Key hierarchies for hierarchical access control in secure group communications

The problem of hierarchical access control in secure group communications has elicited much interest in the literatures. However, most of the researches to date on hierarchical access control pay more attention to the particular encryption techniques, but considered little about the features of key hierarchies. In hierarchical access control systems, keys are usually organized hierarchically. We analyze the user-based, resource-based and unified key hierarchies in this paper. The first two hierarchies are established from the access matrix. By unifying these two hierarchies, we get the unified key hierarchy. Furthermore, we introduce the explicit accessible set and the explicit dominating set to describe the key distributions for these hierarchies, and prove that the unified key hierarchy can be formed from the explicit dominating sets in the user-based key hierarchy or the explicit accessible sets in the resource-based key hierarchy. To evaluate the efficiency of the described key hierarchies, we combine these hierarchies with the existing key assignment models and analyze their storage and rekey overheads. These overheads can be derived from the access matrix, and the derivation procedure is described. The conclusions of this paper can help to establish a suitable key hierarchy so as to make the key assignment scheme more efficient in practical applications. (C) 2008 Elsevier B.V. All rights reserved.