Lakehead University Library Logo
    • Login
    View Item 
    •   Knowledge Commons
    • Electronic Theses and Dissertations
    • Retrospective theses
    • View Item
    •   Knowledge Commons
    • Electronic Theses and Dissertations
    • Retrospective theses
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.
    quick search

    Browse

    All of Knowledge CommonsCommunities & CollectionsBy Issue DateAuthorTitleSubjectDisciplineAdvisorCommittee MemberThis CollectionBy Issue DateAuthorTitleSubjectDisciplineAdvisorCommittee Member

    My Account

    Login

    Statistics

    View Usage Statistics

    Indirect key derivation schemes for key management of access hierarchies

    Thumbnail

    View/Open

    CacicB2004m-1a.pdf (3.518Mb)

    Date

    2004

    Author

    Cacic, Brian John

    Degree

    Master of Science

    Discipline

    Computer Science

    Subject

    Computer access control
    Cryptography
    Data encryption (Computer science)

    Metadata

    Show full item record

    Abstract

    In this thesis, we study the problem of key management within an access hierarchy. Our contribution to the key management problem is an indirect key derivation approach we call the HMAC-method. It is called the HMAC-method, because it is based on hashed message authentication codes (HMACs) built from a fast, single, dedicated hash function (SHA-1). It is intended to provide an efficient indirect key management method for large access hierarchies resembling tree structures. We are able to achieve better tree traversals using a technique we created called path addressing. Our path addressing scheme allows us to efficiently calculate relationships between security classes, determine traversal paths, and improve the performance of indirect key derivation. We also present our cached key update scheme which is meant to improve the indirect key derivation schemes on tree hierarchies by delaying key updates when changes to the structure of the access hierarchy are necessary, but the re-calculation and re-assignment of keys would either be costly or inconvenient. For access hierarchies represented as weakly/strongly connected directed acyclic graphs, we suggest modifications to our path addressing and key derivation scheme which could allow our HMAC-method to be appplied to these types of hierarchies. Along the way, we discuss various current key management methods and discuss certain pragmatic issues that can arise which affect the applicability and implementation of a key management method.

    URI

    http://knowledgecommons.lakeheadu.ca/handle/2453/4064

    Collections

    • Retrospective theses

    Lakehead University Library
    Contact Us | Send Feedback

     


    Lakehead University Library
    Contact Us | Send Feedback