Dynamic key management schemes for access control in a hierarchy

被引：66

作者：

Lin, CH ^{[1
]}

机构：

[1] Tunghai Univ, Dept Comp & Informat Sci, Taichung 407, Taiwan

来源：

COMPUTER COMMUNICATIONS | 1997年 / 20卷 / 15期

关键词：

multilevel data security; partially ordered set; access control; key assignment; key management; cryptographic key; user hierarchy;

D O I：

10.1016/S0140-3664(97)00100-X

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Secure access control in user hierarchy is designed such that users are authorized and classified into different privilege classes. A user belonging to a higher-privileged class will have access rights to messages created or owned by users in a lower-privileged class; while the opposite is not allowed. Methods for generating cryptographic keys to security classes can be categorized as the key assignment approach and the key management approach. In this paper, we shall propose a new hierarchical access control mechanism which possesses the advantages of the two approaches. Dynamic operations, such as class insertions or class deletions and key changes, etc., can be fulfilled efficiently. Resides, it is easy for an ancestor to deduce the key of his descendants which is positioned in a far-lower-privileged class. (C) 1997 Elsevier Science B.V.

引用

页码：1381 / 1385

页数：5

共 22 条

[11]

HONG G, 1994, P INT COMP S HSINCH, P439

[12]

LIAW HT, 1995, P 5 NAT C INF SEC TA, P88

[13]

LIN CH, 1990, J INFORMATION SCI EN, V6, P25

[14]

LIN CH, 1992, INFORMATION SCHEMES, V64, P35

[15]

LU WP, 1988, P 1988 INFCOM NEW OR, P1095

[16]

MACKINNON SJ, 1985, IEEE T COMPUT, V34, P797, DOI 10.1109/TC.1985.1676635

[17]

Maekawa M., 1987, OPERATING SYSTEMS AD

[18]

McCullough D., 1987, Proceedings of the 1987 IEEE Symposium on Security and Privacy (Cat. No.87CH2416-6), P161

[19]

MCHUGH J, 1986, P IEEE S SEC PRIV OA, P43

[20] CRYPTOGRAPHIC IMPLEMENTATION OF A TREE HIERARCHY FOR ACCESS-CONTROL [J].

SANDHU, RS .

INFORMATION PROCESSING LETTERS, 1988, 27 (02) :95-98

← 1 2 3 →