250 likes | 406 Vues
A Key Management Scheme for Hierarchical Access Control in Group Communication. Qiong Zhang, Yuke Wang Jason P, Jue 2008 International Journal of Network Security Vol7 2013. 05. 13 Tae Hoon Kim. Referenced ppt by Seung -Tae Hong A-Ra Jo. Contents. 1. Introduction
E N D
A Key Management Scheme for Hierarchical Access Control in Group Communication Qiong Zhang, Yuke Wang Jason P, Jue 2008 International Journal of Network Security Vol7 2013. 05. 13 Tae HoonKim Referenced ppt by Seung-Tae Hong A-Ra Jo
Contents 1. Introduction 2. Background and Related Work 2.1 Formalization of Partially ordered Relations 2.2 Related work 3. The HAC Scheme 4. Rekey Algorithm 5. Performance Analysis 5.1 Storage Overhead 5.2 Rekey Overhead 6. Performance Comparison 7. Conclusion
Introduction • Emerging Internet application • Teleconferencing, e-newspaper, IPTV • Based on group communication • In order to widely commercialize(Internet Application), the issue of access control must be addressed. • Access control • : User having different access rights to multiple data streams • Hierarchical access control • Include e-newspaper subscription and video multicast services • Commercialize :상업화
Introduction • For Example, consider two types of service • E-newspaper subscription service • Video multicast service • BL : Best Layer • EL : Enhancement Layer
Introduction • What is need to implement access control for group communication? • Data encryption keys • Often used to encrypt data streams • User Access • If the user possesses the data encryption keys • Must be update data encryption keys • When a user dynamically joins or leaves a group • Use backward secrecy and forward secrecy[12]
Introduction • Key management schemes aim • update the data encryption keys in order to ensure backward secrecy and forward secrecy • Two categories of key management scheme • Centralized • A centralized key server controls the entire group • Generates keys and distribute keys to legitimate users via rekey messages • Distributed • No centralized group controller and generate group keys based on the contribution of users in the group
Introduction • In this paper, focus on a centralized key management scheme • It is critical to minimize rekey overhead in order to reduce the cost for communication and computation and computation at the key server and users
Formalization of partially ordered relation • Notation • U : A set of users {u1, u2, …} • R : A set of data streams {r1, r2, …} • A : An access relation, where A U R • Ui: Membership group i consisting of a subset of users • Ri: Resource group i consisting of a subset of data streams • Partial order of users(In an access relation A) • If the data streams that user uican access is a subset of data streams that user ujcan access, then uiis smaller than uj • If users uiand ujcan access exactly the same subset of data streams, both users are equivalent
Formalization of partially ordered relation • Partial order of users (cont.) • If the set of users that can access data stream rjis a subset of users that can access data stream ri, then riis smaller than rj • If the set of users that can access data stream riis exactly same as the set of users that can access data stream rj, the two data streams are equivalent R3 U1 U2 R1 U3 R2 U4
Formalization of partially ordered relation • DAG(Directed Acyclic graph)[3] • The partially ordered relations of membership groups and resource groups can each be represented by a DAG
Formalization of partially ordered relation • Satisfy the following conditions • 1)it must maintain the partial orders of the membership group DAG and the resource group DAG • 2)a user u U has access to a resource r R iff vertex representing U is the same as the vertex representing R or is reachable to the vertex representing R in the unified DAG • 3)the unified DAG is the smallest partial order satisfying the above conditions
Related work • Logical key graph[22] • Important data structure to improve the efficiency of key management • Consisting of k-nodes, U-nodes • K-nodes : Represents a key • U-nodes : Represents a user
Related work • Keyset(U1) = { k1,k7,k9, k11} • Userset(k9) = {u1,u2,u3,u4} K-node that has no outgoing edges data encryption keys Data encryption key : used to data streams encryption keys key Key encryption key : used to data encryption keys Keyset(U1) One or more outgoing edges but no incoming edges Userset(k9)
