Journal of Coputatonal Inforaton Systes 6:7(200) 2423-2430 Avalable at http://www.jofcs.co A Novel Dynac Role-Based Access Control Schee n User Herarchy Xuxa TIAN, Zhongqn BI, Janpng XU, Dang LIU School of Coputer and Inforaton Engneerng, Shangha Unversty of Electrc Power Shangha 200090, Chna Abstract Role-based access control s an portant echans to prevent the unauthorzed access n ters of roles. User herarchy s an effcent structure to express the relatons between dfferent roles. The cobnaton between role-based access control and the user herarchy s requred n dfferent context, especally n open nternet envronent where the publshed or delegated data are encrypted for prvacy. In ths paper, we propose a novel role-based access control schee n user herarchy, whch can pleent dynac access control n open nternet envronent. Our approach s pleented by usng one-way hash functon to avod the leakage of keys fro dfferent roles, by usng a hashed value as the dentfer of a role and by usng dervaton functon to derve keys n the lower herarchy fro the keys n the upper herarchy. The key generaton, dentfer coputaton and key dervaton s qute sple, and the paraeters reebered by users are fxed. Keywords: Role-based Access Control; Dynac Access Control; User Herarchy. Introducton In recent years, ore and ore nforaton ncludng senstve data s publshed through nternet. However, the leakage of senstve data, such as edcal records or stocks data, ake the data publcaton developng slowly. In order to protect the senstve data fro unauthorzed or alcous access, ost of proposed papers are focused on adoptng encrypton to guarantee the prvacy of senstve data. Under the encrypton technque, only the user who has the correct decrypton key can decrypt the encrypted data and gets the real senstve data. However, encrypton of data brngs about two probles, one s that the encrypton for all senstve data by usng only one encrypton key akes all data n danger, the other s that the encrypton for each senstve data by usng dfferent encrypton keys akes the key anageent and dstrbuton dffcult. Therefore t s ore attractve and portant to cobne the encrypton wth access control n herarchy to pleent the effcent access control as well as the protecton of senstve data. In ths paper, we concentrate on desgnng a novel access control schee, whch can copute the keys for all users n ters of the dfferent relatons aong users n the herarchy. Related work. Access control n database s an portant echans to guarantee the securty and data prvacy, and there are any access control odels appled to dfferent data anageent systes. Bertno et al[2] states the current challenge of database securty and evoluton of the access control odel n dfferent data anageent syste, and dscussed access controls n obect-orented database systes n []. But n the data publcaton[6] and database outsourcng odel[4], tradtonal access control technology Correspondng author. Eal addresses: tanxuxa_76@sna.co.cn (Xuxa TIAN) 553-905/ Copyrght 200 Bnary Inforaton Press July, 200
2424 X. Tan et al. /Journal of Coputatonal Inforaton Systes 6:7(200) 2423-2430 whch operates on the clent-server archtecture n ters of the assupton that the trusted server s responsble for the desgnng and enforcng of the access control polcy, s challenged, because the data publsher or the database servce provder ay be untrusted for the publshed or delegated data contents. In data publcaton, Mklau et al[6] frst proposed a fraework to enforce access control polces on publshed XML docuents by usng cryptography, n whch the data owner enforce access control polcy by dstrbutng keys to users who are granted to access the correspondng data. In outsourced database, Saarat[3], Vercat [4], Tan[5] et al proposed to cobne the encrypton and access control to realze the effcent access control n ters of the keys dstrbuton. Especally Tan[5] ntroduced a DSP re-encrypton echans to pleent the selectve access control of the encrypted data as well as releve the clent fro the coplex key dervaton procedure. A nuber of works [7][8][9][0][][2][3] relatng to access control