Managing Key hierarchies for access con-trol enforcement: Heuristic approaches

ELSEVIER(2010)Computers & Security

Carlo Blundo, Stelvio CimatoSabrina De Capitani di Vimercati

Alfredo De Santis, Sara Foresti,Stefano Paraboschi, Pierangela Samarati

2013.04.15 Regular Seminar

DBLAB Tae Hoon Kim

Reference PPT : Ara-Jo Managing Key hierarchies for access control en-forcement: Heuristic approaches

2 /29

Contents

1. Introduction2. Basic Concepts3. Problem Formulation4. Minimum weight user tree5. Linear programming approach6. Minimum Spanning tree heuristics

1. Sibling-based heuristic2. Leaves-based heuristic3. Mixed heuristics

7. Experimental results8. Conclusions and future work

3 /29

Introduction

The main advantage of data outsourcing Higher availability

To provide effective service More effective disaster protection

To protect unauthorized user Data provider problem; may be put risk

When? Release their information to external servers external servers that are not under their control, data confidentiality may

be put at risk To protect the resource from both unauthorized users

and Honest-but curious server(Service Provider) Why? while trustworthy to properly manage the data, may not

be trusted by the data owner to read their content.

4 /29

데이터 소유자 서비스 제공자데이터 아웃소싱부동산데이터베이스

Introduction

서비스 제공자는 부동산에 관련된 여러 정보를 다른 경쟁 고객에게 팔 수 있고 , 심지어 해킹되어 정보 누출 가능성이 존재

아웃소싱된데이터베이스자원자원

Hacker

5 /29

데이터 소유자 서비스 제공자데이터 아웃소싱부동산데이터베이스

Introduction

사용자가 서비스 제공자에게 데이터를 요청 할 때 데이터 소유자로부터 받은 키를 이용하여 서비스 제공자에게 질의 요청을 해야 함

아웃소싱된데이터베이스자원자원

질의요청

6 /29

Introduction

In this paper A heuristic approach to minimize the number of

keys to be maintained by the system distrib-uted to userLeaves-based heuristicsMixed-based heuristics

7 /29

Selective encryption techniques To use different keys for encrypting data To release to each user the set of keys necessary

to decrypt Easy to see that solution

• Cap1) (c) ={r1,r2,r3,r4,r5,r6}

• Acl2) (r4) ={A, B,C}

1) Cap: Capability of list 2)Access control list

BasicConcepts(Selective encryp-tion method)

r1 r2 r3 r4 r5 R6A 1 1 1 1 1 0B 1 0 0 1 1 1C 0 1 0 1 0 1D 0 0 1 0 1 1

8 /29

BasicConcepts(key derivation method)

V0[]

V1[A] V3[]V2[] V4[]

V5[AB] V6[AC] V7[AD]

V11[ABC] V12[ABD]

V8[BC] V9[BD] V10[CD]

V13[ACD] V14[BCD]

V15[ABCD]

r4

r1 r2 r3

r5 r6

cap(A) ={r1,r2,r3,r4,r5}acl(r4) ={A, B, C}

User graph

9 /29

BasicConcepts(key derivation method) Advantage of user graph

Conceptually simple Potentially easy to implement

Disadvantage of user graph Significantly more keys than actually needed.

Efficiency of the key management

10/29

Problem formulation(User tree)

User tree definition User tree = T(tree) Rooted at the vertex representing the empty user

group : Subgraph = Gu

Spanning all vertices = Each user has a key ring = key_ringT(u) T = <Vertex, Edge>, Gu = <Vu, Eu>

11/29

Problem formulation(User tree)

V0[]

V1[AB] V2[AC] V3[AD]

V4[ABC] V5[ABD] V6[BCD]r4

r1 r2 r3

r5 r6

r1 r2 r3 r4 r5 R6A 1 1 1 1 1 0B 1 0 0 1 1 1C 0 1 0 1 0 1D 0 0 1 0 1 1

user Key rings

A v1.key v2.key. v3.keyB v1.key v6.keyC v2.key v4.key v6.keyD v3.key v5.key v6.key

User tree

12/29

Minimum weight user tree

Minimum weight user tree definition T =<V, E> be a user tree Weight ,W

E→N : weight function∀(vi, vj) ∈ E, W(vi, vj) = |vj.acl\vi.acl|

To solve the problem Integer Linear Programing(ILP)

Can be solved adopting known algorithms and tools.

Three families of heuristics

V0[]

V1[AB] V2[AC] V3[AD]

V4[ABC] V5[ABD] V6[BCD]

2 2 23

1 1

Weight(T) =11“NP1) -hardness”

1)NP-Hardness(NP난해 ) : NP-hard는  NP에 속하는 모든 판정 문제를 다항 시간에 다대일 환산할 수 있는 문제들의 집합이다 . 다시 말하면 , NP-난해는 적어도 모든  NP 문제만큼은 어려운 문제들의 집합이다 .

13/29

Linear programming approach

The linear constraints impose that 1. The edges and vertices selected form a tree structure 2. All material vertices belong to the user tree.

