An Optimal Algorithm for Assigning Cryptographic Keys to Control Access in a Hierarchy
IEEE Transactions on Computers
Cryptographic implementation of a tree hierarchy for access control
Information Processing Letters
A cryptographic key generation scheme for multilevel data security
Computers and Security
Security in computing
Cryptographic solution to a problem of access control in a hierarchy
ACM Transactions on Computer Systems (TOCS)
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Batch rekeying for secure group communications
Proceedings of the 10th international conference on World Wide Web
Handbook of Applied Cryptography
Handbook of Applied Cryptography
A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy
IEEE Transactions on Knowledge and Data Engineering
Performance Optimizations for Group Key Management Schemes
ICDCS '03 Proceedings of the 23rd International Conference on Distributed Computing Systems
Security of Tzeng's Time-Bound Key Assignment Scheme for Access Control in a Hierarchy
IEEE Transactions on Knowledge and Data Engineering
Adding High Availability and Autonomic Behavior to Web Services
Proceedings of the 26th International Conference on Software Engineering
Efficient Time-Bound Hierarchical Key Assignment Scheme
IEEE Transactions on Knowledge and Data Engineering
Database Security-Concepts, Approaches, and Challenges
IEEE Transactions on Dependable and Secure Computing
Security of Chien's Efficient Time-Bound Hierarchical Key Assignment Scheme
IEEE Transactions on Knowledge and Data Engineering
CEC '05 Proceedings of the Seventh IEEE International Conference on E-Commerce Technology
Merging: An Efficient Solution for a Time-Bound Hierarchical Key Assignment Scheme
IEEE Transactions on Dependable and Secure Computing
Heuristics for Improving Cryptographic Key Assignment in a Hierarchy
AINAW '07 Proceedings of the 21st International Conference on Advanced Information Networking and Applications Workshops - Volume 01
Distributed and secure access control in P2P databases
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Detecting flaws in dynamic hierarchical key management schemes using specification animation
ICDCIT'12 Proceedings of the 8th international conference on Distributed Computing and Internet Technology
| Hi-index | 0.00 |
Shared data access maximizes resource utilization on the Internet but raises the issue of data security. We consider a method of shared data access control whereby the data is sub-divided into categories and each encrypted with a unique cryptographic key that is distributed to the user group requiring access. Key management can be simplified by classifying every user into exactly one of a number of disjoint groups that are partially ordered such that lower level keys are mathematically derivable from higher level keys, but not the reverse. The drawback in this approach is that changes in group membership imply updating both the affected group key and those that are derivable from it. Moreover, the data encrypted with the affected keys must be re-encrypted with the new keys to preserve data security. In the worst case, when the affected group is at the highest level of the hierarchy, the entire hierarchy is affected. This paper presents an algorithm that minimizes the cost of key replacement (rekeying) by associating a timestamp to each key. The timestamp and key are used to compute a verification signature that is used to authenticate users before data access is granted. Thus, whenever group membership changes, instead of rekeying and re-encrypting the affected data, only the timestamp is updated and a new verification signature computed. The new scheme is analyzed using both a time complexity and experimental analysis.