n a herarchy have been proposed. In alost all these works, there s a relatonshp between the key assgned to a node and those assgned to ts chldren. The dfference between the related works les ostly n the dfferent cryptographc technques eployed for key generaton. Yang et al[7] addressed an access control schee based on one-way hash functon, but Hsu et al[8] ponted out the securty leakage n Hsu s schee and proposed a new robust dynac access control schee. However, Hsu et al[8] schee ntroduced each user s dentty nforaton nto the hash functon to avod the key leakage. In ths paper, we concentrate on desgnng a schee to solve how to copute the prvate keys for users n ters of the dfferent relatons aong users n the herarchy. In our approach, the users n the herarchy are grouped nto dfferent roles n ters of ther access rghts, that s, the users who have the sae access rghts are assgned nto the sae role. 2. Prelnares 2.. Hash Functon We use H denotng as a hash functon, whch s the functon by nputtng an nforaton of arbtrary length and outputtng a dgest of fxed length. Assue H s an one-way, collson-resstant hash functon, whch eets wth the followng two propertes: ) Coputng H () s easy under the condton of known nforaton, but the reverse s ntractable. 2) If ', then H ( ) H ( ' ). Fg. Hash Functon Workng Prncple Fg. s the workng flow and propertes for hash functon H. Fro Fg. we know that H () s not equal to H (') as long as s not equal to ', that s to say that any bt of changng n nforaton wll result n dfferent hash result H (). The hash functon s the portant securty and effcency
X. Tan et al. /Journal of Coputatonal Inforaton Systes 6:7(200) 2423-2430 2425 guarantee for the schee proposed by us. 2.2. Partally Ordered Set (POSET) Due to the practcal organzaton relaton n copany, the access control s always fored as a user herarchy, n whch users are grouped nto dfferent roles, and each role s assgned a dfferent securty clearance, such as, 2,..., n n Fg.2, n s the nuber of roles. If usng < expresses a bnary partally ordered relaton, then < denotes that has hgher securty clearance than, n other words, the users n have the rghts to access data belongng to users n, but the reverse doesn t succeed. For clearness we gve the foral defnton of POSET n the followng. Suppose that an organzaton structure can be represented as a partally ordered set (, < ), s a set of levels n herarchy, and < s the donance relaton between the levels. For splcty, we also use representng the role n that level. In the followng and are two levels respectvely n the herarchy. ) If <, then we say that strctly donates, and s strctly donated by. 2) If < and >, then we say that the two levels are equal and denote ths as =. 3) If ether < or =, then we say that donates, and s donated by and denotes ths as. 4) If nether nor, then we say that the two levels are ncoparable. 5) If < and no z akes < z < succeed, then we say that s a parent of. If < only, then we say that s an ancestor of and s a descendant of. So the organzaton structure n Fg.2 s a POSET, and then satsfes the propertes of POSET. 3. Revew Hash Based Schee 3.. Yang[7] s Schee In Yang[7] s schee, A trusted certfcaton authorty(ca) frst deternes a set of one-way hash functons S H = { H, H 2,..., H n}, where n s the axu degree of the herarchy, n another words, the axu drect chld nodes of one parent node n the herarchy. Assung that there are seven securty clearances, 2, 3, 4, 5, 6, 7, and whch are organzed n a herarchy n Fg.2. The degree s 3 for the herarchy n Fg.2. In ther approach, the CA assgns one secret key k for each securty clearance, 7, such as k for securty clearance, k 2 for securty clearance 2. The dervaton rule s dvded nto the followng three stuatons: ) For the root node. The secret key for the root node s assgned arbtrarly by CA and can t be derved by anyone, such as k for. 2) For the node whch has unque drect parent node. Suppose node s the unque drect parent node of node,, and s the th chld node of, denoted as C,, the chld
