Hierarchical group key management for secure data sharing in a cloud‐based environment

Rao, R. Velumadhava; Selvamani, K.; Kanimozhi, S.; Kannan, A.

doi:10.1002/cpe.4866

Cited by 9 publications

(4 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…On the other hand, the second model is hard to design but relatively easy to manage after a successful implementation. One work that focuses on the hierarchy inside of a user group is [113]. The authors of this paper proposed hierarchical group key management techniques for a cloud environment.…”

Section: G Dynamic Group Managementmentioning

confidence: 99%

A Survey on Identity and Access Management for Cross-Domain Dynamic Users: Issues, Solutions, and Challenges

et al. 2023

View full text Add to dashboard Cite

Access control management in a heterogeneous cloud environment, where the number of users is growing, is a daunting task for service providers. Efficiency is heavily reliant on shared resources in a modern cloud computing culture. Although data or service sharing is highly appreciated for collaborative projects, preserving identity and access management security is challenging in this context. The difficulties encountered are diverse, including a single point of failure, incompatibility, dynamic user groups, trust establishment, and revocation. Despite extensive research, certain obstacles and issues need to be addressed. In this article, challenges in access management in centralized and decentralized identity governance are grouped into different categories and accompanied by background information on the topic. Studies and implemented projects have been evaluated regarding their value and flaws. Traditional approaches, such as centralized and federated identity, as well as more futuristic methods, such as blockchain-based decentralized identity, AI/ML access management, and ABE schema, have been investigated while writing this paper. A comparative evaluation of the proposed studies has been included, where the differences and similarities can be observed.

show abstract

Section: G Dynamic Group Managementmentioning

confidence: 99%

A Survey on Identity and Access Management for Cross-Domain Dynamic Users: Issues, Solutions, and Challenges

et al. 2023

View full text Add to dashboard Cite

show abstract

“…The classic centralized GKD is the logical key hierarchy [2], which reduces the communication overload from O(n) to O(log 2 n) by using a binary key tree. Many such schemes [7,8] for secure multicast communications adopt tree structures, which have a proper balance between communication, computation, and storage overload. Anand et al [9] propose a scheme that integrates the principles of a routing tree mapped logical key tree for lightweight and secure group communication.…”

Section: Related Workmentioning

confidence: 99%

A Hierarchical Multicast Key Distribution Protocol

Yao

Liu

et al. 2021

Electronics

View full text Add to dashboard Cite

In secure group communication, group keys (GK) are used to ensure the confidentiality of communication. The group key distribution (GKD) is responsible for updating and distributing new group keys when the group membership changes. Most well-known GKD protocols are based on a logical key hierarchy (LKH), where only one group controller (GC) is used. These protocols have various issues, including a single point of failure, meaning that the GC often has a huge workload and can be easily overwhelmed. In this paper, we propose a hierarchical multicast key distribution protocol that supports multi-level controllers to manage a group. Each controller just needs to manage the next-level nodes, and if one fails, the superior controller can replace it with minimal work. The proposed protocol effectively balances the work of controllers, greatly improves the reliability of the group key distribution, and also allows group members to build dynamic conferences without controllers. We provide a security proof of the proposed protocol in a symbolic security model and compare it to other protocols in terms of efficiency, functionality, and security.

show abstract

“…The parameters used are defined as follows under the assumption that n sensors are currently employed by the underlying WSN. (1)ID i : the identity of node i, ID i = i , 1 ≤ i ≤ n . (2)KDS: The key distribution server as node 1, ie, ID 1 , is responsible for two main tasks: (a) key management, generation, and assignment; (b) broadcasting messages to all nodes to update their key cross, which will be defined later. (3)Symmetric Key Matrix (SKM): The KDS generates

