New Insights on cryptographic hierarchical access control: models, schemes and analysis
Abstract
Nowadays the current network-centric world has given rise to several
security concerns regarding the access control management, which ensures that only authorized users are given access to certain resources
or tasks. In particular, according to their respective roles and responsibilities, users are typically organized into hierarchies composed of
several disjoint classes (security classes). A hierarchy is characterized
by the fact that some users may have more access rights than others,
according to a top-down inclusion paradigm following specific hierarchical dependencies. A user with access rights for a given class is
granted access to objects stored in that class, as well as to all the descendant ones in the hierarchy. The problem of key management for
such hierarchies consists in assigning a key to each class of the hierarchy, so that the keys for descendant classes can be e ciently obtained
from users belonging to classes at a higher level in the hierarchy.
In this thesis we analyze the security of hierarchical key assignment
schemes according to di erent notions: security with respect to key
indistinguishability and against key recovery [4], as well as the two
recently proposed notions of security with respect to strong key indistinguishability and against strong key recovery [42]. More precisely,
we first explore the relations between all security notions and, in particular, we prove that security with respect to strong key indistinguishability is not stronger than the one with respect to key indistinguishability. Afterwards, we propose a general construction yielding
a hierarchical key assignment scheme that ensures security against
strong key recovery, given any hierarchical key assignment scheme
which guarantees security against key recovery.
Moreover, we define the concept of hierarchical key assignment
schemes supporting dynamic updates, formalizing the relative security model. In particular, we provide the notions of security with
respect to key indistinguishability and key recovery, by taking into account the dynamic changes to the hierarchy. Furthermore, we show
how to construct a hierarchical key assignment scheme supporting dynamic updates, by using as a building block a symmetric encryption
scheme. The proposed construction is provably secure with respect to
key indistinguishability, provides e cient key derivation and updating procedures, while requiring each user to store only a single private
key.
Finally, we propose a novel model that generalizes the conventional
hierarchical access control paradigm, by extending it to certain additional sets of quali ed users. Afterwards, we propose two constructions for hierarchical key assignment schemes in this new model, which
are provably secure with respect to key indistinguishability. In particular, the former construction relies on both symmetric encryption
and perfect secret sharing, whereas, the latter is based on public-key
threshold broadcast encryption. [edited by Author]