A note on time-bound hierarchical key assignment schemes

A time-bound hierarchical key assignment scheme is a method to assign time-dependent encryption keys to a set of classes in a partially ordered hierarchy, in such a way that each class can compute the keys of all classes lower down in the hierarchy, according to temporal constraints.In this paper we consider the unconditionally secure setting for time-bound hierarchical key assignment schemes and distinguish between two different goals: security with respect to key indistinguishability and against key recovery. We first present definitions of security with respect to both goals; then, we prove a tight lower bound on the size of the private information distributed to each class; finally, we show an optimal construction for time-bound hierarchical key assignment schemes.     

Secure key management scheme for dynamic hierarchical access control based on ECC

An access control mechanism in a user hierarchy is used to provide the management of sensitive information for authorized users. The users and their own information can be organized into a number of disjoint sets of security classes according to their responsibilities. Each security class in a user hierarchy is assigned an encryption key and can derive the encryption keys of all lower security classes according to predefined partially ordered relation. In 2006, Jeng and Wang proposed an efficient key management scheme based on elliptic curve cryptosystems. This paper, however, pointed out that Jeng-Wang scheme is vulnerable to the so-called compromising attack that the secret keys of some security classes can be compromised by any adversary if some public information modified. We further proposed a secure key management scheme based on elliptic curve cryptosystems to eliminate the pointed out the security leak and provide better security requirements. As compared with Jeng and Wang's scheme (Jeng and Wang, 2006), the proposed scheme has the following properties. (i) It is simple to execute the key generation and key derivation phases. (ii) It is easily to address dynamic access control when a security class is added into or deleted from the hierarchy. (iii) It is secure against some potential attacks. (iv) The required storage of the public/secret parameters is constant.     

An efficient key assignment scheme for access control in a large leaf class hierarchy

The employees of an organization are usually divided into different security classes to authorize the information retrieval, and the number of leaf classes is substantially larger than the number of non-leaf classes. Additionally, the alternations in leaf classes are more frequent than in non-leaf classes. We proposed a new key assignment scheme for controlling the access right in a large POSET (partially ordered set) hierarchy to reduce the required computation for key generation and derivation with the storage amount of data decreased.     

Efficient provably-secure hierarchical key assignment schemes

A hierarchical key assignment scheme is a method to assign some private information and encryption keys to a set of classes in a partially ordered hierarchy, in such a way that the private information of a higher class can be used to derive the keys of all classes lower down in the hierarchy.In this paper we design and analyze hierarchical key assignment schemes which are provably secure and support dynamic updates to the hierarchy with local changes to the public information and without requiring any private information to be re-distributed.

-

We first consider the problem of constructing a hierarchical key assignment scheme by using as a building block a symmetric encryption scheme. We propose a new construction which is provably secure with respect to key indistinguishability, requires a single computational assumption, and improves on previous proposals.

-

Then, we show how to construct a hierarchical key assignment scheme by using as a building block a public-key broadcast encryption scheme. In particular, one of our constructions provides constant private information and public information linear in the number of classes in the hierarchy.

     

An efficient key assignment scheme based on one-way hash function in a user hierarchy

In order to solve the problems resulted from dynamic access control in a user hier-archy,a cryptographic key assignment scheme is proposed by Prof.Lin to promote the performing ability and to simplify the procedure,However,it may cause the security in danger as the user changes his secret key;besides,some secret keys may be disclosed due to the unsuitable selection of the security classes‘‘‘‘‘‘‘‘ identities.Through setting up a one-way hash function onto Lin‘‘‘‘‘‘‘‘s schem,the propsed modification can greatly improve the security of Lin‘‘‘‘‘‘‘‘s scheme.     

Variations on a theme by Akl and Taylor: Security and tradeoffs

In 1983, Akl and Taylor [Cryptographic solution to a problem of access control in a hierarchy, ACM Transactions on Computer Systems 1 (3) (1983) 239-248] first suggested the use of cryptographic techniques to enforce access control in hierarchical structures. Due to its simplicity and versatility, the scheme has been used, for more than twenty years, to implement access control in several different domains, including mobile agent environments and XML documents. However, despite its use over time, the scheme has never been fully analyzed with respect to security and efficiency requirements. In this paper we provide new results on the Akl-Taylor scheme and its variants. More precisely:

•

We provide a rigorous analysis of the Akl-Taylor scheme. We consider different key assignment strategies and prove that the corresponding schemes are secure against key recovery.

•

We show how to obtain different tradeoffs between the amount of public information and the number of steps required to perform key derivation in the proposed schemes.

•

We also look at the MacKinnon et al. and Harn and Lin schemes and prove they are secure against key recovery.

