cryptographically enforced hierarchical
play

Cryptographically-Enforced Hierarchical scheme An unbounded Access - PowerPoint PPT Presentation

Jan 08, 2023 •235 likes •673 views

Preliminaries A bounded asynchronous Cryptographically-Enforced Hierarchical scheme An unbounded Access Control with Multiple Keys asynchronous scheme Concluding remarks Jason Crampton Questions Information Security Group Royal

  1. Preliminaries A bounded asynchronous Cryptographically-Enforced Hierarchical scheme An unbounded Access Control with Multiple Keys asynchronous scheme Concluding remarks Jason Crampton Questions Information Security Group Royal Holloway, University of London NordSec 2007

  2. Hierarchical access control Preliminaries A bounded asynchronous scheme An unbounded Given asynchronous a scheme ◮ a partially ordered set of security Concluding remarks labels ( L , � ) Questions b c ◮ a function λ mapping users and protected objects to L we require that a user u can only read d o if λ ( u ) � λ ( o ) L

  3. Cryptographic hierarchical access control Preliminaries A bounded asynchronous Useful for third-party data publishing scheme ◮ Data is made available by someone other than data owner An unbounded asynchronous scheme Concluding remarks Questions

  4. Cryptographic hierarchical access control Preliminaries A bounded asynchronous Useful for third-party data publishing scheme ◮ Data is made available by someone other than data owner An unbounded asynchronous scheme Trivial solution Concluding ◮ Encrypt o with k ( o ) remarks Questions ◮ Send { k ( y ) : y � λ ( u ) } to u

  5. Cryptographic hierarchical access control Preliminaries A bounded asynchronous Useful for third-party data publishing scheme ◮ Data is made available by someone other than data owner An unbounded asynchronous scheme Trivial solution Concluding ◮ Encrypt o with k ( o ) remarks Questions ◮ Send { k ( y ) : y � λ ( u ) } to u Preferably ◮ Encrypt o with k ( o ) ◮ Send k ( λ ( u )) to u

  6. Cryptographic hierarchical access control Preliminaries A bounded asynchronous Useful for third-party data publishing scheme ◮ Data is made available by someone other than data owner An unbounded asynchronous scheme Trivial solution Concluding ◮ Encrypt o with k ( o ) remarks Questions ◮ Send { k ( y ) : y � λ ( u ) } to u Preferably ◮ Encrypt o with k ( o ) ◮ Send k ( λ ( u )) to u ◮ Publish additional (encrypted) information enabling u to derive k ( y ) for all y � k ( λ ( u ))

  7. Iterative key assignment schemes Preliminaries A bounded asynchronous The data owner scheme ◮ chooses k ( y ) at random from the key space An unbounded asynchronous scheme Concluding remarks Questions

  8. Iterative key assignment schemes Preliminaries A bounded asynchronous The data owner scheme ◮ chooses k ( y ) at random from the key space An unbounded asynchronous ◮ publishes { E k ( x ) ( k ( y )) : y ⋖ x , x , y ∈ L } scheme ◮ y ⋖ x denotes that y is an immediate child of x in L Concluding remarks ◮ E k ( m ) denotes the encryption of message m with key k Questions

  9. Iterative key assignment schemes Preliminaries A bounded asynchronous The data owner scheme ◮ chooses k ( y ) at random from the key space An unbounded asynchronous ◮ publishes { E k ( x ) ( k ( y )) : y ⋖ x , x , y ∈ L } scheme ◮ y ⋖ x denotes that y is an immediate child of x in L Concluding remarks ◮ E k ( m ) denotes the encryption of message m with key k Questions ◮ Sends k ( λ ( u )) to user u

  10. Iterative key assignment schemes Preliminaries A bounded asynchronous The data owner scheme ◮ chooses k ( y ) at random from the key space An unbounded asynchronous ◮ publishes { E k ( x ) ( k ( y )) : y ⋖ x , x , y ∈ L } scheme ◮ y ⋖ x denotes that y is an immediate child of x in L Concluding remarks ◮ E k ( m ) denotes the encryption of message m with key k Questions ◮ Sends k ( λ ( u )) to user u The user obtains ◮ k ( y ), y ⋖ λ ( u ), by decrypting the appropriate datum of public information

