Tree-Based Cryptographic Access Control

  • James Alderman
  • Naomi Farley
  • Jason Crampton
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10492)


As more and more data is outsourced to third party servers, the enforcement of access control policies using cryptographic techniques becomes increasingly important. Enforcement schemes based on symmetric cryptography typically issue users a small amount of secret material which, in conjunction with public information, allows the derivation of decryption keys for all data objects for which they are authorized.

We generalize the design of prior enforcement schemes by mapping access control policies to a graph-based structure. Unlike prior work, we envisage that this structure may be defined independently of the policy to target different efficiency goals; the key issue then is how best to map policies to such structures. To exemplify this approach, we design a space-efficient KAS based on a binary tree which imposes a logarithmic bound on the required number of derivations whilst eliminating public information. In the worst case, users may require more cryptographic material than in prior schemes; we mitigate this by designing heuristic optimizations of the mapping and show through experimental results that our scheme performs well compared to existing schemes.


  1. 1.
    Akl, S.G., Taylor, P.D.: Cryptographic solution to a problem of access control in a hierarchy. ACM Trans. Comput. Syst. 1(3), 239–248 (1983)CrossRefGoogle Scholar
  2. 2.
    Atallah, M.J., Blanton, M., Fazio, N., Frikken, K.B.: Dynamic and Efficient Key Management for Access Hierarchies. ACM Trans. Inf. Syst. Secur. 12(3) (2009)Google Scholar
  3. 3.
    Atallah, M.J., Blanton, M., Frikken, K.B.: Efficient techniques for realizing geo-spatial access control. In: Bao, F., Miller, S. (eds.) ASIACCS, pp. 82–92. ACM (2007)Google Scholar
  4. 4.
    Atallah, M.J., Blanton, M., Frikken, K.B.: Incorporating temporal capabilities in existing key management schemes. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 515–530. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-74835-9_34 CrossRefGoogle Scholar
  5. 5.
    Ateniese, G., Santis, A.D., Ferrara, A.L., Masucci, B.: Provably-secure time-bound hierarchical key assignment schemes. J. Cryptol. 25(2), 243–270 (2012)MathSciNetCrossRefzbMATHGoogle Scholar
  6. 6.
    Backes, M., Cachin, C., Oprea, A.: Secure key-updating for lazy revocation. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 327–346. Springer, Heidelberg (2006). doi: 10.1007/11863908_21 CrossRefGoogle Scholar
  7. 7.
    Bell, D.E., LaPadula, L.J.: Computer security model: Unified exposition and Multics interpretation. Technical report, ESD-TR-75-306, MITRE Corp. (1975)Google Scholar
  8. 8.
    Blundo, C., Cimato, S., di Vimercati, S.D.C., Santis, A.D., Foresti, S., Paraboschi, S., Samarati, P.: Managing key hierarchies for access control enforcement: heuristic approaches. Comput. Secur. 29(5), 533–547 (2010)CrossRefGoogle Scholar
  9. 9.
    Castiglione, A., Santis, A.D., Masucci, B., Palmieri, F., Castiglione, A., Li, J., Huang, X.: Hierarchical and shared access control. IEEE Trans. Inf. Foren. Secur. 11(4), 850–865 (2016)Google Scholar
  10. 10.
    Crampton, J.: On permissions, inheritance and role hierarchies. In: Jajodia, S., Atluri, V., Jaeger, T. (eds.) ACM Conference on Computer and Communications Security, pp. 85–92. ACM (2003)Google Scholar
  11. 11.
    Crampton, J.: Cryptographic enforcement of role-based access control. In: Degano, P., Etalle, S., Guttman, J. (eds.) FAST 2010. LNCS, vol. 6561, pp. 191–205. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-19751-2_13 CrossRefGoogle Scholar
  12. 12.
    Crampton, J.: Practical and efficient cryptographic enforcement of interval-based access control policies. ACM Trans. Inf. Syst. Secur. 14(1), 14 (2011)CrossRefGoogle Scholar
  13. 13.
    Crampton, J., Daud, R., Martin, K.M.: Constructing key assignment schemes from chain partitions. In: Foresti, S., Jajodia, S. (eds.) DBSec 2010. LNCS, vol. 6166, pp. 130–145. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-13739-6_9 CrossRefGoogle Scholar
  14. 14.
    Crampton, J., Farley, N., Gutin, G., Jones, M.: Optimal constructions for chain-based cryptographic enforcement of information flow policies. In: Samarati, P. (ed.) DBSec 2015. LNCS, vol. 9149, pp. 330–345. Springer, Cham (2015). doi: 10.1007/978-3-319-20810-7_23 CrossRefGoogle Scholar
  15. 15.
    Crampton, J., Farley, N., Gutin, G., Jones, M., Poettering, B.: Cryptographic enforcement of information flow policies without public information. In: Malkin, T., Kolesnikov, V., Lewko, A.B., Polychronakis, M. (eds.) ACNS 2015. LNCS, vol. 9092, pp. 389–408. Springer, Cham (2015). doi: 10.1007/978-3-319-28166-7_19 CrossRefGoogle Scholar
  16. 16.
    Crampton, J., Martin, K.M., Wild, P.R.: On key assignment for hierarchical access control. In: CSFW, pp. 98–111. IEEE Computer Society (2006)Google Scholar
  17. 17.
    Freire, E.S.V., Paterson, K.G., Poettering, B.: Simple, efficient and strongly KI-secure hierarchical key assignment schemes. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 101–114. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-36095-4_7 CrossRefGoogle Scholar
  18. 18.
    Galil, Z.: Efficient algorithms for finding maximum matching in graphs. ACM Comput. Surv. 18(1), 23–38 (1986)MathSciNetCrossRefzbMATHGoogle Scholar
  19. 19.
    Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. J. ACM 33(4), 792–807 (1986)MathSciNetCrossRefzbMATHGoogle Scholar
  20. 20.
    Sandhu, R.S., Ferraiolo, D.F., Kuhn, D.R.: The NIST model for role-based access control: towards a unified standard. In: ACM Workshop on Role-Based Access Control, pp. 47–63 (2000)Google Scholar
  21. 21.
    Santis, A.D., Ferrara, A.L., Masucci, B.: Efficient provably-secure hierarchical key assignment schemes. In: Kučera, L., Kučera, A. (eds.) MFCS 2007. LNCS, vol. 4708, pp. 371–382. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-74456-6_34 CrossRefGoogle Scholar
  22. 22.
    Santis, A.D., Ferrara, A.L., Masucci, B.: New constructions for provably-secure time-bound hierarchical key assignment schemes. In: Lotz, V., Thuraisingham, B.M. (eds.) SACMAT 2007, 12th ACM Symposium on Access Control Models and Technologies, Sophia Antipolis, France, June 20–22, 2007, Proceedings, pp. 133–138. ACM (2007)Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Royal HollowayUniversity of LondonEghamUK

Personalised recommendations