A method of cryptographic access control
Prof. Peter Wild
Royal Holloway, UK
A common method of representing an information flow policy is to label data objects and users with security
labels where the set X of security labels is partially ordered. Let S denote the security function that
assigns these labels. Then a user u should have access to data object o only if S(u) >= S(o). Schemes have
been proposed where this information flow is implemented cryptographically by assigning keys to the labels (so
that a user u has the key to decrypt a data object o only if S(u) >= S(o)).
Akl and Taylor have described a scheme where each label has only a single RSA exponent as its assigned
key. The partial ordering of labels corresponds to the partial order of divisibility of keys.
De Santis, Ferrara and Masucci extend this construction to the case where the set X is not necessarily a
partial order but an arbitrary directed graph.
We discuss these schemes and generalisations of them.