Hierarchical and Shared Access Control
Autor: | Xinyi Huang, Arcangelo Castiglione, Barbara Masucci, Jin Li, Aniello Castiglione, Francesco Palmieri, Alfredo De Santis |
---|---|
Jazyk: | angličtina |
Rok vydání: | 2016 |
Předmět: |
Theoretical computer science
Computer access control Computer Networks and Communications Computer science Distributed computing 0211 other engineering and technologies Key distribution Access control 0102 computer and information sciences 02 engineering and technology Encryption 01 natural sciences Secret sharing Discretionary access control Role-based access control Pre-shared key Safety Risk Reliability and Quality 021110 strategic defence & security studies business.industry Symmetric-key algorithm 010201 computation theory & mathematics Probabilistic encryption Physical access 40-bit encryption Attribute-based encryption business Broadcast encryption |
Popis: | Access control ensures that only the authorized users of a system are allowed to access certain resources or tasks. Usually, according to their roles and responsibilities, users are organized in hierarchies formed by a certain number of disjoint classes. Such hierarchies are implemented by assigning a key to each class, so that the keys for descendant classes can be efficiently derived from classes higher in the hierarchy. However, pure hierarchical access may represent a limitation in many real-world cases. In fact, sometimes it is necessary to ensure access to a resource or task by considering both its directly responsible user and a group of users possessing certain credentials. In this paper, we first propose a novel model that generalizes the conventional hierarchical access control paradigm, by extending it to certain additional sets of qualified users. Afterward, we propose two constructions for hierarchical key assignment schemes in this new model, which are provably secure with respect to key indistinguishability. In particular, the former construction relies on both symmetric encryption and perfect secret sharing, whereas, the latter is based on public-key threshold broadcast encryption. |
Databáze: | OpenAIRE |
Externí odkaz: |