Constraints1. Each non-material vertex in the user graph has at most

one incoming edge in the user tree2. Only vertices having at least an outgoing edge have an

incoming edge in the user tree3. Each material vertex has exactly an incoming edge4. Variables associated with the edges of the user graph can

only assume value 1 or, 0 Modeling the presence or not of corresponding edge in the com-

puted user tree

14/29

Linear programming approach

V0[]

V1[A] V3[]V2[] V4[]

V5[AB] V6[AC] V7[AD]

V11[ABC] V12[ABD]

V8[BC] V9[BD] V10[CD]

V13[ACD] V14[BCD]

V15[ABCD]

r4

r1 r2 r3

r5 r6

15/29

Minimum spanning tree heuristics

Be based on the computation of MST over a graph G = (V, E’, w), V = E’ = {(vi , vj)|vi, vji.aclVi.acl} W(vi, vj) = |Vj.acl\Vi.acl|

The MST over G can be reduce the weight Vk.acl = vi.acl vj.acl

A parent of vi and vj

Because include Vk.key instead of both vi.key and vj.key

16/29

Minimum spanning tree heuristicsCase 1U = Vk.acl = vi.acl vj.acl

vpi

vi

vpj

vjvpi

vi

vj

vpj

vpi

vi

vpj

vj

vpj

vj

vi

vpi

initial configuration Final configura-tion

17/29

Minimum spanning tree heuristicsCase 2U = Vk.acl = vi.acl vj.acl

vpjvpi

vi vj

vk vk

vi vj

vpjvpi

initial configuration Final configura-tion

18/29

Minimum spanning tree heuristicsCase 3U = Vk.acl = vi.acl vj.acl initial configuration Final configura-

tionvpjvpi

vi vj

vpjvpi

vi vj

vk

vpjvpi

vi vj

vk

vpjvpi

vi vj

vpjvpi

vi vj

vtvpjvpi vt

vk

vi vj

19/29

Minimum spanning tree heuristics

But, selection process is expensive decide to use Vpi or Vpj as Vpk direct ancestor of Vk whenever it is possible Consider to determine the heuristics(based on Prim’s

algorithm)1. Sibling3)-based heuristic2. Leaves-based heuristic3. Mixed heuristics

Consider to select three criterias1. Max :2. Min :3. Random : at Random

3)Sibling : 형제 자매

/29

Minimum spanning tree heuristics

Heuristic algorithm for computing a min-imal user tree

20

r1 r2 r3 r4 r5A 1 1 1 1 0B 0 0 1 1 1C 0 1 1 0 1D 0 1 0 1 1E 0 0 1 0 1

Phase1. select material verticesPhase2. compute a MST, TPhase3. operate the heuristics

- Siblings- Leaves- Mixed

V0[]

V1[A]

V3[ABD] V5[BCDE]V2[ACD]V4[ABCE]

1

2 32

4

Weight =12

21/29

Minimum spanning tree heuristics

Sibling-based heuristic V0[]

V1[A]

V3[ABD] V5[BCDE]

V2[ACD]V4[ABCE]

V6[AC]

1

2 32

4

1

12 Weight =12Weight =11

Case 3.

At least 2 children Possible insertion of a vertex Vk

22/29

Minimum spanning tree heuristics

Leaves-based heuristicsV0[]

V1[A]

V3[ABD]

V5[BCDE]

V2[ACD]

V4[ABCE]

1

23

24

Weight =12

V6[BCE]

3

1 1

Weight =11

//Siblings//ancestors

Case 3.

23/29

Minimum spanning tree heuristics

Mixed heuristics

//Sibling-based heuristics

//Leaves-based heuristics

24/29

Minimum spanning tree heuristics

Mixed heuristics (cont.)

V0[]

V1[A]

V3[ABD] V5[BCDE]V2[ACD] V4[ABCE]

1

2 3

2

4

Weight =12

V6[BCE]

3

1 1

Weight =9

Case 3.

V6[AC]

1

11

Case 3.

25/29

Experimental results

Experiment environment Centrino 1.7Mhz CPU Randomly generated access matrices Considering different numbers of users and re-

sources in the system Experiments step is consist of three

steps

26/29

Experimental results

Vs.

• Number of times• Sibling-based

• Only min prefer-ence criterion4)

4)Criterion : 기준 , 표준

27/29

Experimental results

Mixed

Damiani et al.(2006)

Leaf-based

Sibling-based

28/29

Conclusions and future work

In this paper, Addressed the issue by integrating access control and encryp-

tion and by exploiting key derivation method As a way for minimizing the number of keys distributed to users

Presented three families of heuristics1. Sibling-based heuristic2. Leaves-based heuristic3. Mixed heuristics

Future work 1. Re-executing the heuristics every time there is a changes in

the authorization 2. Performing a simple adaptation of the tree to reflect the au-

thorization changes or applying over-encryption solutions

/29

Thank you for listening my presenta-tion. Question/Answer :)

29