cryptographically enforced hierarchical
play

Cryptographically-Enforced Hierarchical scheme An unbounded Access - PowerPoint PPT Presentation

Jan 08, 2023 •235 likes •673 views

Preliminaries A bounded asynchronous Cryptographically-Enforced Hierarchical scheme An unbounded Access Control with Multiple Keys asynchronous scheme Concluding remarks Jason Crampton Questions Information Security Group Royal

  1. Preliminaries A bounded asynchronous Cryptographically-Enforced Hierarchical scheme An unbounded Access Control with Multiple Keys asynchronous scheme Concluding remarks Jason Crampton Questions Information Security Group Royal Holloway, University of London NordSec 2007

  2. Hierarchical access control Preliminaries A bounded asynchronous scheme An unbounded Given asynchronous a scheme ◮ a partially ordered set of security Concluding remarks labels ( L , � ) Questions b c ◮ a function λ mapping users and protected objects to L we require that a user u can only read d o if λ ( u ) � λ ( o ) L

  3. Cryptographic hierarchical access control Preliminaries A bounded asynchronous Useful for third-party data publishing scheme ◮ Data is made available by someone other than data owner An unbounded asynchronous scheme Concluding remarks Questions

  4. Cryptographic hierarchical access control Preliminaries A bounded asynchronous Useful for third-party data publishing scheme ◮ Data is made available by someone other than data owner An unbounded asynchronous scheme Trivial solution Concluding ◮ Encrypt o with k ( o ) remarks Questions ◮ Send { k ( y ) : y � λ ( u ) } to u

  5. Cryptographic hierarchical access control Preliminaries A bounded asynchronous Useful for third-party data publishing scheme ◮ Data is made available by someone other than data owner An unbounded asynchronous scheme Trivial solution Concluding ◮ Encrypt o with k ( o ) remarks Questions ◮ Send { k ( y ) : y � λ ( u ) } to u Preferably ◮ Encrypt o with k ( o ) ◮ Send k ( λ ( u )) to u

  6. Cryptographic hierarchical access control Preliminaries A bounded asynchronous Useful for third-party data publishing scheme ◮ Data is made available by someone other than data owner An unbounded asynchronous scheme Trivial solution Concluding ◮ Encrypt o with k ( o ) remarks Questions ◮ Send { k ( y ) : y � λ ( u ) } to u Preferably ◮ Encrypt o with k ( o ) ◮ Send k ( λ ( u )) to u ◮ Publish additional (encrypted) information enabling u to derive k ( y ) for all y � k ( λ ( u ))

  7. Iterative key assignment schemes Preliminaries A bounded asynchronous The data owner scheme ◮ chooses k ( y ) at random from the key space An unbounded asynchronous scheme Concluding remarks Questions

  8. Iterative key assignment schemes Preliminaries A bounded asynchronous The data owner scheme ◮ chooses k ( y ) at random from the key space An unbounded asynchronous ◮ publishes { E k ( x ) ( k ( y )) : y ⋖ x , x , y ∈ L } scheme ◮ y ⋖ x denotes that y is an immediate child of x in L Concluding remarks ◮ E k ( m ) denotes the encryption of message m with key k Questions

  9. Iterative key assignment schemes Preliminaries A bounded asynchronous The data owner scheme ◮ chooses k ( y ) at random from the key space An unbounded asynchronous ◮ publishes { E k ( x ) ( k ( y )) : y ⋖ x , x , y ∈ L } scheme ◮ y ⋖ x denotes that y is an immediate child of x in L Concluding remarks ◮ E k ( m ) denotes the encryption of message m with key k Questions ◮ Sends k ( λ ( u )) to user u

  10. Iterative key assignment schemes Preliminaries A bounded asynchronous The data owner scheme ◮ chooses k ( y ) at random from the key space An unbounded asynchronous ◮ publishes { E k ( x ) ( k ( y )) : y ⋖ x , x , y ∈ L } scheme ◮ y ⋖ x denotes that y is an immediate child of x in L Concluding remarks ◮ E k ( m ) denotes the encryption of message m with key k Questions ◮ Sends k ( λ ( u )) to user u The user obtains ◮ k ( y ), y ⋖ λ ( u ), by decrypting the appropriate datum of public information

