An Efficient Time-Bound Hierarchical Key Assignment Scheme with a New Merge Function: A Performance Study

The advent of digital age has resulted in more television consumers switching to Digital TV with considerable improvement in image quality and ease-of-use. Consumers are able to select and view television programs and channels of choice by using a pay-per-use model or streaming video from their computer terminals. In all these use cases, the media provider requires a means by which they can restrict the consumers from watching selected programs for a pre-approved temporal interval. The consumer needs to be prevented access to certain pay-per-use channels and programs upon expiry of this pre-approved access. This necessitates the media provider to have a way to generate and assign time-bound secure access keys which could be granted and removed easily. In conventional key assignment schemes, one has to renew the keys periodically and redistribute the keys to the users accordingly. To allow a user to access all the authorized data over some temporal window, this straightforward implementation requires him/her to keep a lot of keys which is very inefficient. In contrast to conventional schemes, a time-bound hierarchical key assignment scheme updates the keys periodically according to the class hierarchy and an entity only keeps a small amount of information for deriving all his entitled keys. Wang and Laih (WL) proposed a scheme with a concept of merging, which provides a systematic way to solve the problem. Yeh-Shyam (YS) scheme has improved on the WL scheme and has theoretically shown polynomial improvement in both memory and performance requirement. In this project, we will compare and contrast these secure key generation techniques and provide comparative analytical results

Key Indistinguishability vs. Strong Key Indistinguishability for Hierarchical Key Assignment Schemes

A hierarchical key assignment scheme is a method to assign some private information and encryption keys to a set of classes in a partially ordered hierarchy, in such a way that the private information of a higher class can be used to derive the keys of all classes lower down in the hierarchy. In this paper we analyze the security of hierarchical key assignment schemes according to different notions: security with respect to key indistinguishability and against key recovery, as well as the two recently proposed notions of security with respect to strong key indistinguishability and against strong key recovery. We first explore the relations between all security notions and, in particular, we prove that security with respect to strong key indistinguishability is not stronger than the one with respect to key indistinguishability. Afterwards, we propose a general construction yielding a hierarchical key assignment scheme offering security against strong key recovery, given any hierarchical key assignment scheme which guarantees security against key recovery

Lazy updates in key assignment schemes for hierarchical access control

Hierarchical access control policies are used to restrict access to objects by users based on their respective security labels. There are many key assignment schemes in the literature for implementing such policies using cryptographic mechanisms. Updating keys in such schemes has always been problematic, not least because many objects may be encrypted with the same key. We propose a number of techniques by which this process can be improved, making use of the idea of lazy key updates, which have been studied in the context of cryptographic file systems. We demonstrate in passing that schemes for lazy key updates can be regarded as simple instances of key assignment schemes. Finally, we illustrate the utility of our techniques by applying them to hierarchical file systems and to temporal access control policies

Provably-Secure Time-Bound Hierarchical Key Assignment Schemes

A time-bound hierarchical key assignment scheme is a method to assign time-dependent encryption keys to a set of classes in a partially ordered hierarchy, in such a way that each class can compute the keys of all classes lower down in the hierarchy, according to temporal constraints. In this paper we design and analyze time-bound hierarchical key assignment schemes which are provably-secure and efficient. We consider both the unconditionally secure and the computationally secure settings and distinguish between two different goals: security with respect to key indistinguishability and against key recovery. We first present definitions of security with respect to both goals in the unconditionally secure setting and we show tight lower bounds on the size of the private information distributed to each class. Then, we consider the computational setting and we further distinguish security against static and adaptive adversarial behaviors. We explore the relations between all possible combinations of security goals and adversarial behaviors and, in particular, we prove that security against adaptive adversaries is (polynomially) equivalent to security against static adversaries. Afterwards, we prove that a recently proposed scheme is insecure against key recovery. Finally, we propose two different constructions for time-bound key assignment schemes. The first one is based on symmetric encryption schemes, whereas, the second one makes use of bilinear maps. Both constructions support updates to the access hierarchy with local changes to the public information and without requiring any private information to be re-distributed. These appear to be the first constructions for time-bound hierarchical key assignment schemes which are simultaneously practical and provably-secure

User-differentiated hierarchical key management for the bring-your-own-device environments

To ensure confidentiality, the sensitive electronic data held within a corporation is always carefully encrypted and stored in a manner so that it is inaccessible to those parties who are not involved. During this process, the specific manners of how to keep, distribute, use, and update keys which are used to encrypt the sensitive data become an important thing to be considered. Through use of hierarchical key management, a technique that provides access controls in multi-user systems where a portion of sensitive resources shall only be made available to authorized users or security ordinances, required information is distributed on a need-to-know basis. As a result of this hierarchical key management, time-bound hierarchical key management further adds time controls to the information access process. There is no existing hierarchical key management scheme or time-bound hierarchical key management scheme which is able to differentiate users with the same authority. When changes are required for any user, all other users who have the same access authorities will be similarly affected, and this deficiency then further deteriorates due to a recent trend which has been called Bring-Your-Own-Device. This thesis proposes the construction of a new time-bound hierarchical key management scheme called the User-Differentiated Two-Layer Encryption-Based Scheme (UDTLEBC), one which is designed to differentiate between users. With this differentiation, whenever any changes are required for one user during the processes of key management, no additional users will be affected during these changes and these changes can be done without interactions with the users. This new scheme is both proven to be secure as a time-bound hierarchical key management scheme and efficient for use in a BYOD environment

Self-Protecting Access Control: On Mitigating Privacy Violations with Fault Tolerance

Self-protecting access control mechanisms can be described as an approach to enforcing security in a manner that automatically protects against violations of access control rules. In this chapter, we present a comparative analysis of standard Cryptographic Access Control (CAC) schemes in relation to privacy enforcement on the Web. We postulate that to mitigate privacy violations, self-protecting CAC mechanisms need to be supported by fault-tolerance. As an example of how one might to do this, we present two solutions that are inspired by the autonomic computing paradigm1. Our solutions are centered on how CAC schemes can be extended to protect against privacy violations that might arise from key updates and collusion attacks

Secure Integration of Wireless Sensor Networks into Applications

Wireless sensors are small devices that are able to gather, process and deliver information from a physical environment to an external system. By doing so, they open new applications in different domains, such as healthcare, traffc control, defense and agriculture. The integration of Wireless Sensor Networks (WSN) with Business Applications (BA) raises technical and security related challenges. Existing approaches target technical issues such as interoperability between WSN and BAs or heterogeneity of acquired sensor data. In this work, we start by performing an analysis of the risks that such an integration of WSNs with BAs may present using the NIST SP 800-30 recommendations. We then introduce and analyze an effcient security scheme that does not use complex operations and guarantees end-to-end confidentiality of sensor data. Finally, we provide an in silico proof-of-concept and validate it using a real WSN co-developed with Cisco Systems France