Building a secure group communication system is an active research topic. Several studies have focused on achieving a good level of privacy among a group of people via agreement on a shared encryption key. However, there is not much work published on easily manageable, simple, and effective systems that can provide secure communication in a role-based environment. In this paper, we propose a comprehensive solution to the key exchange problem for group communication. A centralized key server is used to produce a key chain, based on recursive hashing, and securely distributing the keys to the recipients according to their roles. The proposed work makes it possible that a user with a higher clearance can audit the communications among the users that are hierarchically below him/her. Moreover, the system has the ability to isolate communications among different groups, which means the compartmentation is reserved.
[1]
Whitfield Diffie,et al.
New Directions in Cryptography
,
1976,
IEEE Trans. Inf. Theory.
[2]
Mihir Bellare,et al.
Increasing the Lifetime of a Key: A Comparative Analysis of the Security of Re-keying Techniques
,
2000,
ASIACRYPT.
[3]
Deep Medhi,et al.
A key-chain-based keying scheme for many-to-many secure group communication
,
2004,
TSEC.
[4]
Andreas Schaad,et al.
SOAP-based Secure Conversation and Collaboration
,
2007,
IEEE International Conference on Web Services (ICWS 2007).
[5]
D. Richard Kuhn,et al.
Role based access control on MLS systems without kernel changes
,
1998,
RBAC '98.
[6]
Umit Topaloglu,et al.
Secure mobile agent execution in virtual environment
,
2008,
Autonomous Agents and Multi-Agent Systems.