Accession Number : AD1014102


Title :   Simplified Key Management for Digital Access Control of Information Objects


Descriptive Note : Technical Report


Corporate Author : Institute for Defense Analyses Alexandria United States


Personal Author(s) : Simpson,William R ; Foltz,Kevin E


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/1014102.pdf


Report Date : 02 Jul 2016


Pagination or Media Count : 10


Abstract : Access control of information objects is complicated by the need to establish a common set of access requirements, bind those access requirements to the information object, and compute whether or not the criteria are met for allowing access. An information object can be an e-mail, a Word document, a spreadsheet, or a series of sensor readings. In the simplified case, objects that need to be controlled will be stored in an encrypted file. The file will be decrypted when access criteria are verified. With increasing requirements for records management and maintenance of more and more electronic objects, the number of controlled information objects is rising dramatically. In the past key management has been extensive with little efficiency available when encrypting large numbers of information assets. Often, grouping and segmenting objects by type is done to reduce the number of keys needed and hence reduce management of keys. This approach compromises a large number of content files when exploits manage to extract cryptographic keys. Yet maintaining distinct keys for each content object makes key management a serious issue. The proposed process uses a hybrid symmetric/asymmetric keying approach that provides a unique key for each information object while minimizing the key management requirements. This method reduces losses to individual information objects when keys are compromised, but with a greatly reduced key management process that relies on PKI processes.


Descriptors :   computer access control , records management , requirements , digital media , digital information


Subject Categories : Computer Systems Management and Standards
      Information Science


Distribution Statement : APPROVED FOR PUBLIC RELEASE