2426 X. Tan et al. /Journal of Coputatonal Inforaton Systes 6:7(200) 2423-2430 are nubered fro the left to the rght. The secret key of can be derved fro k = H ( k ). For C, exaple 3 s the 2 th chld node of, denoted as C,2, and the secret key k 3 can be derved fro equaton k = H ( k ). 3 C,2 3) For the node whch has ore than one drect parent node. Suppose has drect parent nodes,,...,, where 2,, and s the th chld node of, C denoted as,. Assue the secret keys of k, k,..., k respectvely, the 2,,..., are,,2, parent H ( k ), t ust share the other paraeters Ct, t C s the order of t th parent node, t, and t, to derve the secret key of through the equaton: k = H ( H ( k ), H ( k ),..., H ( k )), C, denotes that s the C, C,, C, 2,2 C,, th chld node of. Fg. 2 Key Dervaton n the Herarchy Fg. 3 After Addng a New Node new For exaple, takng Fg.2 as an exaple, explans how to assgn and derve keys for each node n the herarchy through the followng stuatons: ) The secret key of the root node s k. 2) Node 2 can derve the secret key of node 5 by coputng H 2 ( k 2 ), therefore k 5 = H 2 ( k 2 ), and accordng to the sae rule, coputng k 2 = H ( k ), k 3 = H 2 ( k ) et al. Node 6 has two drect parent nodes, so node 2 and node 3 both can derve the secret key of 6 by coputng k 6 = H 3 ( H 3 ( k2 ), H( k3 )) under the condton that nodes 2 and 3 sharng the values of H ) and H ) each other. 3 ( k 2 ( k 3 3.2. The Attacks n Yang[7] s Schee and ts Iproveent Paper[8] ponts out that n schee[7] soeone ay overstep hs authorty to access the unauthorzed nforaton n two cases, one s addng a new node, and the other s addng a new node after deletng an old
X. Tan et al. /Journal of Coputatonal Inforaton Systes 6:7(200) 2423-2430 2427 one. Fg.3 s the graph after addng a new node n the poston of frst chld n Fg.2. Now the secret key of node 6 s coputed fro H ( k 3 ) and H 4 ( k 2 ) n ters of the coputaton rule, k 6 = H 3 ( H 4 ( k 2 ), H( k3 )), but before ths node 3 has already known the share value H 3 ( k 2 ), whch s now the secret key of node 5. Therefore the securty of node 5 wll be endangered, and the nforaton encrypted by usng secret key H 3 ( k 2 ) for node 5 wll be leaked. Fg.4 s another case, denotng that a new node s nserted n the poston where the old node has ust been deleted. Before the deletng operaton, node 3 knows the secret key H 3 ( k 2 ) of node 6, however, after the deletng operatng of node 5, node 3 wll know the secret key H 2 ( k 2 ) of node 6. Contnung the process, when addng a new node the secret key H 2 ( k 2 ) of the new node new new to the poston where node 5 s deleted, s already known by node 3, so the prvacy of new node new s endangered and the nforaton encrypted by the secret key H 2 ( k 2 ) s dsclosed. Hsu[8] proved the securty of schee proposed by Yang[7] through addng the dentty nforaton nto the process of secret key coputaton, such as k 2 can be coputed by usng the equaton k 2 = H( ID, k, ) 2 ID, where ID, ID 2 are the dentfer for node 2, respectvely. Fg. 4 Addng a New Node new after Deletng an Old Node 5 4. Proposed Schee n User Herarchy 4.. The Identfer Defnton for a Role We assgn an dentfer for each role n the syste, and the dentfer can be coputed and publshed by each role wthout dsclosng any prvacy of user. r d = H ( userd userd 2... userdn ) th Where and s the nuber of roles n the syste, n s the nuber of users n the role. So each te deletng or nsertng a user fro soe role, the dentfer of the role wll be changed at the sae te, Fg.5 llustrates the herarchy of roles n the syste and the correspondng publcaton table for dentfers of roles. For exaple, the herarchy n Fg.5 s an acadec organzaton n soe college n one unversty. The college s anaged by a Dean. Under the dean are the dfferent departents chars, such as coputer scence(cs) char, councaton engneerng(ce) char. The students, who are n the lowest level, are advsed by one or ore tutors n the correspondng teacher groups. In ters of the practcal applcaton, we need to antan the senstve score or transcrpt nforaton of each student. The followng access control requreents need to be satsfed. ) Each student can read hs/her score or transcrpt.
