Minimal threshold closure

Xi Bin Zhao, Kwok Yan Lam, Guimin Luo, Siu Leung Chung, Ming Gu

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Access structure is a flexible mechanism for representing complex access control and authorization policies [1]. Numerous efforts have been devoted to the research of efficient schemes for implementing access structures in a scalable manner. Threshold closure was invented as an efficient way to implement access structures that represent complex authorization policies [4]. In essence, threshold closure is an efficient and scalable implementation of access structure using a reduced collection of threshold schemes [5]. A practical application of threshold closure was presented in [6] where the use of threshold closure for addressing the complex security needs of Grid Computing Systems was explained. One major deficiency of threshold closure is that a threshold closure generated from the corresponding access structure is not minimal in size, thus the collection of threshold schemes is not optimized for efficiency. In this connection, an operation called minimal covering was proposed to minimize the size of a threshold closure once it is formed from its corresponding access structure [4]. Unfortunately, the minimal covering of a threshold closure is no longer a threshold closure, thus is not scalable in terms of addition/deletion of access control rules. This paper presents a way for constructing minimal threshold closure. It defines a new structure called enhanced threshold closure. The paper proves that the enhanced threshold closure of an access structure is a threshold closure and is minimal, hence it is also called a minimal threshold closure. The paper also presents a mechanism for constructing minimal threshold closure from a basis access structure.

Original languageEnglish
Title of host publicationComputer Security - ESORICS 2006 - 11th European Symposium on Research in Computer Security, Proceedings
Pages145-155
Number of pages11
DOIs
Publication statusPublished - 2006
Event11th European Symposium on Research in Computer Security, ESORICS 2006 - Hamburg, Germany
Duration: 18 Sept 200620 Sept 2006

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4189 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference11th European Symposium on Research in Computer Security, ESORICS 2006
Country/TerritoryGermany
CityHamburg
Period18/09/0620/09/06

Keywords

  • Access Control
  • Authorization
  • Threshold Closure
  • Threshold Schemes

Fingerprint

Dive into the research topics of 'Minimal threshold closure'. Together they form a unique fingerprint.

Cite this