Group key distribution systems (GKDS) provide access control for group applications by maintaining a group key for a dynamic group of users U. During the system lifetime subgroups of U be formed and group keys can be established for each such subgroup. The group U can also be expanded by admitting new users. Dynamic GKDS allow the group management to be decentralised. That is, any group member can form a subgroup and collaboration of several group members may admit new members to the system. We introduce a novel property for dynamic GKDS: allowing specified subsets of users, called access sets, to admit new members to the group. We provide an access structure made up of access sets, where cooperation of a full access set is required to exact admission. This provides a mechanism for self-sufficient, size dynamic and hierachical groups, in the sense of only allowing specified sets of users to admit new members. We give a model and two dynamic GKDS with this property. The first is a threshold scheme, any user subset of a specified size is an access set. The second scheme limits the access structure to chosen sets of up to some size. We also give a variant of the second scheme to have better efficiency. We show that our proposed GKDS are consistent and secure. We evaluate the efficiency of the schemes.
|Number of pages||19|
|Journal||Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)|
|Publication status||Published - 2003|