Databases Reference
In-Depth Information
A
$
B
%
%
%
%
%
%
%
%
%
%
C
D
CD
ABC
ABD
Fig. 8.
An example of transformed user hierarchy.
different users can share the same secret key, while resources are all encrypted
using a different key. Moreover, since the number of vertexes in the hierarchy
depends on the number of users (resources, respectively) in the system, if
U
is
R
smaller than
,
UH
will be probably more convenient than
RH
. In the following,
we focus on the user-based hierarchy, but the discussion is however applicable
also to the resource-based hierarchy.
It is easy to note that
UH
structure defines a great number of keys, some
of which may be useful neither for encryption nor for distribution to users.
This causes both an expensive key derivation process on the client side, and
an excessive storage workload for the server. As a matter of fact, the length
of key derivation paths in
UH
is linear in
|U|
, and the number of tokens stored
on the server grows with
.
To the aim of reducing both key derivation costs and, more generally, the
size of the key derivation hierarchy, the authors propose to remove from
UH
all those vertexes that are not necessary for access control enforcement [48].
Therefore, the vertexes that are maintained in the hierarchy are those that
represent singleton sets of users and resources'
acl
s. These vertexes are then
connected in a new hierarchical structure, according to the
|U|
partial order
relation. The resulting hierarchy should guarantee that any user
u
i
can com-
pute, from her private key, the keys used to encrypt all and only the resources
belonging to her capability list. To this purpose, the authors propose an algo-
rithm that, starting from the set of required vertexes, builds a key derivation
hierarchy on which they apply the Atallah et al. key derivation method. To
improve the key derivation process for final users, the algorithm tries to min-
imize the number of tokens in the system. To this aim, other vertexes besides
the necessary ones are possibly added to the hierarchical structure. Consider-
ing the user hierarchy in Fig. 7, Fig. 8 illustrates the hierarchy corresponding
to the access control policy in Fig. 6, and containing only the vertexes needed
for a correct enforcement of the policy.
Zych and Petkovic [49] exploit Die-Hellman key generation scheme and
asymmetric encryption for enforcing selective access on outsourced data.
Given a user-based hierarchy, the authors propose to build a
V-graph
start-
ing from it. For each vertex in the V-graph, the number of incoming edges is
either 2 or 0, and for any two vertexes, there is at most one common parent
vertex. The resulting structure is a
binary tree
, whose leaves represent single-
ton sets of users, and whose root represents the group containing all the users