  11. Iterative key assignment schemes Preliminaries A bounded asynchronous The data owner scheme ◮ chooses k ( y ) at random from the key space An unbounded asynchronous ◮ publishes { E k ( x ) ( k ( y )) : y ⋖ x , x , y ∈ L } scheme ◮ y ⋖ x denotes that y is an immediate child of x in L Concluding remarks ◮ E k ( m ) denotes the encryption of message m with key k Questions ◮ Sends k ( λ ( u )) to user u The user obtains ◮ k ( y ), y ⋖ λ ( u ), by decrypting the appropriate datum of public information ◮ k ( y ), y < λ ( u ), by iteratively decrypting keys on some path between λ ( u ) and y

  12. Problem statement and motivation Preliminaries A bounded asynchronous scheme An unbounded Design a hierarchical key assignment scheme that supports asynchronous scheme multiple keys for each security label Concluding ◮ Minimize public storage remarks Questions ◮ Minimize number of keys distributed to users

  13. Problem statement and motivation Preliminaries A bounded asynchronous scheme An unbounded Design a hierarchical key assignment scheme that supports asynchronous scheme multiple keys for each security label Concluding ◮ Minimize public storage remarks Questions ◮ Minimize number of keys distributed to users Such schemes are useful for ◮ supporting lazy re-encryption ◮ enforcing hierarchical access control policies

  14. Design decisions Preliminaries A bounded asynchronous scheme An unbounded asynchronous ◮ Is the number of updates determined in advance? scheme If yes, we say the scheme is bounded (and unbounded Concluding remarks otherwise) Questions ◮ Can the key for label x be updated independently of the one for y? If yes, we say the scheme is asynchronous (and synchronous otherwise)

  15. Preliminaries Preliminaries A bounded asynchronous scheme An unbounded asynchronous A bounded asynchronous scheme scheme Concluding remarks Questions An unbounded asynchronous scheme Concluding remarks Questions

  16. Illustration Preliminaries A bounded asynchronous scheme Initial security lattice – one key per label An unbounded asynchronous scheme Concluding remarks Questions a b c d

  17. Illustration Preliminaries A bounded asynchronous scheme k ( d ) is updated – two keys for d An unbounded asynchronous scheme Concluding remarks a Questions a b c b c d d

  18. Illustration Preliminaries A bounded asynchronous scheme k ( b ) is updated – two keys for b , three for d An unbounded asynchronous scheme a Concluding remarks a Questions b c a b c d b c d d

  19. Basic approach Preliminaries A bounded asynchronous scheme An unbounded There are two “orthogonal” dimensions to the problem asynchronous scheme ◮ The set of security labels L Concluding remarks ◮ Temporal – a chain of keys associated with each element Questions of L

  20. Basic approach Preliminaries A bounded asynchronous scheme An unbounded There are two “orthogonal” dimensions to the problem asynchronous scheme ◮ The set of security labels L Concluding remarks ◮ Temporal – a chain of keys associated with each element Questions of L One solution is to ◮ construct an iterative key assignment scheme for L ◮ define a “key chain” for the temporal dimension

  21. Hash chain solution For a bounded scheme there are at most m keys for each label Preliminaries A bounded asynchronous scheme An unbounded asynchronous scheme Concluding remarks Questions

  22. Hash chain solution For a bounded scheme there are at most m keys for each label Preliminaries A bounded ◮ Define an iterative key assignment scheme for L asynchronous scheme ◮ For each x ∈ L An unbounded ◮ choose a key k m ( x ) from { 0 , 1 } l asynchronous scheme ◮ define k i − 1 ( x ) = h ( k i ( x )), where h : { 0 , 1 } ∗ → { 0 , 1 } l is a Concluding suitable (public) hash function remarks Questions

  23. Hash chain solution For a bounded scheme there are at most m keys for each label Preliminaries A bounded ◮ Define an iterative key assignment scheme for L asynchronous scheme ◮ For each x ∈ L An unbounded ◮ choose a key k m ( x ) from { 0 , 1 } l asynchronous scheme ◮ define k i − 1 ( x ) = h ( k i ( x )), where h : { 0 , 1 } ∗ → { 0 , 1 } l is a Concluding suitable (public) hash function remarks ◮ When the key for label x needs to be changed Questions ◮ select the next key for each label y � x ◮ update public information for L ’s scheme

