Digital key management for access control of electronic records

Access control of electronic records involves establishing a common set of access requirements, binding those access requirements to the electronic records, and computing whether or not the criteria are met for allowing access. An electronic record can be an e-mail, a document, a spreadsheet, or a series of sensor readings. Records that need to be controlled are stored in an encrypted file, which is decrypted when access criteria are verified. The number of controlled electronic records is rising dramatically. Current methods of key management often group and segment objects by type to reduce the number of keys and the associated management overhead. This approach compromises a large number of content files when exploits manage to extract cryptographic keys. The proposed process uses a hybrid symmetric/asymmetric keying approach that provides a unique key for each electronic record while minimizing the key management requirements. This method reduces losses to individual electronic records when keys are compromised, but with a greatly reduced key management process that leverages PKI processes. © 2016, IAENG International Journal of Computer Science.