An RSA-based time-bound hierarchical key assignment scheme for electronic article subscription

Yeh, Jyh-haw

doi:10.1145/1099554.1099629

Cited by 25 publications

(24 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Security Related Notes Akl-Taylor [3] provable [1], [4] time-invariant; provably secure with the strong RSA assumption Tzeng [4] compromised [8] [7] Lucas sequence [5] has known weaknesses [9]; e i generation defective [21] Chien [10] compromised [12] [11], [13], [14] fix with security proof available in full version of [16] Bertino et al [14] compromised [16] fix with security proof available in full version of [16] Yeh [2] compromised [17] [18] Huang-Chang [19] compromised [20] Wang-Laih [1] no formal proof Tzeng [21] no formal proof e i 's become pairwise relatively prime (thus slightly different from [3], [4]) Ateniese et al [17] provable contributes the first formal framework and two provably secure schemes Atallah et al [22] provable [23] incorporates time-dependent capabilities to existent key management Briscoe [24] no formal proof [25] purely time-based, no security hierarchy time, Tzeng proposed a secure data access system [21] based on an anonymous authentication scheme and his new timebased hierarchical KA scheme, the latter among which appears immune to collusion attacks. In the same year, the first result that provides a formal framework for time-bound hierarchical KA schemes was given by Ateniese et al [17], where the notion of security for such KA schemes is formalized and two provably secure solutions are also proposed.…”

Section: Methodsmentioning

confidence: 99%

“…A major problem observed is that, a proposed scheme may soon be found subject to certain collusion attacks (e.g., [8] against [4], both [12] and [13] against [10], [20] against [17], [19] against both [2] and [18], and the recent [16] against [14]), though sometimes a corresponding remedy may be available. Another problem is as follows.…”

Section: Methodsmentioning

confidence: 99%

“…1 there are four independent TV channels C 5 , C 6 , C 7 , and C 8 , and subscription to package C 3 allows for the access to two of them (C 6 and C 8 ), while subscription to package C 1 allows for all. Another example is the electronic journal subscription system, where a user can subscribe to any combination of the available journals within a chosen period of time [2].…”

Section: From Class Keys To Session Keysmentioning

confidence: 99%

“…In 2005, Yeh proposed a new time-bound hierarchical KA scheme [2] based on the RSA public-key cryptosystem [6], which is claimed to be resilient to collusion attacks. Unfortunately, Ateniese et al soon identified that the scheme [2] is insecure against a two-party collusion attack [17], and the attack even affects a later work by Yeh published in 2008 [18].…”

Section: Time-bound Hierarchical Ka: a Surveymentioning

confidence: 99%

“…Unfortunately, Ateniese et al soon identified that the scheme [2] is insecure against a two-party collusion attack [17], and the attack even affects a later work by Yeh published in 2008 [18]. There is also a scheme [19] very similar to Yeh's [2], and is found to be vulnerable to a twoparty collusion attack [20] as well.…”

Section: Time-bound Hierarchical Ka: a Surveymentioning

confidence: 99%

See 4 more Smart Citations

Time-Bound Hierarchical Key Assignment: An Overview

Zhu

Deng

Zhou

et al. 2010

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

SUMMARYThe access privileges in distributed systems can be effectively organized as a partial-order hierarchy that consists of distinct security classes, and the access rights are often designated with certain temporal restrictions. The time-bound hierarchical key assignment problem is to assign distinct cryptographic keys to distinct security classes according to their privileges so that users from a higher class can use their class key to derive the keys of lower classes, and these keys are time-variant with respect to sequentially allocated temporal units called time slots. In this paper, we present the involved principle, survey the state of the art, and particularly, look into two representative approaches to time-bound hierarchical key assignment for in-depth case studies. key words: information security, access control, time-bound hierarchical cryptographic key management

show abstract

Section: Methodsmentioning

confidence: 99%

Section: Methodsmentioning

confidence: 99%

Section: From Class Keys To Session Keysmentioning

confidence: 99%

Section: Time-bound Hierarchical Ka: a Surveymentioning

confidence: 99%

Section: Time-bound Hierarchical Ka: a Surveymentioning

confidence: 99%

See 3 more Smart Citations

Time-Bound Hierarchical Key Assignment: An Overview

Zhu

Deng

Zhou

et al. 2010

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

show abstract

An efficient and provably secure time‐limited key management scheme for outsourced data

Kumar

Tiwari²,

Zheng

et al. 2018

Concurrency and Computation

View full text Add to dashboard Cite

Summary A time‐limited data access control scheme allows a user's access to the data files only for a specified time period. A cryptographic solution to the time‐limited access control problem is by encrypting each data group associated with a time period with a distinct key. The data is encrypted by the data owner. The respective decryption keys are then distributed to authorized users by the data owner. A user requires one secret decryption key storage for each authorized time period. To reduce the secret key storage with each user, time‐limited hierarchical key management schemes are generally used. Many such schemes are proposed in the recent years. The objective of these schemes is system efficiency and data security. Construction of such schemes become more challenging when data is outsourced to an untrusted third party service provider. In current work, an efficient and secure time‐limited hierarchical key assignment scheme is proposed for key management suitable for data outsourcing scenario. We compare it with the other recent similar schemes. The scheme is formally proved against the modern stronger security notion called key indistinguishability.

show abstract

Role‐based and time‐bound access and management of EHR data

Zhang

Liu

Xue

2013

Security Comm Networks

View full text Add to dashboard Cite

Security and privacy are widely recognized as important requirements for access and management of electronic health record (EHR) data. In this paper, we argue that EHR data need to be managed with customizable access control in both spatial and temporal dimensions. We present a role‐based and time‐bound access control (RBTBAC) model that provides more flexibility in both roles (spatial capability) and time (temporal capability) dimensions to control the access of sensitive data. Through algorithmic combination of role‐based access control and time‐bound key management, our RBTBAC model has two salient features. First, we have developed a privacy‐aware and dynamic key structure for role‐based privacy aware access and management of EHR data, focusing on the consistency of access authorization (including data and time interval) with the activated role of user. In addition to role‐based access, a path‐invisible EHR structure is built for preserving privacy of patients. Second, we have employed a time tree method for generating time granule values, offering fine granularity of time‐bound access authorization and control. Our initial experimental results show that tree‐like time structure can improve the performance of the key management scheme significantly, and RBTBAC model is more suitable than existing solutions for EHR data management because it offers high‐efficiency and better security and privacy. Copyright © 2013 John Wiley & Sons, Ltd.

show abstract

An RSA-based time-bound hierarchical key assignment scheme for electronic article subscription

Cited by 25 publications

References 7 publications

Time-Bound Hierarchical Key Assignment: An Overview

Time-Bound Hierarchical Key Assignment: An Overview

An efficient and provably secure time‐limited key management scheme for outsourced data

Role‐based and time‐bound access and management of EHR data

Contact Info

Product

Resources

About