An Optimal Algorithm for Assigning Cryptographic Keys to Control Access in a Hierarchy
IEEE Transactions on Computers
On some cryptographic solutions for access control in a tree hierarchy
ACM '87 Proceedings of the 1987 Fall Joint Computer Conference on Exploring technology: today and tomorrow
Cryptographic implementation of a tree hierarchy for access control
Information Processing Letters
A cryptographic key generation scheme for multilevel data security
Computers and Security
Membership authentication for hierarchical multigroups using the extended Fiat-Shamir scheme
EUROCRYPT '90 Proceedings of the workshop on the theory and application of cryptographic techniques on Advances in cryptology
Hierarchical classification as an aid to database and hit-list browsing
CIKM '94 Proceedings of the third international conference on Information and knowledge management
Cryptographic solution to a problem of access control in a hierarchy
ACM Transactions on Computer Systems (TOCS)
A cryptographic solution to implement access control in a hierarchy and more
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Proceedings on Mathematical Foundations of Computer Science
Flexible Access Control with Master Keys
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Sibling Intractable Function Families and Their Applications (Extended Abstract)
ASIACRYPT '91 Proceedings of the International Conference on the Theory and Applications of Cryptology: Advances in Cryptology
A new key assignment scheme for enforcing complicated access control policies in hierarchy
Future Generation Computer Systems - Selected papers from CCGRID 2002
Controlling access in large partially ordered hierarchies using cryptographic keys
Journal of Systems and Software
Enterprise Application Integration using a Component-based Architecture
COMPSAC '03 Proceedings of the 27th Annual International Conference on Computer Software and Applications
A Key Assignment Scheme for Controlling Access in Partially Ordered User Hierarchies
AINA '04 Proceedings of the 18th International Conference on Advanced Information Networking and Applications - Volume 2
A Novel Key Management Scheme for Dynamic Access Control in a User Hierarchy
COMPSAC '04 Proceedings of the 28th Annual International Computer Software and Applications Conference - Volume 01
Cryptographic key assignment schemes for any access control policy
Information Processing Letters
Dynamic and efficient key management for access hierarchies
Proceedings of the 12th ACM conference on Computer and communications security
Provably-secure time-bound hierarchical key assignment schemes
Proceedings of the 13th ACM conference on Computer and communications security
Efficient techniques for realizing geo-spatial access control
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
New constructions for provably-secure time-bound hierarchical key assignment schemes
Proceedings of the 12th ACM symposium on Access control models and technologies
New constructions for provably-secure time-bound hierarchical key assignment schemes
Theoretical Computer Science
SODA '09 Proceedings of the twentieth Annual ACM-SIAM Symposium on Discrete Algorithms
Key hierarchies for hierarchical access control in secure group communications
Computer Networks: The International Journal of Computer and Telecommunications Networking
Efficient and secure distribution of massive geo-spatial data
Proceedings of the 17th ACM SIGSPATIAL International Conference on Advances in Geographic Information Systems
Constructing key assignment schemes from chain partitions
DBSec'10 Proceedings of the 24th annual IFIP WG 11.3 working conference on Data and applications security and privacy
Efficient multi-dimensional key management in broadcast services
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Practical and efficient cryptographic enforcement of interval-based access control policies
ACM Transactions on Information and System Security (TISSEC)
Transitive-closure spanners: a survey
Property testing
Transitive-closure spanners: a survey
Property testing
Efficient provably-secure hierarchical key assignment schemes
Theoretical Computer Science
Time-storage trade-offs for cryptographically-enforced access control
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Efficient provably-secure hierarchical key assignment schemes
MFCS'07 Proceedings of the 32nd international conference on Mathematical Foundations of Computer Science
Incorporating temporal capabilities in existing key management schemes
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Hi-index | 0.01 |
Access hierarchies are useful in many applications and are modeled as a set of access classes organized by a partial order. A user who obtains access to a class in such a hierarchy is entitled to access objects stored at that class, as well as objects stored at its descendant classes. Efficient schemes for this framework assign only one key to a class and use key derivation to permit access to descendant classes. Ideally, the key derivation uses simple primitives such as cryptographic hash computations and modular additions. A straightforward key derivation time is then linear in the length of the path between the user's class and the class of the object that the user wants to access. Recently, work presented in [2] has given an efficient solution that significantly lowers this key derivation time, while using only hash functions and modular additions. Two fastkey-derivation techniques in that paper were given for trees, achieving O(log log n) and O(1) key derivation times, respectively, where n is the number of access classes. The present paper presents efficient key derivation techniques for hierarchies that are not trees, using a scheme that is very different from the above-mentioned paper. The construction we give in the present paper is recursive and uses the onedimensional case solution as its base. It makes a novel use of the notion of the dimension d of an access graph, and provides a solution through which no key derivation requires more than 2d+1 hash function computations, even for "unbalanced" hierarchies whose depth is linear in their number of access classes n. The significance of this result is strengthened by the fact that many access graphs have a low d value (e.g., trees correspond to the case d = 2). Our scheme has the desirable property (as did [2] for trees) that addition and deletion of edges and nodes in the access hierarchy can be "contained".