Browse > Article

Group Key Management Scheme for Access Control with Reactive Approach  

Kim, Hee-Youl (한국과학기술원 전산학과)
Lee, Youn-Ho (한국과학기술원 전산학과 BK)
Park, Yong-Su (한양대학교 컴퓨터공학)
Yoon, Hyun-Soo (한국과학기술원 전산학과)
Publication Information
Journal of KIISE:Computer Systems and Theory / v.34, no.11, 2007 , pp. 589-598 More about this Journal
Abstract
In the group communication which has multiple data streams and various access privileges, it is necessary to provide group access control. The group members having the same access privilege are classified into one class, and the classes form a hierarchy based on the access relations. Then each class is assigned to a secret key. In the previous schemes, a single logical key graph is constructed from the hierarchy and each member always holds all secret keys of the classes he can access in the proactive manner. Thus, higher-privileged members hold more keys then lower-privileged members. However, if the hierarchy is large, each member manages too many keys and the size of multicast message in rekeying increases in proportion to the size of the hierarchy. Moreover, most of the members access a small portion of multiple data streams simultaneously. Therefore, it is redundant to receive rekeying message and update the keys in which he is not currently interested. In this paper, we present a new key management scheme that takes a reactive approach in which each member obtains the key of a data stream only when he wants to access the stream. Each member holds and updates only the key of the class he belongs. If he wants to get the key of other class, he derives it from his key and the public parameter. Proposed scheme considerable reduces the costs for rekeying, especially in the group where access relations are very complex and the hierarchy is large. Moreover, the scheme has another advantage that it easily reflects the change of access relations.
Keywords
group communication; access control; key management;
Citations & Related Records
연도 인용수 순위
  • Reference
1 M. Burmester, Y. Desmedt, 'A secure and efficient conference key distribution system,' In advances in cryptology, Eurocrypt '94, pp. 275-286, 1994
2 C. K. Wong, M. Gouda, S. Lam, 'Secure group communications using key graphs,' In Proceedings of the ACM SIGCOMM '98, pp. 68-79, 1998
3 Y. Kim, A. Perrig, G. Tsudik, 'Communication-efficient group key agreement,' In Proceedings of the 16th international conference on Information security: Trusted information, pp. 229-244, 2001
4 Y. Kim, A. Perrig, G. Tsudik, 'Tree-based group key agreement,' ACM transactions on Information and System Security, Vol.7, No.1, pp. 60-96, 2004   DOI
5 J-C. Birget, X. Zou, G. Noubir, B. Ramamurthy, 'Hierarchical-based access control in distributed environments,' In Proceedings of ICC 2001, 2001
6 S. G. Akl, P. D. Taylor, 'Cryptographic solution to a problem of access control in a hierarchy,' ACM transactions on Computer Systems, Vol.1, No.3, pp. 239-247, 1983   DOI
7 C. Yang, C. Li, 'Access control in a hierarchy using one-way hash functions,' Computers & Security, Vol.23, pp. 659-664, 2004   DOI   ScienceOn
8 C. H. Lin, 'Dynamic key management schemes for access control in a hierarchy,' Computer Communications, Vol.20, pp. 1381-1385, 1997   DOI   ScienceOn
9 Y. Sun, K. J. Ray Liu, 'Scalable hierarchical access control in secure group communications,' In Proceedings of IEEE INFOCOM, pp. 1296-1306, 2004
10 Q. Zhang, Y. Wang, 'A centralized key management scheme for hierarchical access control,' In Proceedings of IEEE Globecom, pp. 2067-2071 2004
11 X. Zou, 'Secure group communications and hierarchical access control,' PhD. Thesis, University of Nebraska-Lincoln, USA, 2000
12 M. Valdvogel, G. Caronni, D. Sun, N. Weiler, B. Plattner, 'The versakey framework: versatile group key management,' IEEE JSAC special issue on Service Enabling Platforms For Networked Multimedia Systems, Vol.17, No.9, 1999
13 http://www.cpktec.com/performance.html
14 M. Steiner, G. Tsudik, M. Waidner, 'Key agreement in dynamic peer groups,' IEEE transactions on Parallel Distributed Systems, Vol.11, No.8, pp. 769-780, 2000   DOI   ScienceOn