CRYPTOGRAPHIC KEY ASSIGNMENT SCHEME FOR ACCESS-CONTROL IN A HIERARCHY

Abstract

A cryptographic key assignment scheme for access control in a user hierarchy is proposed. The users and their owned information items are classified into disjoint sets of security classes where the hierarchy on security classes is an arbitrary partial order. Based on Newton's interpolation method and a predefined one-way function, each security class C(i) is assigned a secret key SK(i) and some public parameters (P1i, P2i). The information items owned by the security class C(i) are encrypted by an available symmetric cryptosystem with the enciphering key SK(i). Through the computing of the assigned security key and the public parameters, only the security class in the higher level can derive any of his successors' secret keys. Thus, only the security classes in the higher level can access the information items owned by the security classes in the lower level. We also show that our proposed scheme is not only secure but also practical.