A scalable Role-based Group Key Agreement and Role Identification mechanism

2011 IEEE International Systems Conference Pub Date : 2011-04-04 DOI:10.1109/SYSCON.2011.5929100

J. Bian, R. Seker, U. Topaloglu, Coskun Bayrak

{"title":"A scalable Role-based Group Key Agreement and Role Identification mechanism","authors":"J. Bian, R. Seker, U. Topaloglu, Coskun Bayrak","doi":"10.1109/SYSCON.2011.5929100","DOIUrl":null,"url":null,"abstract":"Large-scale organizations often use role-based hierarchical systems for managing human resources. Meanwhile, secure communication is an essential element in protecting an organization's intellectual property. In this paper, we propose a solution to the problem of securing group communication (i.e. multiple-peer communication) along with the difficulty of managing such communication system in a large-scale and role-based environment. A role-based conference key generation algorithm is proposed to produce chained-keys by recursive hashing. The proposed work makes it possible that a user with a higher clearance can audit the communications among the users that are hierarchically below him/her. Furthermore, the compartmentalization problem in the previous version is solved by introducing Role Identification Certificates (RICs) using the same key-chain algorithm, so that communications within a group will not be exposed to the outsiders. A centralized key management server is used to securely dispatch the keys to each communicating entity based on his/her role. This lowers the cost associated with deployment of a good Random Number Generator (RNG) and reduces the packet size compared to traditional PKI systems.","PeriodicalId":109868,"journal":{"name":"2011 IEEE International Systems Conference","volume":"17 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-04-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 IEEE International Systems Conference","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SYSCON.2011.5929100","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

Large-scale organizations often use role-based hierarchical systems for managing human resources. Meanwhile, secure communication is an essential element in protecting an organization's intellectual property. In this paper, we propose a solution to the problem of securing group communication (i.e. multiple-peer communication) along with the difficulty of managing such communication system in a large-scale and role-based environment. A role-based conference key generation algorithm is proposed to produce chained-keys by recursive hashing. The proposed work makes it possible that a user with a higher clearance can audit the communications among the users that are hierarchically below him/her. Furthermore, the compartmentalization problem in the previous version is solved by introducing Role Identification Certificates (RICs) using the same key-chain algorithm, so that communications within a group will not be exposed to the outsiders. A centralized key management server is used to securely dispatch the keys to each communicating entity based on his/her role. This lowers the cost associated with deployment of a good Random Number Generator (RNG) and reduces the packet size compared to traditional PKI systems.

查看原文本刊更多论文

一个可扩展的基于角色的组密钥协议和角色识别机制

大型组织经常使用基于角色的等级系统来管理人力资源。同时，安全通信是保护组织知识产权的基本要素。在本文中，我们提出了一种解决方案来保护群体通信(即多对等通信)以及在基于角色的大规模环境中管理此类通信系统的困难。提出了一种基于角色的会议密钥生成算法，通过递归哈希生成链密钥。建议的工作使得具有更高权限的用户可以审计层次低于他/她的用户之间的通信。此外，通过引入使用相同密钥链算法的角色识别证书(Role Identification Certificates, RICs)来解决先前版本中的分区问题，从而使组内的通信不会暴露给外部人员。使用集中式密钥管理服务器，根据每个通信实体的角色安全地将密钥分发给每个通信实体。这降低了与部署好的随机数生成器(RNG)相关的成本，并且与传统PKI系统相比减小了数据包大小。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2011 IEEE International Systems Conference

自引率

0.00%

发文量