Related work • Logical key graph be used to • Maintained at key server in order to efficiently distribute keys to dynamically joining or leaving users • Many key management schemes[2,7,8,10,16,22,23] • Proposed to construct a logical key graph and to update keys in the logical graph efficiently • Problem : only provide key management for equivalent users and equivalent data stream
Related work • Constructing a single logical key graph for hierarchical access control[17,19,24] • [19] : User have different leveland higher-level users can access more data streams than lower-level users • Problem : higher-level user are able to access all data streams • [24] : Chinese Reminder Theorem based hierarchical access control scheme • Problem : only suitable for users having a tree-based partially ordered hierarchy • [17] : Users form a partially ordered relation while the data streams are not partially ordered(MG Scheme)
Related work MG Vs. HAC scheme MG HAC • Data stream2 : Financial • Data stream3 : Stock HAC(Hierarchical Access control)
The HAC Scheme • Four steps to construct the logical key graph • Next slide • In the key graph • Users in Ui form a balanced binary tree • mki is root represents the memebership-group Key • RiisResource group • Encrypted by a resource-group key, dki • The membership-group-keys are connected with resource-group keys by the relation subgraph • Use greedy algorithm • To explore the unified DAG • For constructing the sub graph
R1 R2 R3 ① For each resource group, encrypt all data streams in the resource group with a singledata encryption key, called the resource-group key Unified DAG rk4 dk3 Relation subgraph dk2 dk1 rk1 rk3 k25 rk2 • ④ Connect the roots of membership-group subtrees to the corresponding resource-group keys • ② For each membership group, constructa balanced logical key tree called the membership-group subtree, where each user is represented by a u-node and the root ofthe subtree is associated with a key, calledthe membership-group key • ③ Construct a relation subgraphto connectthe resources-group keys based on a unified DAG Balanced logical key tree (membership-group subtree)
Greedy algorithm of the HAC Scheme Notation • M = set of membership group in Vi • K = set of k-nodes; cover disjoint set of membership group • C = set of membership group in M; that has been covered by k-nodes in K • U = set of uncovered membership groups in M • RK = set of representative k-nodes; has been generated • Userset = set of membership groups covered by a representative k-node rkj
Rekey Algorithm • Update the keys in the key graph • User join, leave, or switch membership groups dynamically • The service provider changes access relations dynamically • Case1)User u8 switches from U2 to U1 k8 k26 k20 k17 dk1 mk2 mk1 dk3 k26 dk2 k8 Send {k26}k8 to u8 {k26}k1 to u1 Send {mk’2}k19 to u5, u6 {mk’2}k7 to u7 u8
Rekey Algorithm • Case2)Update the access relations(new data stream, new membership group) R4 dk3’ rk4’ dk4 rk5
Performance Comparison • Experiment environment • Compare the performance of the HAC scheme with the MG scheme • Measured storage overhead and rekey overhead • Develop a simulation model to construct logical key graphs with d =2 based on access relation and to simulate user actions in the system • Consider three cases where equivalent data streams to group, and the number of data streams per resource group is shown in Table3
Performance Comparison • Why HAC experiment is only one? • All data streams in a resource group are encrypted by the same resource-group key Note that, Case III is much higher than the differerce between the HAC scheme and Case II HAC Scheme 3 1 1 1 3 1 1 1
Performance Comparison • We can see that • HAC scheme results in less rekey overhead than the MG Scheme HAC Scheme 3 1 1 1 3 1 1 1
Conclusion • In the HAC scheme • Proposed a hierarchical access control key management scheme for group communication • Employed an algorithm to construct a key graph based on a unified relation of membership groups and resource group • Can handle complex access relations • In the key graph • Equivalent data streams are grouped in a resource group and are encrypted by a single data encryption key • Future work • To employ the batch rekeying[23] scheme in order to further improve the key management efficiency