A secure system for data access based on anonymous authentication and time-dependent hierarchical keys

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

A secure system for data access based on anonymous authentication and time-dependent hierarchical keys

Full text

Pdf (320 KB)

Source

ASIAN ACM Symposium on Information, Computer and Communications Security archive
Proceedings of the 2006 ACM Symposium on Information, computer and communications security table of contents

Taipei, Taiwan

SESSION: Access control and authorization table of contents

Pages: 223 - 230

Year of Publication: 2006

ISBN:1-59593-272-0

Author

Wen-Guey Tzeng

National Chiao Tung University, Hsinchu, Taiwan

Sponsor

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 14, Downloads (12 Months): 88, Citation Count: 4

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1128817.1128851 What is a DOI?

ABSTRACT

We consider the security problem for retrieving data from a web site (or a large database system) via Internet. Consider the situation that a user visits a web site to get information. He wants to retain anonymity of his identity, while the web site would like to authenticate the user's identity. We proposed an anonymous authentication scheme to provide a solution for these two seemingly conflicting requirements. Our anonymous authentication scheme is based on cryptographic techniques. Together with a novel time-dependent hierarchical key assignment scheme, we proposed a data access system that has the following distinct features simultaneously: (1) anonymous authentication, (2) cryptographic access control, (3) saving on-line encryption time, and (4) a flexible subscription system.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Selim G. Akl , Peter D. Taylor, Cryptographic solution to a problem of access control in a hierarchy, ACM Transactions on Computer Systems (TOCS), v.1 n.3, p.239-248, August 1983 [doi>10.1145/357369.357372]
	2	Dan Boneh , Matt Franklin, Anonymous authentication with subset queries (extended abstract), Proceedings of the 6th ACM conference on Computer and communications security, p.113-119, November 01-04, 1999, Kent Ridge Digital Labs, Singapore [doi>10.1145/319709.319725]
	3	Chin-Chen Chang , Ren-Junn Hwang , Tzong-Chen Wu, Cryptographic key assignment scheme for access control in a hierarchy, Information Systems, v.17 n.3, p.243-247, May 1992 [doi>10.1016/0306-4379(92)90015-F]
	4	David Chaum, Security without identification: transaction systems to make big brother obsolete, Communications of the ACM, v.28 n.10, p.1030-1044, Oct. 1985 [doi>10.1145/4372.4373]
	5	David Chaum , Jan-Hendrik Evertse, A secure and privacy-protecting protocol for transmitting personal information between organizations, Proceedings on Advances in cryptology---CRYPTO '86, p.118-167, January 1987, Santa Barbara, California, United States
	6	Dorothy E. Denning , Dennis K. Branstad, A taxonomy for key escrow encryption systems, Communications of the ACM, v.39 n.3, p.34-40, March 1996 [doi>10.1145/227234.227239]
	7	U. Feige , A. Shamir, Witness indistinguishable and witness hiding protocols, Proceedings of the twenty-second annual ACM symposium on Theory of computing, p.416-426, May 13-17, 1990, Baltimore, Maryland, United States [doi>10.1145/100216.100272]
	8	Warwick Ford, Computer communications security: principles, standard protocols and techniques, Prentice-Hall, Inc., Upper Saddle River, NJ, 1994
	9	L. Harn , H.-Y. Lin, A cryptographic key generation scheme for multilevel data security, Computers and Security, v.9 n.6, p.539-546, Oct. 1990 [doi>10.1016/0167-4048(90)90132-D]
	10	ISO/IEC 9798-1. Information technology - Security techniques - Entity authentication mechanisms - Part 1: General model. ISO, Geneva, Switzerland, 1991 (first edition).
	11	ISO/IEC 9798-2. Information technology - Security techniques - Entity authentication - Part 2: Mechanisms using symmetric encipherment algorithms. ISO, Geneva, Switzerland, 1994 (first edition).
	12	ISO/IEC 9798-3. Information technology - Security techniques - Entity authentication mechanisms - Part 3: Entity authentication using a public-key algorithm. ISO, Geneva, Switzerland, 1993 (first edition).
	13	ISO/IEC 9798-4. Information technology - Security techniques - Entity authentication - Part 4: Mechanisms using a cryptographic check function. ISO, Geneva, Switzerland, 1995 (first edition).
	14	ISO/IEC 9798--5. Information technology - Security techniques - Entity authentication - Part 5: Mechanisms using zero knowledge techniques. ISO, Geneva, Switzerland, 1996 (draft).
	15	Joe Kilian , Erez Petrank, Identity Escrow, Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology, p.169-185, August 23-27, 1998
	16	Stephen J. MacKinnon , Peter D. Taylor , Henk Meijer , Selim G. Akl, An optimal algorithm for assigning cryptographic keys to control access in a hierarchy, IEEE Transactions on Computers, v.34 n.9, p.797-802, Sept. 1985 [doi>10.1109/TC.1985.1676635]
	17	Anna Lysyanskaya , Ronald L. Rivest , Amit Sahai , Stefan Wolf, Pseudonym Systems, Proceedings of the 6th Annual International Workshop on Selected Areas in Cryptography, p.184-199, August 09-10, 1999
	18	Sead Muftic, Security mechanisms for computer networks, Halsted Press, New York, NY, 1989
	19	R. L. Rivest , A. Shamir , L. Adleman, A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM, v.21 n.2, p.120-126, Feb. 1978 [doi>10.1145/359340.359342]
	20	Bruce Schneier, Applied cryptography (2nd ed.): protocols, algorithms, and source code in C, John Wiley & Sons, Inc., New York, NY, 1995
	21	Wen-Guey Tzeng, Common modulus and chosen-message attacks on public-key schemes with linear recurrence relations, Information Processing Letters, v.70 n.3, p.153-156, May 14, 1999 [doi>10.1016/S0020-0190(99)00055-1]
	22	W. G. Tzeng, A Time-Bound Cryptographic Key Assignment Scheme for Access Control in a Hierarchy, IEEE Transactions on Knowledge and Data Engineering, v.14 n.1, p.182-188, January 2002 [doi>10.1109/69.979981]
	23	Wen-Guey Tzeng , Chi-Ming Hu, Inter-protocol interleaving attacks on some authentication and key distribution protocols, Information Processing Letters, v.69 n.6, p.297-302, March 26, 1999 [doi>10.1016/S0020-0190(99)00023-X]

CITED BY 4

	Mikhail J. Atallah , Marina Blanton , Keith B. Frikken, Efficient techniques for realizing geo-spatial access control, Proceedings of the 2nd ACM symposium on Information, computer and communications security, March 20-22, 2007, Singapore
	Alfredo De Santis , Anna Lisa Ferrara , Barbara Masucci, New constructions for provably-secure time-bound hierarchical key assignment schemes, Proceedings of the 12th ACM symposium on Access control models and technologies, June 20-22, 2007, Sophia Antipolis, France
	Christian Stingl , Daniel Slamanig, Privacy-enhancing methods for e-health applications: how to prevent statistical analyses and attacks, International Journal of Business Intelligence and Data Mining, v.3 n.3, p.236-254, December 2008
	Alfredo De Santis , Anna Lisa Ferrara , Barbara Masucci, New constructions for provably-secure time-bound hierarchical key assignment schemes, Theoretical Computer Science, v.407 n.1-3, p.213-230, November, 2008