Advertisement

An Information-Theoretic Approach to the Access Control Problem

  • Anna Lisa Ferrara
  • Barbara Masucci
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2841)

Abstract

In this paper we propose an information-theoretic approach to the access control problem in a scenario where a group of users is divided into a number of disjoint classes. The set of rules that specify the information flow between different user classes in the system defines an access control policy. An access control policy can be implemented by using a key assignment scheme, where a trusted central authority (CA) assigns an encryption key and some private information to each class. We consider key assignment schemes which are unconditionally secure against attacks carried out by any coalition of classes. We show lower bounds on the size of the private information that each class has to store and on the amount of randomness needed by the CA to set up any key assignment scheme. Finally, we propose an optimal construction for unconditionally secure key assignment schemes.

Keywords

Access Control Directed Graph Private Information Central Authority Joint Probability Distribution 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Akl, S.G., Taylor, P.D.: Cryptographic Solution to a Problem of Access Control in a Hierarchy. ACM Trans. Comput. Syst. 1(3), 239–248 (1983)CrossRefGoogle Scholar
  2. 2.
    Chang, C.C., Hwang, R.J., Wu, T.C.: Cryptographic Key Assignment Scheme for Access Control in a Hierarchy. Information Systems 17(3), 243–247 (1992)CrossRefGoogle Scholar
  3. 3.
    Cover, T.M., Thomas, J.A.: Elements of Information Theory. John Wiley & Sons, Chichester (1991)zbMATHCrossRefGoogle Scholar
  4. 4.
    De Santis, A., Ferrara, A.L., Masucci, B.: Cryptographic Key Assignment Schemes for Any Access Control Policy (submitted for publication)Google Scholar
  5. 5.
    De Santis, A., Ferrara, A.L., Masucci, B.: Unconditionally Secure Hierarchical Key Assignment Schemes. In: Proc. of the International Workshop on Coding and Cryptography - WCC 2003, Versailles, France, March 24–28 (2003)Google Scholar
  6. 6.
    Harn, L., Lin, H.Y.: A Cryptographic Key Generation Scheme for Multilevel Data Security. Computers and Security 9(6), 539–546 (1990)CrossRefGoogle Scholar
  7. 7.
    Hwang, M.S.: A Cryptographic Key Assignment Scheme in a Hierarchy for Access Control. Math. Comput. Modeling 26(1), 27–31 (1997)zbMATHCrossRefGoogle Scholar
  8. 8.
    Hwang, M.S.: An Improvement of a Dynamic Cryptographic Key Assignment Scheme in a Tree Hierarchy. Comput. Math. Appl. 37(3), 19–22 (1999)CrossRefMathSciNetGoogle Scholar
  9. 9.
    Hwang, M.S.: Cryptanalysis of YCN Key Assignment Scheme in a Hierarchy. Information Processing Letters 73, 97–101 (2000)zbMATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    Hwang, M.S., Yang, W.P., Chang, C.C.: Modified Chang-Hwang-Wu Access Control Scheme. Electronic Letters 29(24), 2095–2096 (1993)CrossRefGoogle Scholar
  11. 11.
    Knuth, D.E., Yao, A.C.: The Complexity of Nonuniform Random Number Generation. In: Algorithms and Complexity, pp. 357–428. Academic Press, London (1976)Google Scholar
  12. 12.
    Liaw, H.T., Wang, S.J., Lei, C.L.: A Dynamic Cryptographic Key Assignment Scheme in a Tree Structure. Comput. Math. Appl. 25(6), 109–114 (1993)zbMATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    Liaw, H.T., Lei, C.L.: An Optimal Algorithm to Assign Cryptographic Keys in a Tree Structure for Access Control. BIT 33, 46–56 (1993)zbMATHCrossRefMathSciNetGoogle Scholar
  14. 14.
    Lin, C.H.: Dynamic Key Management Schemes for Access Control in a Hierarchy. Computer Communications 20, 1381–1385 (1997)CrossRefGoogle Scholar
  15. 15.
    MacKinnon, S.J., Taylor, P.D., Meijer, H., Akl, S.G.: An Optimal Algorithm for Assigning Cryptographic Keys to Control Access in a Hierarchy. IEEE Trans. Comput. C-34(9), 797–802 (1985)CrossRefGoogle Scholar
  16. 16.
    Ray, I., Ray, I., Narasimhamurthi, N.: A Cryptographic Solution to Implement Access Control in a Hierarchy and More. In: Proc. of the Seventh ACM Symposium on Access Models and Technologies, pp. 65–73. ACM Press, New York (2002)CrossRefGoogle Scholar
  17. 17.
    Sandhu, R.S.: Cryptographic Implementation of a Tree Hierarchy for Access Control. Information Processing Letters 27, 95–98 (1988)CrossRefGoogle Scholar
  18. 18.
    Shen, V.R.L., Chen, T.S., Lai, F.: Novel Cryptographic Key Assignment Scheme for Dynamic Access Control in a Hierarchy. IEICE Trans. on Fundamentals E80- A(10), 2035–2037 (1997)Google Scholar
  19. 19.
    Yeh, J.H., Chow, R., Newman, R.: A Key Assignment for Enforcing Access Control Policy Exceptions. In: Proc. of the International Symposium on Internet Technology, pp. 54–59 (1998)Google Scholar
  20. 20.
    Tzeng, W.-G.: A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy. IEEE Trans. on Knowledge and Data Eng. 14 (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Anna Lisa Ferrara
    • 1
  • Barbara Masucci
    • 1
  1. 1.Dipartimento di Informatica ed ApplicazioniUniversità di SalernoBaronissi (SA)Italy

Personalised recommendations