论文信息 - Minimal Threshold Closure

Minimal Threshold Closure

Access structure is a flexible mechanism for representing complex access control and authorization policies [1]. Numerous efforts have been devoted to the research of efficient schemes for implementing access structures in a scalable manner. Threshold closure was invented as an efficient way to implement access structures that represent complex authorization policies [4]. In essence, threshold closure is an efficient and scalable implementation of access structure using a reduced collection of threshold schemes [5]. A practical application of threshold closure was presented in [6] where the use of threshold closure for addressing the complex security needs of Grid Computing Systems was explained. One major deficiency of threshold closure is that a threshold closure generated from the corresponding access structure is not minimal in size, thus the collection of threshold schemes is not optimized for efficiency. In this connection, an operation called minimal covering was proposed to minimize the size of a threshold closure once it is formed from its corresponding access structure [4]. Unfortunately, the minimal covering of a threshold closure is no longer a threshold closure, thus is not scalable in terms of addition/deletion of access control rules. This paper presents a way for constructing minimal threshold closure. It defines a new structure called enhanced threshold closure. The paper proves that the enhanced threshold closure of an access structure is a threshold closure and is minimal, hence it is also called a minimal threshold closure. The paper also presents a mechanism for constructing minimal threshold closure from a basis access structure.

Ming Gu | Kwok-Yan Lam | Guiming Luo | Siu Leung Chung | Xibin Zhao

[1] Ming Gu,et al. Authorization Mechanisms for Virtual Organizations in Distributed Computing Systems , 2004, ACISP.

[2] Josh Benaloh,et al. Generalized Secret Sharing and Monotone Functions , 1990, CRYPTO.

[3] Sushil Jajodia,et al. Scalable Threshold Closure , 1999, Theor. Comput. Sci..

[4] Kouya Tochikubo,et al. Efficient Secret Sharing Schemes Realizing General Access Structures(Information Security) , 2004 .

[5] Mitsugu Iwamoto,et al. Optimal multiple assignments based on integer programming in secret sharing schemes with general access structures , 2004, ISIT.

[6] Adi Shamir,et al. How to share a secret , 1979, CACM.

[7] Mitsuru Ito,et al. Secret sharing scheme realizing general access structure , 1989 .