Role-Based Access Control Models
Computer
Parallel shortcutting of rooted trees
Journal of Algorithms
A cryptographic solution to implement access control in a hierarchy and more
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy
IEEE Transactions on Knowledge and Data Engineering
A new dynamic key generation scheme for access control in a hierarchy
Nordic Journal of Computing
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
Low Cost Attacks on Tamper Resistant Devices
Proceedings of the 5th International Workshop on Security Protocols
A new key assignment scheme for enforcing complicated access control policies in hierarchy
Future Generation Computer Systems - Selected papers from CCGRID 2002
Controlling access in large partially ordered hierarchies using cryptographic keys
Journal of Systems and Software
On permissions, inheritance and role hierarchies
Proceedings of the 10th ACM conference on Computer and communications security
Enterprise Application Integration using a Component-based Architecture
COMPSAC '03 Proceedings of the 27th Annual International Conference on Computer Software and Applications
Foundations of Cryptography: Volume 2, Basic Applications
Foundations of Cryptography: Volume 2, Basic Applications
A Key Assignment Scheme for Controlling Access in Partially Ordered User Hierarchies
AINA '04 Proceedings of the 18th International Conference on Advanced Information Networking and Applications - Volume 2
A Novel Key Management Scheme for Dynamic Access Control in a User Hierarchy
COMPSAC '04 Proceedings of the 28th Annual International Computer Software and Applications Conference - Volume 01
Cryptographic key assignment schemes for any access control policy
Information Processing Letters
Hierarchical key management scheme using polynomial interpolation
ACM SIGOPS Operating Systems Review
Approximating k-spanner problems for k 2
Theoretical Computer Science
Dynamic and efficient key management for access hierarchies
Proceedings of the 12th ACM conference on Computer and communications security
Scalable public-key tracing and revoking
Distributed Computing
Tamper resistance: a cautionary note
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
A novel hierarchical key management scheme based on quadratic residues
ISPA'04 Proceedings of the Second international conference on Parallel and Distributed Processing and Applications
Efficient provably-secure hierarchical key assignment schemes
MFCS'07 Proceedings of the 32nd international conference on Mathematical Foundations of Computer Science
Variations on a theme by Akl and Taylor: Security and tradeoffs
Theoretical Computer Science
Secure and efficient access to outsourced data
Proceedings of the 2009 ACM workshop on Cloud computing security
Patient controlled encryption: ensuring privacy of electronic medical records
Proceedings of the 2009 ACM workshop on Cloud computing security
Key allocation schemes for private social networks
Proceedings of the 8th ACM workshop on Privacy in the electronic society
Constructing key assignment schemes from chain partitions
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Efficient multi-dimensional key management in broadcast services
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Practical and efficient cryptographic enforcement of interval-based access control policies
ACM Transactions on Information and System Security (TISSEC)
Cryptographic enforcement of role-based access control
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Bounded vector signatures and their applications
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Transitive-closure spanners: a survey
Property testing
Transitive-closure spanners: a survey
Property testing
Steiner transitive-closure spanners of low-dimensional posets
ICALP'11 Proceedings of the 38th international colloquim conference on Automata, languages and programming - Volume Part I
Efficient provably-secure hierarchical key assignment schemes
Theoretical Computer Science
Time-storage trade-offs for cryptographically-enforced access control
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Private data indexes for selective access to outsourced data
Proceedings of the 10th annual ACM workshop on Privacy in the electronic society
Secured cloud storage scheme using ECC based key management in user hierarchy
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Optimizing segment based document protection
SOFSEM'12 Proceedings of the 38th international conference on Current Trends in Theory and Practice of Computer Science
Privacy enhanced data outsourcing in the cloud
Journal of Network and Computer Applications
Mobile Agent Application and Integration in Electronic Anamnesis System
Journal of Medical Systems
Enforcing subscription-based authorization policies in cloud scenarios
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Algebraic Framework for the Specification and Analysis of Cryptographic-Key Distribution
Fundamenta Informaticae
Simple, efficient and strongly KI-Secure hierarchical key assignment schemes
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
A generic algebraic model for the analysis of cryptographic-key assignment schemes
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
How to use attribute-based encryption to implement role-based access control in the cloud
Proceedings of the 2013 international workshop on Security in cloud computing
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
CloudHKA: a cryptographic approach for hierarchical access control in cloud computing
ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Hi-index | 0.00 |
Hierarchies arise in the context of access control whenever the user population can be modeled as a set of partially ordered classes (represented as a directed graph). A user with access privileges for a class obtains access to objects stored at that class and all descendant classes in the hierarchy. The problem of key management for such hierarchies then consists of assigning a key to each class in the hierarchy so that keys for descendant classes can be obtained via efficient key derivation. We propose a solution to this problem with the following properties: (1) the space complexity of the public information is the same as that of storing the hierarchy; (2) the private information at a class consists of a single key associated with that class; (3) updates (i.e., revocations and additions) are handled locally in the hierarchy; (4) the scheme is provably secure against collusion; and (5) each node can derive the key of any of its descendant with a number of symmetric-key operations bounded by the length of the path between the nodes. Whereas many previous schemes had some of these properties, ours is the first that satisfies all of them. The security of our scheme is based on pseudorandom functions, without reliance on the Random Oracle Model. Another substantial contribution of this work is that we are able to lower the key derivation time at the expense of modestly increasing the public storage associated with the hierarchy. Insertion of additional, so-called shortcut, edges, allows to lower the key derivation to a small constant number of steps for graphs that are total orders and trees by increasing the total number of edges by a small asymptotic factor such as O(log* n) for an n-node hierarchy. For more general access hierarchies of dimension d, we use a technique that consists of adding dummy nodes and dimension reduction. The key derivation work for such graphs is then linear in d and the increase in the number of edges is by the factor O(logd − 1 n) compared to the one-dimensional case. Finally, by making simple modifications to our scheme, we show how to handle extensions proposed by Crampton [2003] of the standard hierarchies to “limited depth” and reverse inheritance.