: Anne V. D. M. Kayem, Selim G. Akl, Patrick Martin
: Adaptive Cryptographic Access Control
: Springer-Verlag
: 9781441966551
: Advances in Information Security
: 1
: CHF 85.50
:
: Informatik
: English
: 138
: Wasserzeichen/DRM
: PC/MAC/eReader/Tablet
: PDF

Cryptograph c access control (CAC) is an approach to securing data by encrypting it with a key, so that only the users in possession of the correct key are able to decrypt the data and/or perform further encryptions. Applications of cryptographic access control will benefit companies, governments and the military where structured access to information is essential.

The purpose of this book is to highlight the need for adaptability in cryptographic access control schemes that are geared for dynamic environments, such as the Internet. Adaptive Cryptographic Access Control presents the challenges of designing hierarchical cryptographic key management algorithms to implement Adaptive Access Control in dynamic environments and suggest solutions that will overcome these challenges.

Adap ive Cryptographic Access Control is a cutting-edge book focusing specifically on this topic in relation to security and cryptographic access control. Both the theoretical and practical aspects and approaches of cryptographic access control are introduced in this book. Case studies and examples are provided throughout this book.
Foreword8
Preface10
Acknowledgements10
Contents12
Chapter 1 Introduction16
1.1 Motivation16
1.2 What is Autonomic Computing?17
1.3 From Manually Managed to Adaptive Access Control18
1.4 Aim of this Monograph20
1.5 How to read this Monograph23
Chapter 2 A Presentation of Access Control Methods25
2.1 Distributed Access Control s Beginnings25
2.2 Terminology26
2.3 General Access Control Models27
2.3.1 Discretionary Access Control27
2.3.2 Mandatory Access Control29
2.3.3 Role-Based Access Control30
2.3.4 Multilevel Access Control32
2.3.4.1 The BLP and BIBA models32
2.3.4.2 The Chinese Wall Model32
2.3.4.3 The Clark-Wilson (CLW) Model33
2.4 Cryptographic Access Control33
2.4.1 Key Management Models34
2.4.2 One-Way Function Schemes35
2.4.3 Time-Bound Schemes42
2.4.4 Other CKM Schemes43
2.5 Other Access Control Paradigms44
2.5.1 Overview44
2.5.2 Cookies45
2.5.3 XML Access Control and Limitations46
2.5.4 Anti-Viruses, Intrusion Detection, and Firewalls48
2.6 Controlling Access to Outsourced Data50
2.7 Autonomic Access Control51
2.7.1 The Autonomic Security Model52
2.7.2 Perspectives and Discussions53
Chapter 3 Efficient Key Management: Heuristics55
3.1 Overview55
3.2 An Overview of the CAT Scheme56
3.3 Exponent Assignment Algorithm57
3.3.1 Algorithm59
3.3.2 Exponent Assignment Example60
3.4 Enforcing Hierarchy Updates62
3.4.1 Replacement, Insertion, and Deletion: Algorithm62
3.4.2 Insertion, Deletion and Replacement: Example64
3.5 Analysis66
3.5.1 Security Analysis66
3.5.2 Complexity Analysis67
3.6 Experimental Setup and Results67
3.6.1 Implementation and Experimental Setup68
3.6.2 Cost of Key Generation69
3.6.3 Cost of Data Encryption70
3.6.4 Cost of Key Replacement71
3.6.5 Window of Vulnerability71
3.7 Discussions72
Chapter 4 Timestamped Key Management74
4.1 On Timestamps and Key Updates74
4.2 Timestamped Key Assignment76
4.3 Timestamped Rekey Scheme - Algorithm78
4.4 Analysis79
4.4.1 Security Analysis79
4.4.2 Complexity Analysis79
4.5 Experimental Setup and Results80
4.5.1 Implementation and Experimental Setup80
4.5.2 Timestamped Key Generation - Server Cost82
4.5.3 Timestamped Rekeying - Server Cost83
4.5.4 Window of Vulnerability84
4.6 Discussion85
Chapter 5 Controlling Access to Outsourced Data88
5.188
5.1.1 Securing Outsourced Data89
5.1.2 Combining CKM and RBAC91
5.1.3 Handling Key Updates93
5.2 Discussion95
Chapter 6 Self-Protecting Key Management97
6.1 Overview97
6.2 Self-Protecting Cryptographic Key Management (SPCKM) Framework98
6.2.1 Mathematical Model Supporting Framework100
6.2.2 An Example104
6.3 Implementation and Experimental Setup105
6.3.1 Experimental Setup105
6.3.2 Prototype Description106
6.3.3 Performance Criteria107
6.3.4 Experimental Results108
6.4 Discussions111
6.4.1 Contributions of the SPCKM Framework111
6.4.2 Some Challenges in Adaptive Rekeying113
6.4.3 The Adaptive Rekey Scheduling Problem114
Chapter 7 Collusion Detection and Resolution116
7.1 Overview116
7.2 On Detecting Collusion Possibilities117
7.2.1 The DCFK problem118
7.3 An Adaptive Framework for Collusion Detection and Resolution (ACDR)119
7.3.1 Some Basic Assumptions120
7.3.2 Collusion Verification122
7.3.3 Example of Collusion Detection123
7.3.4 Collusion Resolution Algorithm124
7.3.5 Example of Collusion Resolution125
7.4 Experimental Setup and Results127
7.4.1 Implementation and Experimental Setup127
7.4.2 Cost of Collusion Detection127
7.4.3 Cost of Collusion Resolution128
7.4.4 Cost of Key Generation129
7.4.5 Cost of Key Generation and Data Encryption130
7.5 Discussions130
Chapter 8 Conclusions132
8.1 Synopsis132
8.2 Critique133
8.3 Potential Extensions136
8.3.1 Internal Violations136
8.3.2 Adaptive Rekeying137
8.3.3 Key Selection138
References139
Index146