Key Management for Role Hierarchy in Distributed Systems

  • Celia Li
  • Cungang Yang
  • Richard Cheung
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3574)


As distributed computing system grow in size, complexity and variety of application, the problem of protecting sensitive data from unauthorized disclosure and tampering becomes increasingly important. In this paper, we present a cryptographic key management solution to the role-based access control (RBAC) model in distributed systems. The key management method used for distributed system is decentralized. Each local domain is managed by its local domain security manager and any key modifications of roles in a local domain will not affect the keys of roles in other local domains.


Hash Function Local Domain Public Parameter Access Control System Role Hierarchy 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Akl, S.G., Taylor, P.D.: Cryptographic Solution to a Multilevel Security Problem. In: Chaum, D., Rivest, R.L., Sherman, A.T. (eds.) Advanced in CryptologyGoogle Scholar
  2. 2.
    Akland, S.G., Taylor, P.D.: Cryptographic Solution to a Problem of Access Control in a Hierarchy. ACM Transaction on Computer Sysdtems 1(3), 239–248 (1983)CrossRefGoogle Scholar
  3. 3.
    Barka, E., Sandhu, R.: A Role-Based Delegation Model and Some Extensions. In: Proc. of 23rd National Information Systems Security Conference (NISSC 2000) (December 2000)Google Scholar
  4. 4.
    Blaze, M.: A cryptographic file system for UNIX. In: ACM Conference on Computer and Communications Security, pp. 9–16 (1993)Google Scholar
  5. 5.
    Extensible Markup Language (XML),
  6. 6.
    Ferraiolo, D., Sandhu, R., Gavrila, E., Kuhn, D.R., Chandramouli, R.: Proposed NIST Standard for Role-Based Access Control. ACM Transactions on Information and System Security 4(3), 224–274 (2001)CrossRefGoogle Scholar
  7. 7.
    Fu, K.: Group sharing and random access in cryptographic storage file systems. Master’s thesis, Massachusetts Institute of Technology (1999)Google Scholar
  8. 8.
    Kaijser, P.: A review of the SESAME development. In: Boyd, C., Dawson, E. (eds.) ACISP 1998. LNCS, vol. 1438, p. 1. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  9. 9.
    Mackinnon, S.T., Taylor, P.D.: An optimal algorithm for assigning cryptographic keys to control access in a hierarchy. IEEE Transaction on Computer systems C-34(9), 797–802 (1985)CrossRefGoogle Scholar
  10. 10.
    Parker, T., Pinkas, D.: SESAME V4 – Overview. SESAME systems documentation,
  11. 11.
    Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-Based Access Control Models. IEEE Computer 29(2) ( February 1996)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Celia Li
    • 1
  • Cungang Yang
    • 1
  • Richard Cheung
    • 1
  1. 1.Department of Electrical and Computer EngineeringRyerson UniversityToronto

Personalised recommendations