Managing user relationships in hierarchies for information system security
作者:
Highlights:
•
摘要
Hierarchies are an important concept in information protection systems. The uses of hierarchies in the security domain of computer information systems include access hierarchies, levels of abstraction in security kernels, multi-level security, and user hierarchies, among others. Using user hierarchies as an example, this paper proposes a new protection mechanism to achieve the key-to-key (KTK) security policy wherein each user in the hierarchy is assigned a key pair and the relationship between any two users can be revealed through an operation on their corresponding keys. In addition to the security provided by the policy, the new mechanism manifests several advantages over the previous methods in the literature. Among its merits are (1) simple and quick operations performed to determine user relationships, (2) less storage requirements, and (3) a high degree of dynamism that allows easy addition and deletion of user keys without affecting most of the existing keys in the user hierarchy. The relevance of the new KTK scheme to organizations and its implications for potential business applications are also discussed.
论文关键词:Security,Protection,Hierarchies,User relationships,Key-to-key scheme,Number theory,Decision support
论文评审过程:Received 30 June 2005, Revised 6 June 2006, Accepted 1 November 2006, Available online 22 December 2006.
论文官网地址:https://doi.org/10.1016/j.dss.2006.11.010