3 sonuçlar
Arama Sonuçları
Listeleniyor 1 - 3 / 3
Yayın Implementing lightweight, dynamic hierarchical key assignment scheme for cloud computing(IEEE, 2024-03-25) Çelikbilek, İbrahim; Çeliktaş, Barış; Özdemir, EnverIn this paper, we propose the implementation and adaptation of a hierarchical key assignment scheme (HKAS) previously developed in our research to improve access control in cloud computing environments. The secret keys generated and managed by this scheme can be utilized for various purposes within the cloud computing, including data encryption, integrity checks, secure communications, and accessing critical infrastructures or services. Our implementation performs dynamic update operations with minimal computational cost and storage demands, as users within the hierarchical structure do not store any key components. Through security analysis, the scheme demonstrates strong key indistinguishability security (S-KI-security), effectively safeguarding keys against various cryptographic attacks. The scheme's flexibility allows it to be tailored to specific organizational needs, whether for securing sensitive data, ensuring compliance with regulatory standards, or facilitating secure data sharing and collaboration in cloud environments. Thus, we advocate for the practical implementation of the HKAS in transitioning to cloud environments.Yayın A hierarchical key assignment scheme: a unified approach for ccalability and efficiency(IEEE, 2024-05-24) Çelikbilek, İbrahim; Çeliktaş, Barış; Özdemir, EnverThis study introduces a hierarchical key assignment scheme (HKAS) based on the closest vector problem in an inner product space (CVP-IPS). The proposed scheme offers a comprehensive solution with scalability, flexibility, cost-effectiveness, and high performance. The key features of the scheme include CVP-IPS based construction, the utilization of two public keys by the scheme, a distinct basis set designated for each class, a direct access scheme to enhance user convenience, and a rigorous mathematical and algorithmic presentation of all processes. This scheme eliminates the need for top-down structures and offers a significant benefit in that the lengths of the basis sets defined for classes are the same and the costs associated with key derivation are the same for all classes, unlike top-down approaches, where the higher class in the hierarchy generally incurs much higher costs. The scheme excels in both vertical and horizontal scalability due to its utilization of the access graph and is formally proven to achieve strong key indistinguishability security (S-KI-security). This research represents a significant advancement in HKAS systems, providing tangible benefits and improved security for a wide range of use cases.Yayın Hierarchical secure key assignment scheme(Public Library of Science, 2026-02-18) Çeliktaş, Barış; Çelikbilek, İbrahim; Güzey, Süeda; Özdemir, EnverThis work presents a novel hierarchical key assignment mechanism for access control, designed to be computationally lightweight and optimized for digital environments with structured access policies. By leveraging orthogonal projection and distributing a basis to each group, it enables flexible and efficient left-to-right and top-down access structures. The scheme ensures that parent groups can derive the secret keys of their child groups while preventing unauthorized reverse access. It is resilient against collusion attacks and privilege escalation, offering robust key recovery and indistinguishability properties. Moreover, it guarantees strong key indistinguishability under adversarial models and facilitates a secure rekeying process without reliance on a trusted third party. To demonstrate practical efficiency, we provide a full analytical complexity evaluation showing that key derivation requires at most ∂(n2i ) operations, where ni is the dimension of the assigned subspace. For typical deployment parameters used in the experiments, the total key material per user remains compact (≈ 3,072 bits), significantly smaller than well-known post-quantum schemes such as Dilithium-5 (38,912 bits). The storage requirement scales linearly with the number of groups (ck+1 bases for c groups with at most k members), ensuring that even large hierarchies remain lightweight. Our evaluation further shows that selective rekeying affects only the descendants of the modified group, resulting in communication overhead of ∂(m′λ) bits, where m′ is the number of affected users and λ is the key length. These results collectively highlight the scheme’s scalability, low storage footprint, and suitability for large access hierarchies.
