A Diffie-Hellman based Key Management Scheme for Hierarchical Access Control

All organizations share data in a carefully managed fashion by using access control mechanisms. We focus on enforcing access control by encrypting the data and managing the encryption keys. We make the realistic assumption that the structure of any organization is a hierarchy of security classes. Data from a certain security class can only be accessed by another security class, if it is higher or at the same level in the hierarchy. Otherwise access is denied. Our solution is based on the Die-Hellman key exchange protocol. We show, that the theoretical worst case performance of our solution is slightly better than that of all other existing solutions. We also show, that our performance in practical cases is linear in the size of the hierarchy, whereas the best results from the literature are quadratic.

[1]  Ashutosh Saxena,et al.  Hierarchical key management scheme using polynomial interpolation , 2005, OPSR.

[2]  Sheng Zhong,et al.  A practical key management scheme for access control in a user hierarchy , 2002, Comput. Secur..

[3]  Chu-Hsing Lin,et al.  Hierarchical key assignment without public-key cryptography , 2001, Comput. Secur..

[4]  Chin-Chen Chang,et al.  A new key assignment scheme for enforcing complicated access control policies in hierarchy , 2003, Future Gener. Comput. Syst..

[5]  Min-Shiang Hwang,et al.  A Dynamic Key Generation Scheme for Access Control in a Hierarchy , 1999, Nord. J. Comput..

[6]  R. S. Sandhu,et al.  On some cryptographic solutions for access control in a tree hierarchy , 1987, FJCC.

[7]  Indrajit Ray,et al.  A cryptographic solution to implement access control in a hierarchy and more , 2002, SACMAT '02.

[8]  Selim G. Akl,et al.  Cryptographic solution to a problem of access control in a hierarchy , 1983, TOCS.

[9]  Rolf H. Möhring,et al.  Computationally Tractable Classes of Ordered Sets , 1989 .

[10]  Maciej M. Syslo,et al.  A Labeling Algorithm to Recognize a Line Digraph and Output its Root Graph , 1982, Inf. Process. Lett..

[11]  Selim G. Akl,et al.  An Optimal Algorithm for Assigning Cryptographic Keys to Control Access in a Hierarchy , 1985, IEEE Transactions on Computers.

[12]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[13]  Wei-Pang Yang,et al.  Controlling access in large partially ordered hierarchies using cryptographic keys , 2003, J. Syst. Softw..