKinnon, P. Taylor, H. Meijer, and S. Akl. An optimal algorithm for assigning cryptographic keys to control access in a hierarchy. IEEE Transactions on Computers, 34(9):797--802, September 1985. Google ScholarDigital Library
- P. Maheshwari. Enterprise application integration using a component-based architecture. In IEEE Annual International Computer Software and Applications Conference (COMSAC'03), pages 557--563, 2003. Google ScholarDigital Library
- J. McHugh and A. Moore. A security policy and formal top level specification for a multi-level secure local area network. In IEEE Symposiom on Security and Privacy, pages 34--49, 1986.Google ScholarCross Ref
- K. Ohta, T. Okamoto, and K. Koyama. Membership authentication for hierarchical multigroups using the extended fiat-shamir scheme. In Workshop on the Theory and Application of Cryptographic Techniques on Advances in Cryptology, pages 446--457, February 1991. Google ScholarDigital Library
- I. Ray, I. Ray, and N. Narasimhamurthi. A cryptographic solution to implement access control in a hierarchy and more. In ACM Symposium on Access Control Models and Technologies, June 2002. Google ScholarDigital Library
- J. Rose and J. Gasteiger. Hierarchical classification as an aid to database and hit-list browsing. In International Conference on Information and Knowledge Management, pages 408--414, 1994. Google ScholarDigital Library
- R. Sandhu. On some cryptographic solutions for access control in a tree hierarchy. In Fall Joint Computer Conference on Exploring technology: today and tomorrow, pages 405--410, December 1987. Google ScholarDigital Library
- R. Sandhu, E. Coyne, H. Feinstein, and C. Youman. Role-based access control models. IEEE Computer, 29(2):38--47, 1996. Google ScholarDigital Library
- R.S. Sandhu. Cryptographic implementation of a tree hierarchy for access control. Information Processing Letters, 27(2):95--98, January 1988. Google ScholarDigital Library
- A. De Santis, A. Ferrara, and B. Masucci. Cryptographic key assignment schemes for any access control policy. Information Processing Letters (IPL), 92(4):199--205, November 2004. Google ScholarDigital Library
- V. Shen and T. Chen. A novel key management scheme based on discrete logarithms and polynomial interpolations. Computers & Security, 21(2):164--171, 2002.Google ScholarDigital Library
- Y. Sun and K. Liu. Scalable hierarchical access control in secure group communication. In IEEE INFOCOM 2004, 2004.Google ScholarCross Ref
- H. Tsai and C. Chang. A cryptographic implementation for dynamic access control in a user hierarchy. Computers & Security, 14(2):159--166, 1995.Google ScholarDigital Library
- W. Tzeng. A time-bound cryptographic key assignment scheme for access control in a hierarchy. IEEE Transactions on Knowledge and Data Engineering, 14(1):182--188, 2002. Google ScholarDigital Library
- J. Wu and R. Wei. An access control scheme for partially ordered set hierarchy with provable security. Cryptology ePrint Archive, Report 2004/295, 2004. http://eprint.iacr.org/.Google Scholar
- T. Wu and C. Chang. Cryptograpic key assignment scheme for hierarchical access control. International Journal of Computer Systems Science and Engineering, 1(1):25--28, 2001.Google Scholar
- J. Yeh, R. Chow, and R. Newman. A key assignment for enforcing access control policy exceptions. In International Symposium on Internet Technology, pages 54--59, 1998.Google Scholar
- Q. Zhang and Y. Wang. A centralized key management scheme for hierarchical access control. In IEEE Global Telecommunications Conference (Globecom'04), 2004.Google ScholarCross Ref
- Y. Zheng, T. Hardjono, and J. Pieprzyk. Sibling intractable function families and their applications. In Advances in Cryptology - AsiaCrypt'91, LNCS, 1992. Google ScholarDigital Library
- Y. Zheng, T. Hardjono, and J. Seberry. New solutions to the problem of access control in a hierarchy. Technical report, 1993.Google Scholar
- S. Zhong. A practical key management scheme for access control in a user hierarchy. Computers & Security, 21(8):750--759, 2002.Google ScholarDigital Library
Index Terms
- Dynamic and efficient key management for access hierarchies
Recommendations
Dynamic and Efficient Key Management for Access Hierarchies
Hierarchies arise in the context of access control whenever the user population can be modeled as a set of partially ordered classes (represented as a directed graph). A user with access privileges for a class obtains access to objects stored at that ...
Secure key management scheme for dynamic hierarchical access control based on ECC
An access control mechanism in a user hierarchy is used to provide the management of sensitive information for authorized users. The users and their own information can be organized into a number of disjoint sets of security classes according to their ...
Key hierarchies for hierarchical access control in secure group communications
The problem of hierarchical access control in secure group communications has elicited much interest in the literatures. However, most of the researches to date on hierarchical access control pay more attention to the particular encryption techniques, ...
Comments