All organizations share data in a carefully managed fashion by using access control mechanisms. We focus on enforcing access control by encrypting the data and managing the encryption keys. We make the realistic assumption that the structure of any organisation is a hierarchy of security classes. Data from a certain security class can only be accessed by another security class, if it is higher or equal in the hierarchy. Otherwise access is denied. Our solution is based on the Diffie-Hellman key exchange protocol. The worst case performance of our solution is slightly better than that of all other existing solutions. We show that our performance in practical cases is linear in the size of the hierarchy, whereas the best results from the literature are quadratic.
|Name||CTIT Technical Report Series|
|Publisher||University of Twente, Centre for Telematica and Information Technology (CTIT)|
- Access control
- Hierarchical key management