A Diffie-Hellman based Key Management Scheme for Hierarchical Access Control

Anna Zych, Jeroen Doumen, Pieter Hartel, Willem Jonker

Research output: Book/ReportReportProfessional

12 Downloads (Pure)

Abstract

All organizations share data in a carefully managed fashion by using access control mechanisms. We focus on enforcing access control by encrypting the data and managing the encryption keys. We make the realistic assumption that the structure of any organisation is a hierarchy of security classes. Data from a certain security class can only be accessed by another security class, if it is higher or equal in the hierarchy. Otherwise access is denied. Our solution is based on the Diffie-Hellman key exchange protocol. The worst case performance of our solution is slightly better than that of all other existing solutions. We show that our performance in practical cases is linear in the size of the hierarchy, whereas the best results from the literature are quadratic.
Original languageEnglish
Place of PublicationEnschede
PublisherCentre for Telematics and Information Technology (CTIT)
Number of pages23
Publication statusPublished - Nov 2005

Publication series

NameCTIT Technical Report Series
PublisherUniversity of Twente, Centre for Telematica and Information Technology (CTIT)
No.CTIT-TR-05-57
ISSN (Print)1381-3625

Fingerprint

Access control
Cryptography

Keywords

  • SCS-Cybersecurity
  • Access control
  • Hierarchical key management

Cite this

Zych, A., Doumen, J., Hartel, P., & Jonker, W. (2005). A Diffie-Hellman based Key Management Scheme for Hierarchical Access Control. (CTIT Technical Report Series; No. CTIT-TR-05-57). Enschede: Centre for Telematics and Information Technology (CTIT).
Zych, Anna ; Doumen, Jeroen ; Hartel, Pieter ; Jonker, Willem. / A Diffie-Hellman based Key Management Scheme for Hierarchical Access Control. Enschede : Centre for Telematics and Information Technology (CTIT), 2005. 23 p. (CTIT Technical Report Series; CTIT-TR-05-57).
@book{16ce324253d64a72a45781d34d3b4480,
title = "A Diffie-Hellman based Key Management Scheme for Hierarchical Access Control",
abstract = "All organizations share data in a carefully managed fashion by using access control mechanisms. We focus on enforcing access control by encrypting the data and managing the encryption keys. We make the realistic assumption that the structure of any organisation is a hierarchy of security classes. Data from a certain security class can only be accessed by another security class, if it is higher or equal in the hierarchy. Otherwise access is denied. Our solution is based on the Diffie-Hellman key exchange protocol. The worst case performance of our solution is slightly better than that of all other existing solutions. We show that our performance in practical cases is linear in the size of the hierarchy, whereas the best results from the literature are quadratic.",
keywords = "SCS-Cybersecurity, Access control, Hierarchical key management",
author = "Anna Zych and Jeroen Doumen and Pieter Hartel and Willem Jonker",
year = "2005",
month = "11",
language = "English",
series = "CTIT Technical Report Series",
publisher = "Centre for Telematics and Information Technology (CTIT)",
number = "CTIT-TR-05-57",
address = "Netherlands",

}

Zych, A, Doumen, J, Hartel, P & Jonker, W 2005, A Diffie-Hellman based Key Management Scheme for Hierarchical Access Control. CTIT Technical Report Series, no. CTIT-TR-05-57, Centre for Telematics and Information Technology (CTIT), Enschede.

A Diffie-Hellman based Key Management Scheme for Hierarchical Access Control. / Zych, Anna; Doumen, Jeroen; Hartel, Pieter; Jonker, Willem.

Enschede : Centre for Telematics and Information Technology (CTIT), 2005. 23 p. (CTIT Technical Report Series; No. CTIT-TR-05-57).

Research output: Book/ReportReportProfessional

TY - BOOK

T1 - A Diffie-Hellman based Key Management Scheme for Hierarchical Access Control

AU - Zych, Anna

AU - Doumen, Jeroen

AU - Hartel, Pieter

AU - Jonker, Willem

PY - 2005/11

Y1 - 2005/11

N2 - All organizations share data in a carefully managed fashion by using access control mechanisms. We focus on enforcing access control by encrypting the data and managing the encryption keys. We make the realistic assumption that the structure of any organisation is a hierarchy of security classes. Data from a certain security class can only be accessed by another security class, if it is higher or equal in the hierarchy. Otherwise access is denied. Our solution is based on the Diffie-Hellman key exchange protocol. The worst case performance of our solution is slightly better than that of all other existing solutions. We show that our performance in practical cases is linear in the size of the hierarchy, whereas the best results from the literature are quadratic.

AB - All organizations share data in a carefully managed fashion by using access control mechanisms. We focus on enforcing access control by encrypting the data and managing the encryption keys. We make the realistic assumption that the structure of any organisation is a hierarchy of security classes. Data from a certain security class can only be accessed by another security class, if it is higher or equal in the hierarchy. Otherwise access is denied. Our solution is based on the Diffie-Hellman key exchange protocol. The worst case performance of our solution is slightly better than that of all other existing solutions. We show that our performance in practical cases is linear in the size of the hierarchy, whereas the best results from the literature are quadratic.

KW - SCS-Cybersecurity

KW - Access control

KW - Hierarchical key management

M3 - Report

T3 - CTIT Technical Report Series

BT - A Diffie-Hellman based Key Management Scheme for Hierarchical Access Control

PB - Centre for Telematics and Information Technology (CTIT)

CY - Enschede

ER -

Zych A, Doumen J, Hartel P, Jonker W. A Diffie-Hellman based Key Management Scheme for Hierarchical Access Control. Enschede: Centre for Telematics and Information Technology (CTIT), 2005. 23 p. (CTIT Technical Report Series; CTIT-TR-05-57).

Access to Document