A Diffie-Hellman based Key Management Scheme for Hierarchical Access Control

Anna Zych; Jeroen Doumen; Pieter Hartel; Willem Jonker

A Diffie-Hellman based Key Management Scheme for Hierarchical Access Control

Anna Zych, Jeroen Doumen, Pieter Hartel, Willem Jonker

Databases (Former)

Research output: Book/Report › Report › Professional

55 Downloads (Pure)

Abstract

All organizations share data in a carefully managed fashion by using access control mechanisms. We focus on enforcing access control by encrypting the data and managing the encryption keys. We make the realistic assumption that the structure of any organisation is a hierarchy of security classes. Data from a certain security class can only be accessed by another security class, if it is higher or equal in the hierarchy. Otherwise access is denied. Our solution is based on the Diffie-Hellman key exchange protocol. The worst case performance of our solution is slightly better than that of all other existing solutions. We show that our performance in practical cases is linear in the size of the hierarchy, whereas the best results from the literature are quadratic.

Original language	English
Place of Publication	Enschede
Publisher	Centre for Telematics and Information Technology (CTIT)
Number of pages	23
Publication status	Published - Nov 2005

Publication series

Name	CTIT Technical Report Series
Publisher	University of Twente, Centre for Telematica and Information Technology (CTIT)
No.	CTIT-TR-05-57
ISSN (Print)	1381-3625

Keywords

SCS-Cybersecurity
Access control
Hierarchical key management

Access to Document

Zych2005diffie-hellman
open
Final published version, 442 KB

http://www.ub.utwente.nl/webdocs/ctit/1/00000153.pdf

Fingerprint Dive into the research topics of 'A Diffie-Hellman based Key Management Scheme for Hierarchical Access Control'. Together they form a unique fingerprint.

Cite this

@book{16ce324253d64a72a45781d34d3b4480,

title = "A Diffie-Hellman based Key Management Scheme for Hierarchical Access Control",

abstract = "All organizations share data in a carefully managed fashion by using access control mechanisms. We focus on enforcing access control by encrypting the data and managing the encryption keys. We make the realistic assumption that the structure of any organisation is a hierarchy of security classes. Data from a certain security class can only be accessed by another security class, if it is higher or equal in the hierarchy. Otherwise access is denied. Our solution is based on the Diffie-Hellman key exchange protocol. The worst case performance of our solution is slightly better than that of all other existing solutions. We show that our performance in practical cases is linear in the size of the hierarchy, whereas the best results from the literature are quadratic.",

keywords = "SCS-Cybersecurity, Access control, Hierarchical key management",

author = "Anna Zych and Jeroen Doumen and Pieter Hartel and Willem Jonker",

year = "2005",

month = nov,

language = "English",

series = "CTIT Technical Report Series",

publisher = "Centre for Telematics and Information Technology (CTIT)",

number = "CTIT-TR-05-57",

address = "Netherlands",

}

TY - BOOK

T1 - A Diffie-Hellman based Key Management Scheme for Hierarchical Access Control

AU - Zych, Anna

AU - Doumen, Jeroen

AU - Hartel, Pieter

AU - Jonker, Willem

PY - 2005/11

Y1 - 2005/11

N2 - All organizations share data in a carefully managed fashion by using access control mechanisms. We focus on enforcing access control by encrypting the data and managing the encryption keys. We make the realistic assumption that the structure of any organisation is a hierarchy of security classes. Data from a certain security class can only be accessed by another security class, if it is higher or equal in the hierarchy. Otherwise access is denied. Our solution is based on the Diffie-Hellman key exchange protocol. The worst case performance of our solution is slightly better than that of all other existing solutions. We show that our performance in practical cases is linear in the size of the hierarchy, whereas the best results from the literature are quadratic.

AB - All organizations share data in a carefully managed fashion by using access control mechanisms. We focus on enforcing access control by encrypting the data and managing the encryption keys. We make the realistic assumption that the structure of any organisation is a hierarchy of security classes. Data from a certain security class can only be accessed by another security class, if it is higher or equal in the hierarchy. Otherwise access is denied. Our solution is based on the Diffie-Hellman key exchange protocol. The worst case performance of our solution is slightly better than that of all other existing solutions. We show that our performance in practical cases is linear in the size of the hierarchy, whereas the best results from the literature are quadratic.

KW - SCS-Cybersecurity

KW - Access control

KW - Hierarchical key management

M3 - Report

T3 - CTIT Technical Report Series

BT - A Diffie-Hellman based Key Management Scheme for Hierarchical Access Control

PB - Centre for Telematics and Information Technology (CTIT)

CY - Enschede

ER -