Adaptive cryptographic access control. Foreword by Sylvia L. Osborn (Q978507)

This monograph gives an overview of cryptographic access control with an emphasis on key management. The authors compare different techniques described in the literature. Keys are assumed to belong to groups. Groups can be ordered in a group hierarchy. The book does not only give a valuable overview of the current methods. The authors also give a detailed practical analysis of the key management functions such as key assignment and replacement as well as re-keying in the different approaches. Chapters 1 and 2 summarize some basics about access control models and cryptographic access control schemes. In Chapter 3 the authors describe and analyse two improvements to previous key management systems. Chapter 4 contains a variant where a timestamp is used to avoid massive re-keying and re-encryption with every group membership change. Chapter 5 focuses on the access control of outsourced data where data protection against the Service Provider is necessary, too. A solution by \textit{S. Vimercati} et al. [``Over-encryption: Management of access control evolution on outsourced data'', in Proc. VLDB 2007, p. 123--134. Vienna, Austria, Sept. 23--28 (2007)] is presented and discussed. Chapter 6 describes the Self-Protecting Key Management system based on the Autonomic Computing paradigm including a description of an implementation and analysis. Chapter 7 deals with the issue of collusions, i.e., the possibility to get unauthorized access to a key in the hierarchy by combining some keys of that hierarchy in the same level. As Sylvia L. Osborn writes in her foreword to the book: ``The monograph [\dots] is readable by both practitioners and researchers. It combines a solid theoretical approach with experimental evaluation.''