Abstract
Even though role-based access control (RBAC) can tremendously help us to minimize the complexity in administering users, it still needs to realize the notion of roles at the resource level. In this paper, we propose a practical cryptographic RBAC model, called role-key hierarchy model, to support various security features, including signature, identification, and encryption on role-key hierarchy. In addition, several advanced features, such as role or user revocation, tracing, and anonymity, are implemented as well. With the help of rich algebraic structure of elliptic curves, we introduce a unified and complete construction of role-based cryptosystem to verify the rationality and validity of our proposed model. In addition, a proof-of-concept prototype implementation and performance evaluation is discussed to demonstrate the feasibility and efficiency of our mechanisms.
| Original language | English (US) |
|---|---|
| Article number | 6650102 |
| Pages (from-to) | 2138-2153 |
| Number of pages | 16 |
| Journal | IEEE Transactions on Information Forensics and Security |
| Volume | 8 |
| Issue number | 12 |
| DOIs | |
| State | Published - 2013 |
Keywords
- Security
- access control
- role and user revocation
- role-based cryptosystem
- role-key hierarchy
ASJC Scopus subject areas
- Safety, Risk, Reliability and Quality
- Computer Networks and Communications