\frac{1}{2} n ((), n + 1)

random numbers to construct an n × n symmetric matrix SKM = { K i,j | 1≤ i , j ≤ n }, which is stored in KDS only, where K i,j = K j,i for all i s and j s. 。 (4)Communication Key Group of node i ( CKG i ): Node i , 1 ≤ i ≤ n , having a set of its own communication keys, which is used to construct CKG i , ie, CKG i = { K i,j |1 ≤ j ≤ n and j ≠ i }. (5) K 1,1 : The master key of the KDS, which is a common key shared by all nodes in the WSN for message encryption, authentication, and management. (6) K i,i : The master key used by node i , 2 ≤ i ≤ n , for message encryption and authentication. (7) K g : The group key of the system, which is shared by all nodes in the WSN and used for generation of individual authentication key. (8) G ‐ tab : The system group‐table, a 16×16 random permutation table, which is created by the KDS and shared by all nodes in the WSN to derive temporary encryption keys for message transmission. (9) IC i ‐ tab : The individual characteristic table established for node i , 1 ≤ i ≤ n , which is a 16×16 random permutation table created by the KDS for message encryption and authentication. (10) K i , AK : The individual authentication key of node i , 2 ≤ i ≤ n , which is generated by KDS and utilized by node i to ensure that a received message is sent by the legitimate KDS. (11) K i , AK,V : The verification individual authentication key generated by receiving node, ie, node i , and utilized to ensure that a received message is sent by the legitimate KDS. (12) K h : The system hidden key is owned only by the KDS and used to generate K i , AK , 2 ≤ i ≤ n . (13) t nonce ,s : The source node's CPU time when a message is created, attempting to effectively defend against replay attacks. (14) t nonce ,c : The receiving node's current CPU time when a message is received. (15) K CT : The current time key derived from t nonce , for encrypting messages and effectively defending against replay attacks. (16) rand : a random number of m bits long. (17) EK 1 and EK 2 : The encryption keys which are used to encrypt transmitted messages. (18) VK : The Verification Key which is adopted to authenticate the identity of the sender. (19) TK 1 ∼ TK 4 : Temporary keys used to generate the encryption and verification keys. (20) msg : The transmitted message, the size of which is k times the key size, k ∈Z + . (21) k ‐code: the key‐refreshment‐code, the size of which is the same as that of a key …”

Section: The Skemrfmentioning

confidence: 99%

A secure and efficient WSN by employing symmetric key matrix and rectangular frame scheme

Huang

Leu

Sheu

et al. 2019

Concurrency and Computation

View full text Add to dashboard Cite

Summary Currently, wireless sensor networks (WSNs) have been widely developed in different domains. Generally, sensors work independently, so it is relatively easier for a WSN to add new nodes. Often, a WSN is constrained to low energy consumption. However, data encryption/decryption not only takes a long time but also consumes many network resources. Due to limited battery power and CPU capability, a sensor's encryption algorithm should not be complicated. However, a simple security algorithm will downgrade the system's security level. Hence, designing a secure wireless transmission system with high encryption/decryption performance, particularly for 5G networks, is an urgent task. Therefore, in this study, we propose an efficient and secure approach, named the Symmetric Key Matrix and Rectangular Frame Scheme (SKeMRF, for short), which involves security mechanisms to speed up encryption/decryption operations for a WSN. Further, the SKeMRF integrates global Symmetric Key Matrix (SKM, for short) and other security mechanisms to ensure the security of transmitted data and enable the system to effectively resist the forgery KDS attack, thus greatly enhancing security of the whole system. Theoretical analysis and simulation show that the SKeMRF is an efficient and highly secure WSN compared with those state‐of‐the‐art schemes.

show abstract

Hierarchical group key management for secure data sharing in a cloud‐based environment

Cited by 9 publications

References 27 publications

A Survey on Identity and Access Management for Cross-Domain Dynamic Users: Issues, Solutions, and Challenges

A Survey on Identity and Access Management for Cross-Domain Dynamic Users: Issues, Solutions, and Challenges

A Hierarchical Multicast Key Distribution Protocol

A secure and efficient WSN by employing symmetric key matrix and rectangular frame scheme

Contact Info

Product

Resources

About