An Efficient Key Management Scheme for Access Control in a User Hierarchy

In a user hierarchy, a user belongs to higher-privileged class will have access right to message owned by user in a lower-privileged class; while the opposite in not allowed. Many schemes based on cryptography have been proposed to solve this problem. However, previous schemes need large values associated with each security class. Considering the solution of dynamic access problem in a hierarchy, a novel scheme based on the difficulty of factoring a produce of two large primes, Chinese remainder theorem and one-way hash function is proposed to manage the cryptographic keys in the paper. The scheme attempts to achieve two goals. One is to reduce the space needed to store public parameters. The other is to achieve both efficiency and on-iteration in deriving the successor’s secret keys.

[1]  Chi-Sung Laih,et al.  Cryptanalysis of Hwang-Yang scheme for controlling access in large partially ordered hierarchies , 2005, J. Syst. Softw..

[2]  Wei-Pang Yang,et al.  Controlling access in large partially ordered hierarchies using cryptographic keys , 2003, J. Syst. Softw..

[3]  Selim G. Akl,et al.  An Optimal Algorithm for Assigning Cryptographic Keys to Control Access in a Hierarchy , 1985, IEEE Transactions on Computers.

[4]  Selim G. Akl,et al.  Cryptographic solution to a problem of access control in a hierarchy , 1983, TOCS.

[5]  Ravi S. Sandhu,et al.  Cryptographic Implementation of a Tree Hierarchy for Access Control , 1988, Inf. Process. Lett..

[6]  Min-Shiang Hwang An improvement of a dynamic cryptographic key assignment scheme in a tree hierarchy , 1999 .

[7]  Jyh-haw Yeh,et al.  Key assignment for enforcing access control policy exceptions in distributed systems , 2003, Inf. Sci..

[8]  Chien-Lung Hsu,et al.  Cryptanalyses and improvements of two cryptographic key assignment schemes for dynamic access control in a user hierarchy , 2003, Comput. Secur..

[9]  Min-Shiang Hwang An asymmetric cryptographuic key assignment scheme for access control in totally-ordered hierarchies , 2000, Int. J. Comput. Math..

[10]  Victor R. L. Shen,et al.  A Novel Key Management Scheme Based on Discrete Logarithms and Polynomial Interpolations , 2002, Comput. Secur..

[11]  Lein Harn,et al.  A cryptographic key generation scheme for multilevel data security , 1990, Comput. Secur..