  24. Hash chain solution For a bounded scheme there are at most m keys for each label Preliminaries A bounded ◮ Define an iterative key assignment scheme for L asynchronous scheme ◮ For each x ∈ L An unbounded ◮ choose a key k m ( x ) from { 0 , 1 } l asynchronous scheme ◮ define k i − 1 ( x ) = h ( k i ( x )), where h : { 0 , 1 } ∗ → { 0 , 1 } l is a Concluding suitable (public) hash function remarks ◮ When the key for label x needs to be changed Questions ◮ select the next key for each label y � x ◮ update public information for L ’s scheme ◮ A user with security label x can ◮ compute the current key for y < x from the public information for L ◮ iteratively compute hashes of y ’s key until the key for the desired time period is obtained

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Time-Storage Trade-Offs for Cryptographically-Enforced Access Control Jason Crampton Information

Time-Storage Trade-Offs for Cryptographically-Enforced Access Control Jason Crampton Information

Time-Storage Trade-Offs for Cryptographically-Enforced Access Control Jason Crampton Information Security Group Royal Holloway, University of London ESORICS 2011 Traditional Access Control ? SECRET Time-Storage

707 views • 45 slides
Sieve: Cryptographically Enforced Access Control for User Data in Untrusted Clouds Frank Wang (MIT

Sieve: Cryptographically Enforced Access Control for User Data in Untrusted Clouds Frank Wang (MIT

Sieve: Cryptographically Enforced Access Control for User Data in Untrusted Clouds Frank Wang (MIT CSAIL) , James Mickens (Harvard), Nickolai Zeldovich (MIT CSAIL), Vinod Vaikuntanathan (MIT CSAIL) 1 Motivation Boston Marathon NY Marathon

1.12k views • 95 slides
Analysis and Optimization of Cryptographically Generated Addresses (CGA) Revisiting

Analysis and Optimization of Cryptographically Generated Addresses (CGA) Revisiting

Introduction CGA for IPv6 CGA++ Analysis and Optimization of Cryptographically Generated Addresses (CGA) Revisiting Self-Certifying Address Generation and Verification Joppe Bos, Onur Ozen and Jean-Pierre Hubaux Ecole Polytechnique F

2.28k views • 44 slides
Efficient and Cryptographically Secure Addition in the Ideal Class Groups of Hyperelliptic

Efficient and Cryptographically Secure Addition in the Ideal Class Groups of Hyperelliptic

Efficient and Cryptographically Secure Addition in the Ideal Class Groups of Hyperelliptic Curves Diploma thesis Andrey Bogdanov* Scientific advisors: Prof. Dr. Dr. h.c. Gerhard Frey Prof. Dr. Vladimir Anashin Russian State

397 views • 29 slides
First steps towards cryptographically sound confidentiality analysis of cryptographic protocols

First steps towards cryptographically sound confidentiality analysis of cryptographic protocols

First steps towards cryptographically sound confidentiality analysis of cryptographic protocols Peeter Laud peeter l@ut.ee Tartu Ulikool Cybernetica AS Teooriap aevad Arulas, 3.-5.02.2003 p.1/27 Overview Cryptographic protocols.

570 views • 27 slides
Cryptographically Sound Security Proofs for Basic and Public-key Kerberos ESORICS 2006 M.

Cryptographically Sound Security Proofs for Basic and Public-key Kerberos ESORICS 2006 M.

