Cryptographic access control (CAC) is an approach to securing data by encrypting it with a key, so that only the users in possession of the correct key are able to decrypt the data and/or perform further encryptions. Applications of cryptographic access control will benefit companies, governments and the military where structured access to information is essential.
The purpose of this book is to highlight the need for adaptability in cryptographic access control schemes that are geared for dynamic environments, such as the Internet. Adaptive Cryptographic Access Control presents the challenges of designing hierarchical cryptographic key management algorithms to implement Adaptive Access Control in dynamic environments and suggest solutions that will overcome these challenges.
Adaptive Cryptographic Access Control is a cutting-edge book focusing specifically on this topic in relation to security and cryptographic access control. Both the theoretical and practical aspects and approaches of cryptographic access control are introduced in this book. Case studies and examples are provided throughout this book.
This book is designed for a professional audience composed of researchers, technicians and government/military employees working in the Information Security industry. Advanced-level students concentrating on computer science for Information Security and Cryptography will also find this book useful as a reference or secondary text book.
Table of Contents
Introduction.- Distributed Access Control.- Terminology.- General Access Control Models.- Discretionary Access Control.- Other Access Control Paradigms.- Adaptive Access Control.- Efficient Key Management Heuristics.- The Akl and Taylor Key Management Scheme.- A Key Assignment Algorithm.- Enforcing Key Updates Effectively.- Complexity and Security Analysis.- Experimental Result.- Timestamped Key Management.- Timestamped Key Assignment.- Timestamped Key Updates.- Complexity and Security Analysis.- Experimental Results.- Key Management in Outsourced Data Scenarios.- Why Key Management for Outsourced Data is different.- Background on protecting outsourced data.- An Efficient Key Management Technique.- Security Analysis.- Experimental Results and Discussions.- Challenges of Securing Outsourced Data.- Adaptive Key Management.- A Framework for Adaptive Key Updates: Model and Example.- Implementation and Experimental Setup.- Discussions.- Collusion Detection and Resolution.- Detecting Collusion Possibilities.- Adaptive Collusion Detection and Resolution Framework.- Experimental Setup and Results.- Discussions.- Summary and Conclusions.- Summary and Critique.- Areas for Future Work