1 / 13

Access control in a hierarchy using one-way hash functions

Access control in a hierarchy using one-way hash functions. Authors: Cungang Yang and Celia Li Source: Computers & Security, vol. 23, pp. 659-664, 2004 Reporter: Jung-wen Lo ( 駱榮問 ) Date: 2006/03/02. Outline. Introduction Hierarchical Structure Drawback of Akl & Taylor

beth
Download Presentation

Access control in a hierarchy using one-way hash functions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Access control in a hierarchy using one-way hash functions Authors: Cungang Yang and Celia LiSource: Computers & Security, vol. 23, pp. 659-664, 2004 Reporter: Jung-wen Lo (駱榮問) Date: 2006/03/02

  2. Outline • Introduction • Hierarchical Structure • Drawback of Akl & Taylor • Proposed Scheme • Key Assignment and Key Derivation • Dynamic Access Control • Adding node • Deleting Node • Changing Relationships • Adding • Deleting • Significances • Comments

  3. (K1),t1 Hierarchical Structure (K2),t2 (K3),t3 • 1982 Akl & Taylor • CA: K0, M=pqKi=K0ti mod MUi≦Ujti/tjInt. • Ex. (K4),t4 (K8),t8 (K6),t6 (K7),t7 (K5),t5

  4. Drawback of Akl & Taylor • Large storage when hierarchy is large • Carefully chose public parameters=> Users may collaborate key • Add a new node may use all secret keys and can be gotten by all other nodese.g. Add new node of Cpublic parameters=2×3×5×7×11×13×17×19

  5. Key Assignment and Key Derivation • Hash function of Hi: {H1,H2,…,Hn}n: Max. # of direct child node • Algorithm: • Node without direct parent (dead-end node), CA assign an arbitrary key • Node rj only has one direct parent whose key is K, and rj is the ith direct node of parent (from left to right). => Key of rj=Hi(K) • Node rj has more than one parents (rj1, rj2, …,rjm), and rj is the ith direct child of rj1, the kth of rj2,..,the nth of rjm. Keys of rj’s parents are (K1, K2,…,Km) => Key of rj=Hi(Hi(K1), Hk(K2),…,Hn(Km))

  6. Key Assignment (Cont’) • Dead-end node: Key=random() • One parent: • More parents i K K 1 i Hi(K) … i … K1 K2 Km … 1 … i … i,k,…,n, Hi(Hi(K1), Hk(K2),…,Hn(Km)) … k… 1 …n … 1

  7. Dynamic Access Control - Adding node R’s key: Random Key alternation: A,B,C,D,E,F,G,H R’s key: H3(K1) Key alternation: C,F,G,H

  8. A C Dynamic Access Control - Deleting Node key alternation: F, G, H Delete dead-end A: No key alternation

  9. Changing Relationships - Adding key alternation: H

  10. Changing Relationships - Deleting Key of B will not be regenerated key alternation: F

  11. Significances • Public parameters • Akl-Tylor’s scheme: # of the node in the hierarchy • Proposed scheme: # of child nodes who have more than one parent nodes.=>di is the # of child nodes • eg. N=(2-1)+(2-1)=2 • Key regeneration when insert a new node • Akl-Tylor’s scheme: All nodes • Proposed scheme: Child nodes only

  12. Comments • Misunderstand Akl-Tylor’s scheme • Lack of t8 in the example • The value of tit1=2 t5=2×3×11 t2=2×3 t6=2×3×5×13 t3=2×5 t7=2×5×17 t4=2×3×7 t8=2×5×19 • Delete the dead-end node’s and relation may need to regenerate key • Weird of formula N=Σ(di-1) • di should be the # of parent nodes • The order of the children should be recorded

  13. Example (K1) (K2=H1(K1)) (K3=H2(K1)) [H1(K3)] [H3(K2)] (K4=H1(K2)=H1(H1(K1))) (K8) (K5=H2(H1(K1))) (K7) (K6=H3(H3(K2),H1(K3))

More Related