Cryptographically-enforced hierarchical access control with multiple keys
نویسنده
چکیده
Hierarchical access control policies, in which users and objects are associated with nodes in a hierarchy, can be enforced using cryptographic mechanisms. Protected data is encrypted and authorized users are given the appropriate keys. Lazy re-encryption techniques and temporal hierarchical access control policies require that multiple keys may be associated with a node in the hierarchy. In this paper, we introduce the notion of a multi-key assignment scheme to address this requirement. We define bounded, unbounded, synchronous, and asynchronous schemes. We demonstrate that bounded, synchronous schemes provide an alternative to temporal key assignment schemes in the literature, and that unbounded asynchronous schemes provide the desired support for lazy re-encryption.
منابع مشابه
A Key Management Method for Cryptographically Enforced Access Control
This paper describes a key management method for cryptographically enforced access control. In particular, we propose an algorithm that based on the containment relation transforms an arbitrary access control matrix into a hierarchy, to which public private key pairs are assigned based on the DiffieHellman key generation scheme. Therefore, the users have to store only one key and are capable of...
متن کاملCrypt-DAC: Cryptographically Enforced Dynamic Access Control in the Cloud
Enabling cryptographically enforced access controls for data hosted in untrusted cloud is attractive for many users and organizations. However, designing efficient cryptographically enforced dynamic access control system in the cloud is still a challenging issue. In this paper, we propose Crypt-DAC, a system that provides practical cryptographic enforcement of dynamic access control. Crypt-DAC ...
متن کاملSieve: Cryptographically Enforced Access Control for User Data in Untrusted Clouds
Modern web services rob users of low-level control over cloud storage—a user’s single logical data set is scattered across multiple storage silos whose access controls are set by web services, not users. The consequence is that users lack the ultimate authority to determine how their data is shared with other web services. In this paper, we introduce Sieve, a new platform which selectively (and...
متن کاملEfficient key management for cryptographically enforced access control
Available online 8 March 2008 Cryptographic enforcement of access control mechanisms relies on encrypting protected data with the keys stored by authorized users. This approach poses the problem of the distribution of secret keys. In this paper, a key management scheme is presented where each user stores a single key and is capable of efficiently calculating appropriate keys needed to access re...
متن کاملCryptographically Enforced Personalized Role-Based Access Control
The present paper addresses privacy and security enhancements to a basic role-based access control system. The contribution is twofold. First, the paper presents an approach to personalized access control, i.e. a combination of role-based access control and user-managed access control. Second, the proposed access control approach is crypto&aphically enforced and an efficient key management meth...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- J. Log. Algebr. Program.
دوره 78 شماره
صفحات -
تاریخ انتشار 2009