•

We describe an Akl-Taylor based key assignment scheme with time-dependent constraints and prove the scheme efficient, flexible and secure.

•

We propose a general construction, which is of independent interest, yielding a key assignment scheme offering security w.r.t. key indistinguishability, given any key assignment scheme which guarantees security against key recovery.

•

Finally, we show how to use our construction, along with our assignment strategies and tradeoffs, to obtain an Akl-Taylor scheme, secure w.r.t. key indistinguishability, requiring a constant amount of public information.

     

Enforcing the security of a time-bound hierarchical key assignment scheme

A time-bound hierarchical key assignment scheme is a method to assign a cryptographic key to each class of users in a system organized as a partially ordered hierarchy, in such a way that key derivation is constrained both by class relationships and by time. Recently, a time-bound hierarchical key assignment scheme based on tamper-resistant devices and requiring low computational load and implementation cost has been proposed. Unfortunately, the scheme is not secure.In this paper we show how three malicious users can handle public and private information to misuse their tamper-resistant devices in order to compute some encryption keys that they should not be able to learn. We also show some countermeasures to withstand the weakness we have exploited.     

多级安全系统中访问控制新方案

研究了利用密码技术实现多级安全系统中的访问控制的方法。提出了一个新的基于密钥分配的动态访问控制方案。其中的密钥分配方法是基于Rabin公钥体制和中国剩余定理的。在该方案中,系统中每一用户被赋于一个安全权限,具有较高安全权限的用户可以利用自己私有的秘密信息和公共信息导出具有较低安全权限的用户的密钥,而低权限用户则不能导出高权限用户的密钥。这样高权限用户可以读取和存储属于低权限用户的保密信息,而低权限用户则不读取和存储属于高权限用户的保密信息。从而实现了利用密钥分配进行授权的访问控制。而且从系统中添加／删除一用户以及改变用户权限和改变用户密钥都无需变更整个系统。     

Key hierarchies for hierarchical access control in secure group communications

The problem of hierarchical access control in secure group communications has elicited much interest in the literatures. However, most of the researches to date on hierarchical access control pay more attention to the particular encryption techniques, but considered little about the features of key hierarchies. In hierarchical access control systems, keys are usually organized hierarchically. We analyze the user-based, resource-based and unified key hierarchies in this paper. The first two hierarchies are established from the access matrix. By unifying these two hierarchies, we get the unified key hierarchy. Furthermore, we introduce the explicit accessible set and the explicit dominating set to describe the key distributions for these hierarchies, and prove that the unified key hierarchy can be formed from the explicit dominating sets in the user-based key hierarchy or the explicit accessible sets in the resource-based key hierarchy. To evaluate the efficiency of the described key hierarchies, we combine these hierarchies with the existing key assignment models and analyze their storage and rekey overheads. These overheads can be derived from the access matrix, and the derivation procedure is described. The conclusions of this paper can help to establish a suitable key hierarchy so as to make the key assignment scheme more efficient in practical applications.     

Hierarchical access control based on Chinese Remainder Theorem and symmetric algorithm

This paper presents an improvement in a cryptographic key assignment scheme that is proposed by Kuo et al. Considering the problem of dynamic access control in a user hierarchy, such an improvement focuses on the ability to implement easily. Moreover, this improvement is an attempt to greatly reduce the computation time and the storage size required by the key generation and the key derivation phases in Kuo’s scheme.     

An improvement of a dynamic cryptographic key assignment scheme in a tree hierarchy

This paper shows how several security classes in Liaw-Wang-Lei's cryptographic key assignment scheme can collaborate to derive the secret key of their immediate ancestor in some cases. We also propose two schemes which are a slight modification of the proposed scheme to enhance the level of security.     

Graph-theoretic method for merging security system specifications

Computer security policies specify conditions for permissions to access various computer resources and information. Merging two security policies is needed when two organizations, together with their computer systems, merge into one entity as in corporate business acquisition. We propose a graph-theoretic method for merging the role/object hierarchies of two security policies. The formulation of merged hierachies is based on the graph minor relation in graph theory. Ideally, the merged role hierarchy should contain both the participating role hierarchies as graph minors, and similarly for the object hierarchy. We show that one can decide in polynomial time whether this ideal case is possible when the participating hierarchies are trees. We also show that in case the merged hierarchy exists, it can be constructed in polynomial time. Algorithms for detecting the feasibility of an ideal merged tree and for constructing the merged tree are presented. Our hierarchy/tree merge method is also applicable to the integration of heterogeneous databases with generalization hierarchies.     

