Extended hierarchical key assignment scheme (E-HKAS): how to efficiently enforce explicit policy exceptions in dynamic hierarchies

Abstract

In this paper, we focus on practically motivated flexibility requirements for the hierarchical access control model, namely transitive exception and anti-symmetric exception. Additionally, we motivate a new flexibility requirement called “class delegation with descendant(s) safety” in a practical application scenario. We propose our extended hierarchical key assignment scheme (E-HKAS) that satisfies all three aforementioned flexibility requirements in a dynamic hierarchy of security classes. To propose a generic E-HKAS, we model the hierarchical access control policy as a collection of access groups. E-HKAS enforces transitive and anti-symmetric exceptions using an efficient group-based encryption scheme. To enforce class delegation with descendant(s) safety, we propose a novel cryptographic primitive called group proxy re-encryption (GPRE) that supports proxy re-encryption between two access groups. We present an IND-CPA-secure construction of our proposed GPRE scheme and formally prove its security. Performance analysis shows that the proposed E-HKAS enforces explicit transitive and anti-symmetric exceptions more efficiently than the existing approaches in the literature. Computation cost for key derivation is constant and does not depend on the depth of the hierarchy. Also, to enforce class delegation with descendant(s) safety, the proposed E-HKAS requires constant number of computational steps to be executed.