• Extended hierarchical key assignment scheme (E-HKAS): how to efficiently enforce explicit policy exceptions in dynamic hierarchies

    • Fulltext


        Click here to view fulltext PDF

      Permanent link:

    • Keywords


      Flexible access control; extended hierarchical key assignment; group proxy re-encryption.

    • Abstract


      In this paper, we focus on practically motivated flexibility requirements for the hierarchical access control model, namely transitive exception and anti-symmetric exception. Additionally, we motivate a new flexibility requirement called ‘‘class delegation with descendant(s) safety’’ in a practical application scenario.We propose our extended hierarchical key assignment scheme (E-HKAS) that satisfies all three aforementioned flexibility requirements in a dynamic hierarchy of security classes. To propose a generic E-HKAS, we model the hierarchical access control policy as a collection of access groups. E-HKAS enforces transitive and antisymmetric exceptions using an efficient group-based encryption scheme. To enforce class delegation with descendant(s) safety, we propose a novel cryptographic primitive called group proxy re-encryption (GPRE) thatsupports proxy re-encryption between two access groups. We present an IND-CPA-secure construction of our proposed GPRE scheme and formally prove its security. Performance analysis shows that the proposed E-HKASenforces explicit transitive and anti-symmetric exceptions more efficiently than the existing approaches in the literature. Computation cost for key derivation is constant and does not depend on the depth of the hierarchy. Also, to enforce class delegation with descendant(s) safety, the proposed E-HKAS requires constant number of computational steps to be executed.

    • Author Affiliations



      1. Department of Computer Science and Engineering, National Institute of Technology Goa, Farmagudi, Farmagudi 403401, India
    • Dates

  • Sadhana | News

    • Editorial Note on Continuous Article Publication

      Posted on July 25, 2019

      Click here for Editorial Note on CAP Mode

© 2017-2019 Indian Academy of Sciences, Bengaluru.