  11. Iterative key assignment schemes Preliminaries A bounded asynchronous The data owner scheme ◮ chooses k ( y ) at random from the key space An unbounded asynchronous ◮ publishes { E k ( x ) ( k ( y )) : y ⋖ x , x , y ∈ L } scheme ◮ y ⋖ x denotes that y is an immediate child of x in L Concluding remarks ◮ E k ( m ) denotes the encryption of message m with key k Questions ◮ Sends k ( λ ( u )) to user u The user obtains ◮ k ( y ), y ⋖ λ ( u ), by decrypting the appropriate datum of public information ◮ k ( y ), y < λ ( u ), by iteratively decrypting keys on some path between λ ( u ) and y

  12. Problem statement and motivation Preliminaries A bounded asynchronous scheme An unbounded Design a hierarchical key assignment scheme that supports asynchronous scheme multiple keys for each security label Concluding ◮ Minimize public storage remarks Questions ◮ Minimize number of keys distributed to users

  13. Problem statement and motivation Preliminaries A bounded asynchronous scheme An unbounded Design a hierarchical key assignment scheme that supports asynchronous scheme multiple keys for each security label Concluding ◮ Minimize public storage remarks Questions ◮ Minimize number of keys distributed to users Such schemes are useful for ◮ supporting lazy re-encryption ◮ enforcing hierarchical access control policies

  14. Design decisions Preliminaries A bounded asynchronous scheme An unbounded asynchronous ◮ Is the number of updates determined in advance? scheme If yes, we say the scheme is bounded (and unbounded Concluding remarks otherwise) Questions ◮ Can the key for label x be updated independently of the one for y? If yes, we say the scheme is asynchronous (and synchronous otherwise)

  15. Preliminaries Preliminaries A bounded asynchronous scheme An unbounded asynchronous A bounded asynchronous scheme scheme Concluding remarks Questions An unbounded asynchronous scheme Concluding remarks Questions

  16. Illustration Preliminaries A bounded asynchronous scheme Initial security lattice – one key per label An unbounded asynchronous scheme Concluding remarks Questions a b c d

  17. Illustration Preliminaries A bounded asynchronous scheme k ( d ) is updated – two keys for d An unbounded asynchronous scheme Concluding remarks a Questions a b c b c d d

  18. Illustration Preliminaries A bounded asynchronous scheme k ( b ) is updated – two keys for b , three for d An unbounded asynchronous scheme a Concluding remarks a Questions b c a b c d b c d d

  19. Basic approach Preliminaries A bounded asynchronous scheme An unbounded There are two “orthogonal” dimensions to the problem asynchronous scheme ◮ The set of security labels L Concluding remarks ◮ Temporal – a chain of keys associated with each element Questions of L

  20. Basic approach Preliminaries A bounded asynchronous scheme An unbounded There are two “orthogonal” dimensions to the problem asynchronous scheme ◮ The set of security labels L Concluding remarks ◮ Temporal – a chain of keys associated with each element Questions of L One solution is to ◮ construct an iterative key assignment scheme for L ◮ define a “key chain” for the temporal dimension

  21. Hash chain solution For a bounded scheme there are at most m keys for each label Preliminaries A bounded asynchronous scheme An unbounded asynchronous scheme Concluding remarks Questions

  22. Hash chain solution For a bounded scheme there are at most m keys for each label Preliminaries A bounded ◮ Define an iterative key assignment scheme for L asynchronous scheme ◮ For each x ∈ L An unbounded ◮ choose a key k m ( x ) from { 0 , 1 } l asynchronous scheme ◮ define k i − 1 ( x ) = h ( k i ( x )), where h : { 0 , 1 } ∗ → { 0 , 1 } l is a Concluding suitable (public) hash function remarks Questions

  23. Hash chain solution For a bounded scheme there are at most m keys for each label Preliminaries A bounded ◮ Define an iterative key assignment scheme for L asynchronous scheme ◮ For each x ∈ L An unbounded ◮ choose a key k m ( x ) from { 0 , 1 } l asynchronous scheme ◮ define k i − 1 ( x ) = h ( k i ( x )), where h : { 0 , 1 } ∗ → { 0 , 1 } l is a Concluding suitable (public) hash function remarks ◮ When the key for label x needs to be changed Questions ◮ select the next key for each label y � x ◮ update public information for L ’s scheme