Cryptographically-enforced hierarchical access control with multiple keys

Hierarchical access control policies, in which users and objects are associated with nodes in a hierarchy, can be enforced using cryptographic mechanisms. Protected data is encrypted and authorized users are given the appropriate keys. Lazy re-encryption techniques and temporal hierarchical access control policies require that multiple keys may be associated with a node in the hierarchy. In this paper, we introduce the notion of a multi-key assignment scheme to address this requirement. We define bounded, unbounded, synchronous, and asynchronous schemes. We demonstrate that bounded, synchronous schemes provide an alternative to temporal key assignment schemes in the literature, and that unbounded asynchronous schemes provide the desired support for lazy re-encryption.     

Efficient time-bound hierarchical key assignment scheme

The access privileges in distributed systems can be effectively organized as a hierarchical tree that consists of distinct classes. A hierarchical time-bound key assignment scheme is to assign distinct cryptographic keys to distinct classes according to their privileges so that users from a higher class can use their class key to derive the keys of lower classes, and the keys are different for each time period; therefore, key derivation is constrained by both the class relation and the time period. We propose, based on a tamper-resistant device, a new time-bound key assignment scheme that greatly improves the computational performance and reduces the implementation cost.     

Key management in tree shaped hierarchies

ABSTRACT

We refer to an access control system based on subjects and objects. Subjects are active entities, e.g. processes, while objects are passive entities, e.g. messages exchanged between the nodes of a distributed computing environment. The system is partitioned into security classes organized into a tree shaped hierarchy. A subject assigned to a given class can access the objects in this class and in all the classes that descend from this class in the class hierarchy. To this aim, a key is associated with each class. A mechanism of the protection system, called key derivation, allows a subject that holds the key of a given class to transform this key into the keys of the descendant classes. This mechanism is based on a single, publicly known one-way function. If the class hierarchy is modified, by adding a new class or deleting an existing class, the necessary form of key redistribution is partial, and is limited to the classes in the subtree of the root that is involved in the change.     

Access control in a hierarchy using one-way hash functions

This paper presents a cryptographic key management solution to solve the access control problem in a hierarchy. Based on one-way hash functions, an efficient key assignment and derivation method is proposed. This solution uses limited number of keys and hash functions. Also, the dynamic access control problems, such as adding/deleting nodes, or modifying relationships between nodes in the hierarchy are considered and can be resolved.     

Key management in wireless sensor networks

ABSTRACT

We refer to a distributed architecture consisting of sensor nodes connected by wireless links and organized in a tree-shaped hierarchy. We present a paradigm for the management of the cryptographic keys used by nodes to communicate, and we consider the problems connected with key generation, distribution, and replacement. In our paradigm, names are assigned to nodes by using a uniform scheme, which is based on the position of the given node in the node hierarchy. Each node holds a hierarchical key to communicate with its ancestors, and a level key to communicate with its siblings. A single, publicly known parametric one-way function is used to assign hierarchical keys to nodes, in an iterative procedure that starts from the key of the root of the node hierarchy, and proceeds downwards to the lowest hierarchical levels. A similar procedure is used to generate the level keys. The total memory requirements for key storage are extremely low. The number of keys exchanged in a key replacement process is kept to a minimum. Dynamic access control is fully supported, whereby new nodes can be added to the node hierarchy, and existing nodes can be evicted from the hierarchy.     

A trusted user-to-role and role-to-key access control scheme

The generalized trusted user-to-role assignment role-based access control (TURA-RBAC) scheme is first integrated and proposed in this paper, which is a new trusted role-based access control (RBAC) model. It could give a solution to cope with the problem on when many malicious users who want to launch insider threats (InTs) are assigned to an RBAC system. In the other words, the untrusted case is a type of InTs. The approach takes the advantages via soft computing approaches which are chosen by the system to evaluate each user in same interactive session. Upon finding some malicious access content, the user will be denied access to the role as well as the role-based RSA key. The main contributions are described as the following: first, this scheme designs a user-to-role assignment utilizing content awareness via soft computing techniques. Second, a novel generalization model of trusted RBAC is defined in this paper, which adds a new role-to-key assignment into the trusted RBAC model. Third, both the RSA algorithm and AKL approach are combined together into the role hierarchy structure in the TURA-RBAC model. Fourth, the dynamic change in role-to-key assignment in the role hierarchy is designed in this paper. In addition, the scheme provides a scheme that could achieve not only reduce the damage from InTs, but also easy implementation for trusted RBAC. In the end, the discussions, comparisons and security analyses are also presented in this paper.     

面向企业应用的密钥管理技术研究

针对企业的计算机安全管理的需要,将企业安全管理分为纵向的等级管理和横向的工作组协作管理。结合单钥加密和双钥加密的理论,分别给出了纵向的等级安全管理密钥管理方法和横向的协同工作安全管理的工作组密钥管理方法。基于密钥恢复的思想,提出了万能密钥的概念及其实现方法。