Abstract
In key assignment schemes for hierarchical access control systems, each access class has a key associated with it that can be used to derive the keys associated with every descendant of that class. Many recently proposed key assignment schemes support updates to the hierarchy such as addition and deletion of classes and class relationships. The dynamic changes entail a change to the hierarchy as well as re-computing of public and secret information. In this paper, we describe a software tool that supports the animation of specifications of dynamic schemes. The specification of a scheme, written in Prolog, corresponds to a symbolic model of the algorithms used by the scheme for key generation and for handling dynamic changes. The tool allows us to generate a test hierarchy, generate keys for the classes in the hierarchy, and simulate various dynamic operations. The animation search using the tool has shown to be useful in finding previously unreported attacks on several existing dynamic schemes.
Keywords
- Public Information
- Secret Information
- Dynamic Scheme
- Fair Exchange Protocol
- Dynamic Access Control
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, access via your institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Akl, S.G., Taylor, P.D.: Cryptographic solution to a problem of access control in a hierarchy. ACM Trans. Comput. Syst. 1(3), 239–248 (1983)
Kayem, A.V.D.M., Akl, S.G., Martin, P.: On replacing cryptographic keys in hierarchical key management systems. Journal of Computer Security 16(3), 289–309 (2008)
Lin, C.-H.: Dynamic key management schemes for access control in a hierarchy. Computer Communications 20(15), 1381–1385 (1997)
Lin, C.-H.: Hierarchical key assignment without public-key cryptography. Computers & Security 20(7), 612–619 (2001)
Lo, J.-W., Hwang, M.-S., Liu, C.-H.: An efficient key assignment scheme for access control in a large leaf class hierarchy. Inf. Sci. 181(4), 917–925 (2011)
Shen, V.R.L., Chen, T.-S.: A novel key management scheme based on discrete logarithms and polynomial interpolations. Computers & Security 21(2), 164–171 (2002)
Wu, T.-C., Chang, C.-C.: Cryptographic key assignment scheme for hierarchical access control. Comput. Syst. Sci. Eng. 16(1), 25–28 (2001)
Yang, C., Li, C.: Access control in a hierarchy using one-way hash functions. Computers & Security 23(8), 659–664 (2004)
Atallah, M.J., Frikken, K.B., Blanton, M.: Dynamic and efficient key management for access hierarchies. In: Atluri, V., Meadows, C., Juels, A. (eds.) ACM Conference on Computer and Communications Security, pp. 190–202. ACM (2005)
Millen, J.K., Clark, S.C., Freedman, S.B.: The interrogator: Protocol security analysis. IEEE Trans. Software Eng. 13(2), 274–288 (1987)
Longley, D., Rigby, S.: An automatic search for security flaws in key management schemes. Computers & Security 11(1), 75–89 (1992)
Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: CSFW, pp. 82–96. IEEE Computer Society (2001)
Boyd, C., Kearney, P.: Exploring Fair Exchange Protocols Using Specification Animation. In: Pieprzyk, J., Okamoto, E., Seberry, J. (eds.) ISW 2000. LNCS, vol. 1975, pp. 209–223. Springer, Heidelberg (2000)
Tang, S.: Efficient key assignment for hierarchical access control using one-way hash function. In: Proceedings of the 10th WSEAS International Conference on Computers, ICCOMP 2006, Stevens Point, Wisconsin, USA, pp. 350–354 (2006)
Chen, T.-S., Huang, J.-Y.: A novel key management scheme for dynamic access control in a user hierarchy. Applied Mathematics and Computation 162(1), 339–351 (2005)
He, Z.H., Li, Y.-S.: Dynamic key management in a user hierarchy. In: 2nd International Conference on Anti-counterfeiting, Security and Identification, ASID 2008, pp. 298–300 (August 2008)
Crampton, J., Martin, K.M., Wild, P.R.: On key assignment for hierarchical access control. In: CSFW, pp. 98–111. IEEE Computer Society (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mundra, A., Mathuria, A., Das, M.L. (2012). Detecting Flaws in Dynamic Hierarchical Key Management Schemes Using Specification Animation. In: Ramanujam, R., Ramaswamy, S. (eds) Distributed Computing and Internet Technology. ICDCIT 2012. Lecture Notes in Computer Science, vol 7154. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28073-3_15
Download citation
DOI: https://doi.org/10.1007/978-3-642-28073-3_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-28072-6
Online ISBN: 978-3-642-28073-3
eBook Packages: Computer ScienceComputer Science (R0)