  24. Hash chain solution For a bounded scheme there are at most m keys for each label Preliminaries A bounded ◮ Define an iterative key assignment scheme for L asynchronous scheme ◮ For each x ∈ L An unbounded ◮ choose a key k m ( x ) from { 0 , 1 } l asynchronous scheme ◮ define k i − 1 ( x ) = h ( k i ( x )), where h : { 0 , 1 } ∗ → { 0 , 1 } l is a Concluding suitable (public) hash function remarks ◮ When the key for label x needs to be changed Questions ◮ select the next key for each label y � x ◮ update public information for L ’s scheme ◮ A user with security label x can ◮ compute the current key for y < x from the public information for L ◮ iteratively compute hashes of y ’s key until the key for the desired time period is obtained

Recommend

Time-Storage Trade-Offs for Cryptographically-Enforced Access Control Jason Crampton Information

Time-Storage Trade-Offs for Cryptographically-Enforced Access Control Jason Crampton Information

Time-Storage Trade-Offs for Cryptographically-Enforced Access Control Jason Crampton Information Security Group Royal Holloway, University of London ESORICS 2011 Traditional Access Control ? SECRET Time-Storage

707 views • 45 slides
Sieve: Cryptographically Enforced Access Control for User Data in Untrusted Clouds Frank Wang (MIT

Sieve: Cryptographically Enforced Access Control for User Data in Untrusted Clouds Frank Wang (MIT

Sieve: Cryptographically Enforced Access Control for User Data in Untrusted Clouds Frank Wang (MIT CSAIL) , James Mickens (Harvard), Nickolai Zeldovich (MIT CSAIL), Vinod Vaikuntanathan (MIT CSAIL) 1 Motivation Boston Marathon NY Marathon

1.12k views • 95 slides
Analysis and Optimization of Cryptographically Generated Addresses (CGA) Revisiting

Analysis and Optimization of Cryptographically Generated Addresses (CGA) Revisiting

Introduction CGA for IPv6 CGA++ Analysis and Optimization of Cryptographically Generated Addresses (CGA) Revisiting Self-Certifying Address Generation and Verification Joppe Bos, Onur Ozen and Jean-Pierre Hubaux Ecole Polytechnique F

2.28k views • 44 slides
Efficient and Cryptographically Secure Addition in the Ideal Class Groups of Hyperelliptic

Efficient and Cryptographically Secure Addition in the Ideal Class Groups of Hyperelliptic

Efficient and Cryptographically Secure Addition in the Ideal Class Groups of Hyperelliptic Curves Diploma thesis Andrey Bogdanov* Scientific advisors: Prof. Dr. Dr. h.c. Gerhard Frey Prof. Dr. Vladimir Anashin Russian State

397 views • 29 slides
First steps towards cryptographically sound confidentiality analysis of cryptographic protocols

First steps towards cryptographically sound confidentiality analysis of cryptographic protocols

First steps towards cryptographically sound confidentiality analysis of cryptographic protocols Peeter Laud peeter l@ut.ee Tartu Ulikool Cybernetica AS Teooriap aevad Arulas, 3.-5.02.2003 p.1/27 Overview Cryptographic protocols.

570 views • 27 slides
Cryptographically Sound Security Proofs for Basic and Public-key Kerberos ESORICS 2006 M.

Cryptographically Sound Security Proofs for Basic and Public-key Kerberos ESORICS 2006 M.

Cryptographically Sound Security Proofs for Basic and Public-key Kerberos ESORICS 2006 M. Backes 1 , I. Cervesato 2 , A. D. Jaggard 3 , A. Scedrov 4 , and J.-K. Tsay 4 1 Saarland University, 2 Carnegie Mellon University - Qatar, 3 Tulane

370 views • 18 slides
Finding Cryptographically Strong Elliptic Curves An Introduction Hamish Ivey-Law

Finding Cryptographically Strong Elliptic Curves An Introduction Hamish Ivey-Law

Outline Elliptic curve cryptography Secure domain parameters Case study: finding secure Edwards curves Finding Cryptographically Strong Elliptic Curves An Introduction Hamish Ivey-Law hlaw@iml.univ-mrs.fr Institute de Math ematiques de