Cryptographically Sound Security Proofs for Basic and Public-key Kerberos ESORICS 2006 M. Backes 1 , I. Cervesato 2 , A. D. Jaggard 3 , A. Scedrov 4 , and J.-K. Tsay 4 1 Saarland University, 2 Carnegie Mellon University - Qatar, 3 Tulane

370 views • 18 slides
Finding Cryptographically Strong Elliptic Curves An Introduction Hamish Ivey-Law

Finding Cryptographically Strong Elliptic Curves An Introduction Hamish Ivey-Law

Outline Elliptic curve cryptography Secure domain parameters Case study: finding secure Edwards curves Finding Cryptographically Strong Elliptic Curves An Introduction Hamish Ivey-Law hlaw@iml.univ-mrs.fr Institute de Math ematiques de

662 views • 41 slides
Cryptographically Generated IPv6 Addresses (CGA) Basic idea: Interface Id = hash (Public Key)

Cryptographically Generated IPv6 Addresses (CGA) Basic idea: Interface Id = hash (Public Key)

Cryptographically Generated IPv6 Addresses (CGA) Basic idea: Interface Id = hash (Public Key) The public key is used to authenticate messages sent from the CGA address. Proof of address ownership without security infrastructure. Prior

541 views • 6 slides
UT DA Hierarchical and Analytical Hierarchical and Analytical Pla Placement T cement

UT DA Hierarchical and Analytical Hierarchical and Analytical Pla Placement T cement

UT DA Hierarchical and Analytical Hierarchical and Analytical Pla Placement T cement Technique echniques for s for High High- Performa Performance A nce Analog C nalog Circuit ircuits Biying Xu, Shaolan Li, Xiaoqing Xu, Nan Sun, and

506 views • 29 slides
Proposal of a Hierarchical Proposal of a Hierarchical Architecture for Multimodal Architecture for

Proposal of a Hierarchical Proposal of a Hierarchical Architecture for Multimodal Architecture for

Proposal of a Hierarchical Proposal of a Hierarchical Architecture for Multimodal Architecture for Multimodal Interactive Systems y Masahiro Araki* 1 Tsuneo Nitta* 2 Kouichi Katsurada* 2 Takuya Nishimoto* 3 Tetsuo Amakasu* 4 Shinnichi Kawamoto* 5

546 views • 35 slides
Compositional Action System Derivation Introduction Using Enforced Properties Action systems

Compositional Action System Derivation Introduction Using Enforced Properties Action systems

Compositional Action System Derivation Using Enforced Properties Brijesh Dongol and Ian J. Hayes Compositional Action System Derivation Introduction Using Enforced Properties Action systems Enforced properties Example Brijesh Dongol

785 views • 45 slides
Administrative Penalties (A.M.P.s) By-laws Enforced by M.L.E. M.L.E. enforces 34 City By-laws

Administrative Penalties (A.M.P.s) By-laws Enforced by M.L.E. M.L.E. enforces 34 City By-laws

Administrative Penalties (A.M.P.s) By-laws Enforced by M.L.E. M.L.E. enforces 34 City By-laws and 1 Provincial Law A Z Adequate Heat By-law Lodging House By-law Snow and Ice Removal By-law Bicycle

619 views • 32 slides
The EFTA Surveillance Authority: How EEA law is enforced EFTA Secretariat, Brussels 14 February

The EFTA Surveillance Authority: How EEA law is enforced EFTA Secretariat, Brussels 14 February

The EFTA Surveillance Authority: How EEA law is enforced EFTA Secretariat, Brussels 14 February 2019 Cath Howdle Deputy Director, Legal and Executive Affairs Department, ESA Hgni S. Kristjansson Bente Angell-Hansen Frank Bchel

562 views • 23 slides
Separation and convexity properties of hierarchical and non hierarchical clustering Patrice

Separation and convexity properties of hierarchical and non hierarchical clustering Patrice

Plan Separation and convexity properties of hierarchical and non hierarchical clustering Patrice Bertrand 1 1 CEREMADE, Universit e Paris-Dauphine, Paris, France Joint work with Jean Diatta 2 2 LIM, Universit e de La R eunion,

401 views • 29 slides
IRS Enforced Collection Actions: Challenges and Responses to Federal Tax Liens and Levies

IRS Enforced Collection Actions: Challenges and Responses to Federal Tax Liens and Levies

Presenting a live 90-minute webinar with interactive Q&amp;A IRS Enforced Collection Actions: Challenges and Responses to Federal Tax Liens and Levies Mitigating the Effects of Tax Liens, Navigating the Levy and Asset Seizure Process TUESDAY,

749 views • 72 slides
HIERARCHICAL DESIGN IN Victor Khomenko, Danil Sokolov, Alex Yakovlev Why hierarchical? The

