Affiliation:
1. Peter the Great St. Petersburg Polytechnic University
Abstract
The paper considers the isogeny-based cryptographically enforced data access control scheme CSIDH-HRBAC for untrusted cloud. CSIDH-HRBAC is based on a role-based access control model with support for a role hierarchy system. The proposed scheme implies the presence of a trusted party that manages cryptographic keys associated with users, roles, files. The basic procedures for gaining access to data, revoking access rights, adding new entities and updating parameters are given. Typical scenarios of attacks on the proposed scheme are considered, including role substitution, collusion by participants to compute the parent role key, attempt to access data after role revocation from user. To evaluate the performance of cryptographic operations, the simulation of the basic procedures was performed. The advantages and limitations of the CSIDH-HRBAC scheme are discussed. In particular, the need for protection against threats from the administrator, the prospect of using lattice-based post-quantum cryptographic primitives is noted.
Publisher
Bonch-Bruevich State University of Telecommunications
Reference23 articles.
1. Krundyshev V., Kalinin M. The Security Risk Analysis Methodology for Smart Network Environments. Proceedings of the International Russian Automation Conference, RusAutoCon, 06‒12 September 2020, Sochi, Russia. IEEE; 2020. p.437‒442. DOI:10.1109/RusAutoCon49822.2020.9208116
2. Ovasapyan T., Moskvin D., Tsvetkov A. Detection of attacks on the Internet of Things based on intelligent analysis of devices functioning indicators. Proceedings of the 13th International Conference on Security of Information and Networks, SIN, 4‒7 November 2020, Merkez Turkey. New York: Association for Computing Machinery; 2020. p. 3. DOI: 10.1145/3433174.3433611
3. Aleksandrova E.B., Oblogina A.Yu., Shkorkina E.N. Authentication of Intelligent Electronic Devices in IoT Network with the Edge Computing Architecture. Information Security Problems. Computer Systems. 2021;2:82‒88. (in Russ.)
4. Mesarovic M., Mako D., Takahara Y. Theory of Hierarchical Multilevel Systems. New York, London: Academic Press; 1970. 294 p. (in Italian)
5. Gorkovenko Ye.V. Using of Non-Traditional Cryptographic Transformations in Informational Systems with Mandate Policy of Control Access. Izvestiya SFedU. Engineering Sciences. 2008;8(85):135‒141. (in Russ.)