58,441 research outputs found

    User-differentiated hierarchical key management for the bring-your-own-device environments

    Get PDF
    To ensure confidentiality, the sensitive electronic data held within a corporation is always carefully encrypted and stored in a manner so that it is inaccessible to those parties who are not involved. During this process, the specific manners of how to keep, distribute, use, and update keys which are used to encrypt the sensitive data become an important thing to be considered. Through use of hierarchical key management, a technique that provides access controls in multi-user systems where a portion of sensitive resources shall only be made available to authorized users or security ordinances, required information is distributed on a need-to-know basis. As a result of this hierarchical key management, time-bound hierarchical key management further adds time controls to the information access process. There is no existing hierarchical key management scheme or time-bound hierarchical key management scheme which is able to differentiate users with the same authority. When changes are required for any user, all other users who have the same access authorities will be similarly affected, and this deficiency then further deteriorates due to a recent trend which has been called Bring-Your-Own-Device. This thesis proposes the construction of a new time-bound hierarchical key management scheme called the User-Differentiated Two-Layer Encryption-Based Scheme (UDTLEBC), one which is designed to differentiate between users. With this differentiation, whenever any changes are required for one user during the processes of key management, no additional users will be affected during these changes and these changes can be done without interactions with the users. This new scheme is both proven to be secure as a time-bound hierarchical key management scheme and efficient for use in a BYOD environment

    A Diffie-Hellman based key management scheme for hierarchical access control

    Get PDF
    All organizations share data in a carefully managed fashion\ud by using access control mechanisms. We focus on enforcing access control by encrypting the data and managing the encryption keys. We make the realistic assumption that the structure of any organization is a hierarchy of security classes. Data from a certain security class can only be accessed by another security class, if it is higher or at the same level in the hierarchy. Otherwise access is denied. Our solution is based on the Die-Hellman key exchange protocol. We show, that the theoretical worst case performance of our solution is slightly better than that of all other existing solutions. We also show, that our performance in practical cases is linear in the size of the hierarchy, whereas the best results from the literature are quadratic

    The Melbourne Shuffle: Improving Oblivious Storage in the Cloud

    Full text link
    We present a simple, efficient, and secure data-oblivious randomized shuffle algorithm. This is the first secure data-oblivious shuffle that is not based on sorting. Our method can be used to improve previous oblivious storage solutions for network-based outsourcing of data

    Security and Privacy Issues in Wireless Mesh Networks: A Survey

    Full text link
    This book chapter identifies various security threats in wireless mesh network (WMN). Keeping in mind the critical requirement of security and user privacy in WMNs, this chapter provides a comprehensive overview of various possible attacks on different layers of the communication protocol stack for WMNs and their corresponding defense mechanisms. First, it identifies the security vulnerabilities in the physical, link, network, transport, application layers. Furthermore, various possible attacks on the key management protocols, user authentication and access control protocols, and user privacy preservation protocols are presented. After enumerating various possible attacks, the chapter provides a detailed discussion on various existing security mechanisms and protocols to defend against and wherever possible prevent the possible attacks. Comparative analyses are also presented on the security schemes with regards to the cryptographic schemes used, key management strategies deployed, use of any trusted third party, computation and communication overhead involved etc. The chapter then presents a brief discussion on various trust management approaches for WMNs since trust and reputation-based schemes are increasingly becoming popular for enforcing security in wireless networks. A number of open problems in security and privacy issues for WMNs are subsequently discussed before the chapter is finally concluded.Comment: 62 pages, 12 figures, 6 tables. This chapter is an extension of the author's previous submission in arXiv submission: arXiv:1102.1226. There are some text overlaps with the previous submissio
    • …
    corecore