2428 X. Tan et al. /Journal of Coputatonal Inforaton Systes 6:7(200) 2423-2430 2) The teacher who teaches the student can read the score or transcrpt of the student. 3) The char of the departent n whch a student s aorng can read the student s score or transcrpt nforaton. 4) The dean can read all students transcrpts. Fg. 5 A Herarchy and ts Correspondng Publshed Identfers for Roles Suppose the Stu s a role whch s coposed of fve students, so the role dentfer for role Stu s n the followng. Stu d = H ( stud stud 2 stud 3 stud 4 stud 5 ) Assue the CS group conssts of three teachers, so the role dentfer for role CS group s as follows. CSgroup d = H ( teacherd teacherd 2 teacherd 3 ) The dentfers for other roles can be derved n ters of the nuber of persons n the roles, and the coputaton process s slar as above. So the deletng or nsertng users fro correspondng roles wll pact the dentfer of the role, and n turn effect the key dervaton fro the upper level to lower level. 4.2. The Proposed Schee Our schee requres satsfyng the followng three stuatons, that s, the key assgnent n the herarchy eet wth the followng three stuatons: ) For the unque parent node. Its secret key k root s assgned arbtrarly by the CA, such as k root = k for the node of role Dean. 2) For the nodes whch only have one drect parent node. If only has one drect parent node, then the secret key for s k = k = H k, ), k s the secret key for ( d, s the dentfer d for role, d can be searched n the publcaton of CA n table n Fg.6. For exaple, CS char can derve the secret key for CS group as follows. k = H ( k, CSgroup ), where CSgroup CSchar d CSgroup d = H ( teacherd teacherd 2... teacherd ), s the nuber of teachers n the CS group. 3) For the node whch has ore than one drect parent node. Suppose has drect parent nodes 2,,...,, where,, and s the th chld node of, denoted as C,. Assue the secret keys of 2,,..., are k, k,2,..., k,, respectvely, the parent ust
X. Tan et al. /Journal of Coputatonal Inforaton Systes 6:7(200) 2423-2430 2429 share the other paraeters H ( k, t, d ), d s the dentfer for role, t, and t, to derve the secret key of through the equaton: k = H ( H ( k,, d ), H ( k,2, d ),..., H ( k,, d )). For exaple, the secret key for role Stu2 n Fg.6 can be coputed as follows: k Stu2 = H ( H ( kcsgroup2, Stu2d ), H ( kcegroup, Stu2d )), where Stu 2d = H ( stud stud 2... stud ), s the nuber of students n role Stu2. 5. Dynac Access Control n the Herarchy 5.. Addng a User When addng a new user, there are two dfferent stuatons, the frst s that the new user doesn t belong to any role exst, so t s necessary to create a new role for the user. The second s that the new user belongs to a role exst, so the dentfer of the role exst need to be updated. In the frst stuaton If the new node wll be the new root node, the CA needs to assgn an arbtrary key for the new role, and all keys drect or ndrect wll be coputed agan. For exaple, nsertng a new node nto the root node n Fg.2, the orgnal node becoes the drect chld of new node knew arbtrarly for node new our proposed schee n secton 4.2. new new. The CA assgns a key, and all the other keys wll be regenerated n ters of the three stuatons n If a new node new s nserted nto a branch between and 3 n Fg.2, the drect parent only needs to derve the secret key k = H ( k, ) for the new nserted node new, where new newd newd s the dentfer of the new node, newd = H ( newuserd ). At the sae te the secret keys of drect or the ndrect chld of the new node new are updated, such as the keys for the nodes 3, 6, 7. The dentfers for all roles exst don t need to be updated because of no user nsertng. In the second stuaton If a new user s nserted nto a role exst, then we need to update the dentfer of the role, and at the sae te update the key for the role, such as nsertng a new user nto role 2 n Fg.2, then the dentfer of role 2 becoes H ( 2d d 2... 2d 2dnew ), 2 dnew s the d of new user. At the sae te the secret keys of drect or the ndrect chld of the role 2 are updated, such as the keys for the nodes 4, 5, 6. Insertng a new user nto the role 6 s the sae as above, but now only the dentfer and secret key of 6 s updated, the others are keep the sae because the node 6 s a leaf node. 5.2. Deletng a User When deletng a user, there are two dfferent stuatons, the frst s to delete a role(a node n the herarchy). The second s to delete a user fro soe role. In the frst stuaton When the deletng node s the root node, then the keys of ts drect or ndrect node should be updated. For exaple, the deletng of node fro Fg.2 results n the CA assgnng keys for nodes 2 and 3 arbtrarly, and then regeneratng the keys for the nodes below the, such as 4, 5, 6, 7. If a node 5 s deleted fro Fg.2, all other keys needn t to be updated because 5 s a leaf node. The dentfers for all roles exst don t need to be updated because of no user deletng.