HIERARCHICAL DESIGN IN Victor Khomenko, Danil Sokolov, Alex Yakovlev Why hierarchical? The

HIERARCHICAL DESIGN IN Victor Khomenko, Danil Sokolov, Alex Yakovlev Why hierarchical? The only way to design large systems Requests from the engineers Natural development of Workcraft Automation of repetitive tasks by tracking

612 views • 13 slides
Hash- Tables Introduction Dictionary Dictionary stores key-value pairs Find( k ) Insert( k

Hash- Tables Introduction Dictionary Dictionary stores key-value pairs Find( k ) Insert( k

Hash- Tables Introduction Dictionary Dictionary stores key-value pairs Find( k ) Insert( k , v ) Delete( k ) O ( n ) O ( 1 ) O ( n ) List O ( log n ) O ( n ) O ( n ) Sorted Array O ( log n ) O ( log n ) O ( log n ) Balanced BST

475 views • 26 slides
Session 3 Column-Oriented Model: Cassandra, HBase Sbastien Combfis Fall 2019 This work is

Session 3 Column-Oriented Model: Cassandra, HBase Sbastien Combfis Fall 2019 This work is

I404B NoSQL Session 3 Column-Oriented Model: Cassandra, HBase Sbastien Combfis Fall 2019 This work is licensed under a Creative Commons Attribution NonCommercial NoDerivatives 4.0 International License. Objectives

952 views • 61 slides
Postquantum Cryptography: what, why, and how? SIMBA Enric Florit Zacaras . . . . . . .

Postquantum Cryptography: what, why, and how? SIMBA Enric Florit Zacaras . . . . . . .

. . . . . . . . . . . . . . . . . Postquantum Cryptography: what, why, and how? SIMBA Enric Florit Zacaras . . . . . . . . . . . . . . . . . . . . . . . November 27, 2019 . . . . . . . . . . .

1.31k views • 77 slides
Pairs Design Pattern map(docID a, doc d) for all term w in doc d do for all term u NEAR w do w

Pairs Design Pattern map(docID a, doc d) for all term w in doc d do for all term u NEAR w do w

10/14/2011 Pairs Design Pattern map(docID a, doc d) for all term w in doc d do for all term u NEAR w do w v u Emit(pair (w, u), count 1) w reduce (pair p, counts [c1, c2,]) v sum = 0 for all count c in counts do u sum += c Emit(pair

441 views • 14 slides
Introduction to the theory of secret key cryptography Andreas H ulsing Eindhoven University

Introduction to the theory of secret key cryptography Andreas H ulsing Eindhoven University

Introduction to the theory of secret key cryptography Andreas H ulsing Eindhoven University of Technology 17 June 2019 Secret key encryption MAC Main primitives of secret key / symmetric cryptography High-level primitives Low-level

1.51k views • 114 slides
Many-core Architectures and Programming Models Using SHOC M. Graham Lopez Jeffrey Young Jeremy

Many-core Architectures and Programming Models Using SHOC M. Graham Lopez Jeffrey Young Jeremy

Examining Recent Many-core Architectures and Programming Models Using SHOC M. Graham Lopez Jeffrey Young Jeremy S. Meredith Philip C. Roth Mitchel Horton Jeffrey S. Vetter PMBS15 Sunday, 15 Nov 2015 ORNL is managed by UT-Battelle for

638 views • 33 slides
CSCI0170 An Integrated Introduction to Computer Science Prof. John Hughes Todays topics

CSCI0170 An Integrated Introduction to Computer Science Prof. John Hughes Todays topics

CSCI0170 An Integrated Introduction to Computer Science Prof. John Hughes Todays topics Racket review A little more arithmetic The string data type Tokenizing a program Describing legal programs Announcements Register via

712 views • 29 slides
The reaction keyword Sets the B(F) and B(GT) matrix elements for a cross section calculation

The reaction keyword Sets the B(F) and B(GT) matrix elements for a cross section calculation

reaction FILE The reaction keyword Sets the B(F) and B(GT) matrix elements for a cross section calculation The format of this command is FILE is the name (and full path, if needed) of a file that contains the evaluated matrix

430 views • 6 slides

More recommend