662 views • 41 slides
Cryptographically Generated IPv6 Addresses (CGA) Basic idea: Interface Id = hash (Public Key)

Cryptographically Generated IPv6 Addresses (CGA) Basic idea: Interface Id = hash (Public Key)

Cryptographically Generated IPv6 Addresses (CGA) Basic idea: Interface Id = hash (Public Key) The public key is used to authenticate messages sent from the CGA address. Proof of address ownership without security infrastructure. Prior

541 views • 6 slides
UT DA Hierarchical and Analytical Hierarchical and Analytical Pla Placement T cement

UT DA Hierarchical and Analytical Hierarchical and Analytical Pla Placement T cement

UT DA Hierarchical and Analytical Hierarchical and Analytical Pla Placement T cement Technique echniques for s for High High- Performa Performance A nce Analog C nalog Circuit ircuits Biying Xu, Shaolan Li, Xiaoqing Xu, Nan Sun, and

506 views • 29 slides
Proposal of a Hierarchical Proposal of a Hierarchical Architecture for Multimodal Architecture for

Proposal of a Hierarchical Proposal of a Hierarchical Architecture for Multimodal Architecture for

Proposal of a Hierarchical Proposal of a Hierarchical Architecture for Multimodal Architecture for Multimodal Interactive Systems y Masahiro Araki* 1 Tsuneo Nitta* 2 Kouichi Katsurada* 2 Takuya Nishimoto* 3 Tetsuo Amakasu* 4 Shinnichi Kawamoto* 5

546 views • 35 slides
Compositional Action System Derivation Introduction Using Enforced Properties Action systems

Compositional Action System Derivation Introduction Using Enforced Properties Action systems

Compositional Action System Derivation Using Enforced Properties Brijesh Dongol and Ian J. Hayes Compositional Action System Derivation Introduction Using Enforced Properties Action systems Enforced properties Example Brijesh Dongol

785 views • 45 slides
Administrative Penalties (A.M.P.s) By-laws Enforced by M.L.E. M.L.E. enforces 34 City By-laws

Administrative Penalties (A.M.P.s) By-laws Enforced by M.L.E. M.L.E. enforces 34 City By-laws

Administrative Penalties (A.M.P.s) By-laws Enforced by M.L.E. M.L.E. enforces 34 City By-laws and 1 Provincial Law A Z Adequate Heat By-law Lodging House By-law Snow and Ice Removal By-law Bicycle

619 views • 32 slides
The EFTA Surveillance Authority: How EEA law is enforced EFTA Secretariat, Brussels 14 February

The EFTA Surveillance Authority: How EEA law is enforced EFTA Secretariat, Brussels 14 February

The EFTA Surveillance Authority: How EEA law is enforced EFTA Secretariat, Brussels 14 February 2019 Cath Howdle Deputy Director, Legal and Executive Affairs Department, ESA Hgni S. Kristjansson Bente Angell-Hansen Frank Bchel

562 views • 23 slides
Separation and convexity properties of hierarchical and non hierarchical clustering Patrice

Separation and convexity properties of hierarchical and non hierarchical clustering Patrice

Plan Separation and convexity properties of hierarchical and non hierarchical clustering Patrice Bertrand 1 1 CEREMADE, Universit e Paris-Dauphine, Paris, France Joint work with Jean Diatta 2 2 LIM, Universit e de La R eunion,

401 views • 29 slides
IRS Enforced Collection Actions: Challenges and Responses to Federal Tax Liens and Levies

IRS Enforced Collection Actions: Challenges and Responses to Federal Tax Liens and Levies

Presenting a live 90-minute webinar with interactive Q&amp;A IRS Enforced Collection Actions: Challenges and Responses to Federal Tax Liens and Levies Mitigating the Effects of Tax Liens, Navigating the Levy and Asset Seizure Process TUESDAY,

749 views • 72 slides
HIERARCHICAL DESIGN IN Victor Khomenko, Danil Sokolov, Alex Yakovlev Why hierarchical? The

HIERARCHICAL DESIGN IN Victor Khomenko, Danil Sokolov, Alex Yakovlev Why hierarchical? The