2430 X. Tan et al. /Journal of Coputatonal Inforaton Systes 6:7(200) 2423-2430 In the second stuaton When deletng a user n soe role exst, then we need to update the dentfer of the role, and at the sae te update the key for the role, such as deletng a user fro role 3 n Fg.2, then the dentfer of role 3 becoes 3d = H ( 3d 3d 2... 3d ( ) ), s the nuber of users n role 3 after deletng. The key for 3 becoes k = H ( k, 3 ) 3 d, and all keys for drect or ndrect node under node 3 are updated n ters of the schee proposed by us. 6. Conclusons and Future Work In ths paper a dynac access control schee n user herarchy based on hash functon s proposed. A dervaton functon s proposed and used to derve keys for dfferent users n the herarchy. Our approach not only provdes the dynac nsertng and deletng support for users, but also s applcable to general case. Securty analyss shows that our schee s securty aganst the key leakage when users change ther roles or leave the roles. In the future, we respect to fnd ore flexble approaches on provng effcency to both the space and the coputaton, especally reduce the share nforaton. Acknowledgeent The authors are grateful for the anonyous revewers who ade constructve coents. Ths work was supported by Research Fund for Excellent Youth Scholars of Shangha Hgher Educaton(No. Z-2006-52). References [] E. Bertno, S. Jaoda, and P. Saarat. Access Controls n Obect-Orented Database Systes: Soe Appproaches and Issues. In Advanced Database Concepts and Research Issues, 993, LNCS 759. [2] E. Bertno and R. Sandhu. Database securty-concepts, approaches and challenges. IEEE Transactons on Dependable and Secure Coputng, 2005,2():2-8. [3] P. Saarat. A data outsourcng archtecture cobnng cryptography and access control. Proc. of the st Coputer Securty Archtecture Workshop, Farfax, VA, 2007, pp. 63-69. [4] S. De Captan d Vercat, S. Forest, S. Jaoda, S. Parabosch, and P. Saarat. Over-encrypton: anageent of access control evoluton on outsourced data. In Proc. of the 33rd VLDB Conference, Venna, Austra, 2007, pp. 23-34. [5] X. Tan, X. Wang, and A. Zhou. DSP RE-Encrypton: A Flexble Mechans for Access Control Enforceent Manageent n DaaS. 2009 IEEE Internatonal Conference on Cloud Coputng, 2009, pp. 25-32. [6] G. Mklau and D. Sucu. Controllng access to publshed data usng cryptography. In Proc. of the 29th VLDB Conference, Berln, Gerany, 2003,pp. 898-909. [7] C. Yang and C. L. Access control n a herarchy usng one-way hash functons. Coputers and Securty, 2004, 23( 8) :659-664. [8] C.L. Hsu, P.L. Tas, and Y.C Chou. Robust dynac access control schee n a user herarchy based on one-way hash functon.2009, http://dspace.lb.fcu.edu.tw/btstrea/2377/23//ce07cs002008000068.pdf. [9] S. G. Akl and P. D. Taylor. Cryptographc Soluton to a Multlevel Securty Proble. Advances n Cryptology: Proceedngs of CRYPTO, Plenu Press, NY, 982, pp. 237 249. [0] S. G. Akl and P. D. Taylor. Cryptographc Soluton to a Proble of Access Control n a Herarchy. ACM Transactons on Coputer Systes, 983,(3):239 248. [] F. H. Kuo, V. R. L. Shen, T. S. Chen, and F. La. Cryptographc key assgnent schee for dynac access control n a user herarchy. Proceedngs of Coputers and Dgtal Technques, 999, 46(5): 235-240. [2] T. C. Wu and C. C. Chang. Cryptographc key assgnent schee for herarchcal access control. Coputer Systes Scence and Engneerng, 200, 6():25-28. [3] J. Crapton, K. Martn, and P. Wld. On key assgnent for herarchcal access control. In Proc. Of the 9th IEEE CSFW, Vence, Italy, 2006,pp.98-.