1 / 45

A Study of Key Management for Access Control in Hierarchy

A Study of Key Management for Access Control in Hierarchy. Min-Shiang Hwang Department of Computer Science and Information Engineering Asia University. Outline. Introduction Research motivation Related works Requirements Research objectives The first proposed scheme

clyderobertson
Download Presentation

A Study of Key Management for Access Control in Hierarchy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Study of Key Management for Access Control in Hierarchy Min-Shiang Hwang Department of Computer Science and Information Engineering Asia University

  2. Outline • Introduction • Research motivation • Related works • Requirements • Research objectives • The first proposed scheme • Review of Odelu et al.’s scheme (2013) • The first our proposed scheme • Analysis • The second proposed scheme • Review of Odelu et al.’s scheme (2014) • The second our proposed scheme • Analysis • Conclusions and future works

  3. Introduction- Research Motivation KAU • Hierarchical structure • Data-sharing becomes easier • Information security • Avoid unauthorized access • Encrypt the files • Key management President of AU KIET KMBA Dean of College IET Dean of College MBA KIE KEE Chair of Department IE Chair of Department EE KC KA KB KD Prof. B Prof. C Prof. D Prof. A CA=EKA(FA) CB=EKB(FB) CC=EKC(FC)

  4. Introduction- Related works

  5. Requirements • Simple and efficient: Keys generation and derivation • Security: Forward security, common attack • Flexible: Dynamic key management problems • Efficient: The alternation occurring in lowerlevel classes • Small: Public parameters • Minimum: Computational cost

  6. Research objectives • Design a key management scheme for access control in the general hierarchical structure. • Design a key management scheme for access control in the large leaf class hierarchical structure.

  7. Review of Odelu et al.’s scheme (2013)

  8. Key generation phase(1)

  9. Key generation phase (2)

  10. Key derivation phase (1)

  11. Key derivation phase (2)

  12. Key derivation phase (3)

  13. The first our proposed scheme

  14. Key generation phase (1)

  15. Key generation phase (2)

  16. Key derivation phase (1)

  17. Key derivation phase (2)

  18. Key derivation phase (3)

  19. Dynamic key management- Add

  20. Dynamic key management- Delete

  21. Security analysis

  22. Storage complexity analysis [33] M. Nikooghadam, A. Zakerolhosseini, M.E. Moghaddam, Efficient utilization of elliptic curve cryptosystem for hierarchical access control, Journal of Systems and Software, 83 (2010) 1917-1929. [38] S. Wu, K. Chen, An efficient key-management scheme for hierarchical access control in e-medicine system, Journal of medical systems, 36 (2012) 2325-2337. [39] V. Odelu, A.K. Das, A. Goswami, An effective and secure key-management scheme for hierarchical access control in E-medicine system, Journal of medical systems, 37 (2013) 9920.

  23. Computational complexity analysis [33] M. Nikooghadam, A. Zakerolhosseini, M.E. Moghaddam, Efficient utilization of elliptic curve cryptosystem for hierarchical access control, Journal of Systems and Software, 83 (2010) 1917-1929. [38] S. Wu, K. Chen, An efficient key-management scheme for hierarchical access control in e-medicine system, Journal of medical systems, 36 (2012) 2325-2337. [39] V. Odelu, A.K. Das, A. Goswami, An effective and secure key-management scheme for hierarchical access control in E-medicine system, Journal of medical systems, 37 (2013) 9920.

  24. Review of Odelu et al.’s scheme (2014)

  25. Key generation phase (1)

  26. Key generation phase (2)

  27. Key derivation phase (1)

  28. Key derivation phase (2)

  29. Key derivation phase (3)

  30. The second our proposed scheme

  31. Key generation phase (1) … Public parameters

  32. Key generation phase (2)

  33. Key derivation phase (1)

  34. Key derivation phase (2)

  35. Key derivation phase (3)

  36. Key derivation phase (4)

  37. Key derivation phase (5)

  38. Dynamic key management- Add (1)

  39. Dynamic key management- Add (2)

  40. Dynamic key management- Delete

  41. Security analysis

  42. Storage complexity analysis [3] M.S. Hwang, W.P. Yang, Controlling access in large partially ordered hierarchies using cryptographic keys, Journal of Systems and Software, 67 (2003) 99-107. [6] J.W. Lo, M.S. Hwang, C.H. Liu, An efficient key assignment scheme for access control in a large leaf class hierarchy, Information Sciences, 181 (2011) 917-925. [7] V. Odelu, A.K. Das, A. Goswami, A secure effective key management scheme for dynamic access control in a large leaf class hierarchy, Information Sciences, 269 (2014) 270-285. [8] S.G. Akl, P.D. Taylor, Cryptographic solution to a problem of access control in a hierarchy, ACM Trans. Comput. Syst., 1 (1983) 239-248.

  43. Computational complexity analysis [3] M.S. Hwang, W.P. Yang, Controlling access in large partially ordered hierarchies using cryptographic keys, Journal of Systems and Software, 67 (2003) 99-107. [6] J.W. Lo, M.S. Hwang, C.H. Liu, An efficient key assignment scheme for access control in a large leaf class hierarchy, Information Sciences, 181 (2011) 917-925. [7] V. Odelu, A.K. Das, A. Goswami, A secure effective key management scheme for dynamic access control in a large leaf class hierarchy, Information Sciences, 269 (2014) 270-285. [8] S.G. Akl, P.D. Taylor, Cryptographic solution to a problem of access control in a hierarchy, ACM Trans. Comput. Syst., 1 (1983) 239-248.

  44. Conclusions and future works • First proposed scheme • We proposed an improved Odelu et al.’s (2013) method which reduces the computational cost, but we sacrifice the storage space. • However, our proposed scheme in the large leaf node hierarchy causes the large numbers of public parameters. • Second proposed scheme • In Odelu et al.’s scheme (2014), adding a new security class which is immediate predecessor of a leaf node has to change the leaf node’s secret key. • We improved Lo et al.’s and Odelu et al.’s (2014) methods to use two stages to derive the secret key of the leaf node. trades the storage space for the computational cost. • Design the perfect scheme to fulfill the requirements, which is more efficient and flexible.

More Related