HIERARCHICAL DESIGN IN Victor Khomenko, Danil Sokolov, Alex Yakovlev Why hierarchical? The only way to design large systems Requests from the engineers Natural development of Workcraft Automation of repetitive tasks by tracking

612 views • 13 slides
FeUdal Networks for Hierarchical Reinforcement Learning Alexander Sasha Vezhnevets, Simon

FeUdal Networks for Hierarchical Reinforcement Learning Alexander Sasha Vezhnevets, Simon

FeUdal Networks for Hierarchical Reinforcement Learning Alexander Sasha Vezhnevets, Simon Osindero, Tom Schaul, Nicolas Heess, Max Jaderberg, David Silver, Koray Kavukcuoglu Topic: Hierarchical RL Presenter: Thophile Gaudin Why Hierarchical

921 views • 22 slides
Surveillance: How EEA law is enforced Cath Howdle Deputy Director Legal and Executive Affairs

Surveillance: How EEA law is enforced Cath Howdle Deputy Director Legal and Executive Affairs

Surveillance: How EEA law is enforced Cath Howdle Deputy Director Legal and Executive Affairs 17 September 2019 ESAs role ESA monitors compliance with the EEA Agreement in Norway, Iceland and Liechtenstein. - Article 108 EEA -

441 views • 19 slides
Hierarchical Bounding Volume October 11, 2005 () Hierarchical Bounding Volume October 11, 2005

Hierarchical Bounding Volume October 11, 2005 () Hierarchical Bounding Volume October 11, 2005

Hierarchical Bounding Volume October 11, 2005 () Hierarchical Bounding Volume October 11, 2005 1 / 15 Outline Introduction to hierarchical bounding volume (HBV) Tree generation Other optimization issues () Hierarchical Bounding Volume

350 views • 16 slides
Hierarchical Clustering 4-4-16 Hierarchical clustering: the setting Unsupervised learning

Hierarchical Clustering 4-4-16 Hierarchical clustering: the setting Unsupervised learning

Hierarchical Clustering 4-4-16 Hierarchical clustering: the setting Unsupervised learning no labels/output, only x/input Clustering Group similar points together Machine learning taxonomy Supervised Semi-Supervised Unsupervised

366 views • 15 slides
Unsupervised Learning and Clustering Owen Roberts, Zach Busser, Ganesh Sugunan Hierarchical

Unsupervised Learning and Clustering Owen Roberts, Zach Busser, Ganesh Sugunan Hierarchical

Unsupervised Learning and Clustering Owen Roberts, Zach Busser, Ganesh Sugunan Hierarchical Clustering Hierarchical Clustering Hierarchical Representations Hierarchical Algorithms Agglomeration &quot;Nearest&quot; Clusters Complexity

769 views • 49 slides
CheriABI Hardware enforced memory safety for FreeBSD Brooks Davis , Robert N. M. Watson,

CheriABI Hardware enforced memory safety for FreeBSD Brooks Davis , Robert N. M. Watson,

CheriABI Hardware enforced memory safety for FreeBSD Brooks Davis , Robert N. M. Watson, Alexander Richardson, Peter G. Neumann, Simon W. Moore, John Baldwin, David Chisnall, James Clarke, Nathaniel Wesley Filardo, Khilan Gudka, Alexandre

430 views • 29 slides
Hierarchical Modeling Hierarchical modeling has taken over the landscape in contemporaery

Hierarchical Modeling Hierarchical modeling has taken over the landscape in contemporaery

Hierarchical Modeling Hierarchical modeling has taken over the landscape in contemporaery stochastic modeling Intent here is to show a range of examples In the development, we will also show the connections to Gibbs sampling, why Gibbs sampling

340 views • 13 slides
Efficient System-Enforced Deterministic Parallelism Amittai Aviram, Shu-Chun Weng, Sen Hu, Bryan

Efficient System-Enforced Deterministic Parallelism Amittai Aviram, Shu-Chun Weng, Sen Hu, Bryan

Efficient System-Enforced Deterministic Parallelism Amittai Aviram, Shu-Chun Weng, Sen Hu, Bryan Ford Decentralized/Distributed Systems Group, Yale University http://dedis.cs.yale.edu/ 9 th OSDI, Vancouver October 5, 2010 Pervasive

929 views • 35 slides

More recommend