Access control ensures that only the authorized users of a system are allowed to access certain resources or tasks. Usually, according to their powers and responsibilities, users are organized in hierarchies formed by a certain number of disjoint classes. Such hierarchies are implemented by assigning a key to each class, so that the keys for descendant classes can be derived efficiently from classes higher in the hierarchy. However, in many cases the only hierarchical access represents a limitation. Indeed, sometimes it might be useful or even necessary to ensure the access to a resource or task to both his direct responsible (or owner) and a group of users possessing certain credentials. In this paper, we first propose a novel model that extends the conventional hierarchical access and allows such access even by certain sets of qualified users. Afterwards, we propose a construction for hierarchical key assignment schemes in this new model. The proposed construction is provably secure with respect to key indistinguishability and relies on both symmetric encryption and perfect secret sharing.

Hierarchical and shared key assignment

CASTIGLIONE, ARCANGELO;DE SANTIS, Alfredo;MASUCCI, Barbara
2014-01-01

Abstract

Access control ensures that only the authorized users of a system are allowed to access certain resources or tasks. Usually, according to their powers and responsibilities, users are organized in hierarchies formed by a certain number of disjoint classes. Such hierarchies are implemented by assigning a key to each class, so that the keys for descendant classes can be derived efficiently from classes higher in the hierarchy. However, in many cases the only hierarchical access represents a limitation. Indeed, sometimes it might be useful or even necessary to ensure the access to a resource or task to both his direct responsible (or owner) and a group of users possessing certain credentials. In this paper, we first propose a novel model that extends the conventional hierarchical access and allows such access even by certain sets of qualified users. Afterwards, we propose a construction for hierarchical key assignment schemes in this new model. The proposed construction is provably secure with respect to key indistinguishability and relies on both symmetric encryption and perfect secret sharing.
2014
9781479942268
9781479942268
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11386/4673374
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 23
  • ???jsp.display-item.citation.isi??? 19
social impact