A Novel Authentication Protocol for Sensitive Information Privacy Protection Using Dynamic Key Based Group Key Management

Author

Wu, Xianping ; Ngo, Huy Hoang ; Le, Phu Dung ; Srinivasan, Balasubramaniam

Author_Institution

Sch. of Inf. Technol., Monash Univ., Caulfield East, VIC

Volume

2

fYear

2008

fDate

11-13 Nov. 2008

Firstpage

1113

Lastpage

1119

Abstract

This paper presents a secure authentication and authorization protocol for protecting privacy in sensitive information systems. It allows involved individuals and group participants to achieve high security levels and tight authorization control. The need of long term shared secrets to authenticate individuals and group users is eradicated in the proposed protocol by dynamic keys. It overcomes the secrets compromising during authentication via open networks. Furthermore, it also offers an ability allowing information owners to have fine-gained control of their critical data. Finally, the paper gives a formal analysis to demonstrate how secure the proposed protocol together with discussions of security issues. It is argued that the proposed protocol achieves strong authentication and authorization, and solves the involved participants´ plausible deniability issues.

Keywords

authorisation; data privacy; protocols; authentication protocol; authorization protocol; formal analysis; group key management; information privacy protection; Access control; Access protocols; Authentication; Authorization; Data security; Information security; Information systems; Management information systems; Privacy; Protection; dynamic keys; group authentication; group authorization; privacy; sensitive information;

fLanguage

English

Publisher

ieee

Conference_Titel

Convergence and Hybrid Information Technology, 2008. ICCIT '08. Third International Conference on

Conference_Location

Busan

Print_ISBN

978-0-7695-3407-7

Type

conf

DOI

10.1109/ICCIT.2008.32

Filename

4682396