Akl and Taylor proposed the first ever hierarchical

Akl and Taylor (1983) proposed the first-ever hierarchical access control based key assignment scheme. Chung et al. (2008) proposed a key management and derivation scheme based on the elliptic curve cryptosystem. In their approach, the secret key of each security class can be determined by a trusted centralized authority. Their scheme has the ability to solve the dynamic key management efficiently and flexibly. However, it is recently shown in Das et al. (2012) that their scheme is vulnerable to exterior root finding attack in which an attacker (adversary) who is not a user in any security class in a user hierarchy can derive the secret key of a security class by using the root finding algorithm. Many dynamic access control schemes have been proposed in the literature, some of them are Lin (1997), Akl and Taylor (1983), Shen and Chen (2002), Zhong (2002), Sandhu (1988), Giri and Srivastava (2007, 2008), Wu and Wei (2005), and Odelu et al. (in press, 2012, 2013).
In this paper, we devise a new proxy signature scheme based on hierarchical access control. The main motivation behind our new approach is as follows. In the absence of an original signer, the signing capability can be delegated to a group/set of users in a user hierarchy wherein the security clearances of those users are predefined. Note that the user hierarchy contains only the security nitric oxide synthase inhibitor for proxy signers, not for any original signers. For example, in an organization some important documents can be singed on behalf of the head of that organization. There is a predefined hierarchy of security clearances among the members of that organization. A document of security clearance containing in the security class SC can be signed by that security class on behalf of the head of the organization. For example, in Fig. 1, the documents containing to the security class SC5 can be singed by either SC1 or SC3 or SC5. The verifier needs to verify the following two conditions: (i) whether the right person has signed the document and (ii) whether the user has been delegated the signing capability to sign the document.
A widely accepted list of required security requirements for a proxy signature is given below (Das et al., 2009):
Giri et al. (2009) introduced the concept of proxy signature based on hierarchical access control. Their scheme contains the hierarchical access control scheme followed by a proxy signature scheme. A trusted central authority is responsible for generating and assigning keys to the users in the hierarchy. Their access control scheme is based on Newton’s interpolating polynomials. Further, their scheme is also secure against different attacks.
The rest of Calvin cycle paper is organized as follows. In Section 2, we discuss some mathematical preliminaries which are needed to describe and analyze our scheme. In this section, we describe briefly the mathematical background on the one-way hash function, the polynomial evaluation over a finite field and the discrete logarithm problem. In Section 3, we introduce our new proxy signature scheme which uses the concept of hierarchical access control policy. In Section 4, we analyze the performance and security for our proposed scheme. In Section 5, we show through simulation that our scheme is secure against passive and active attacks. For this purpose, we use the AVISPA tool for formal security analysis in this paper. In Section 6, we compare the performance of our scheme with Giri et al.’s scheme. Finally, we conclude the paper in Section 7.

Preliminaries

The proposed hierarchical-based proxy signature scheme

Analysis of the proposed scheme

Simulation results for formal security analysis
The backends produce the output in the following formats. The first printed section is called the SUMMARY which indicates whether the protocol is safe, unsafe, or whether the analysis is inconclusive. The second section called DETAILS, which explains under what condition the protocol is declared safe, or what conditions have been used for finding an attack, or finally why the analysis was inconclusive. The other sections called PROTOCOL, GOAL and BACKEND are the name of the protocol, the goal of the analysis and the name of the back-end used, respectively. After comments and statistics, the trace of the attack (if any) is finally displayed in the usual Alice-Bob notation. More details on AVISPA tool can be found in von Oheimb (2005) and Automated Validation of Internet Security Protocols and Applications (2011).