Figure 1 - uploaded by Gabriela Moise
Content may be subject to copyright.
Download
View publication
Security Domain Graph 

Security Domain Graph 

Source publication
Figure 1: Security Domain Graph 
Figure 2: Graphical representation of a partially-ordered relationship...
Figure 3: The diagram of generating the T parameter in an AT scheme 
Figure 4: Security Domains Graph and Intelligent Key Management Agents 
+2 Figure 5: The entities relations in a security domain 
Intelligent Management of the Cryptographic Keys
Article
Full-text available
  • Apr 2011
With the continuous development of the computers networks, new problems have been posed in the process of keys management in the crypto-graphic systems. The main element in the cryptographic technologies is the keys management, as the cryptographic algorithms are known, while the keys have to be either secret (for unauthorized users that do not nee...
Cite
Download full-text

Context in source publication

Context 1
... binary partially-ordered relationship, using the operator ≺ . The relation SD j ≺ SD i means that the entities of the security domain SD i have a security clear- ance higher or equal than that of the entities of the security domain SD j . For example, the entities from SD i can decrypt the message received from the entities that belong to SD j . Also, it is used the expression that the security domain SD i dominates the security domain SD j . In this way, one may determine a partially ordered set ( SD, ≺ ) , shortly called poset. Messages (data, plain texts) from the security class SD i are encrypted with the cryptographic key sk i and data from the security domain SD j are encrypted with the cryptographic key sk j . If there is the relation SD j ≺ SD i , the entities of the security domain SD i have the right to decrypt the cipher text using the cryptographic key sk i . In contrast, the entities which are parts of the security domains, SD j , cannot decrypt the messages received from the entities of the security domain SD i . Also, if the following relations between three security domains SD k ≺ SD j and SD j ≺ SD i , are true, that means that the entities of SD j can decrypt the cipher texts received from the entities of SD k and the entities of SD i can decrypt the cipher texts received from the entities of SD j . Consequently, the entities of SD i can decrypt the cipher texts received directly from the entities of SD k . In this manner, there are generated domains hierarchies. A Hasse diagram can represent a poset. This diagram is called in [1] a security class privilege graph (SCPG) , in this paper it is used the term of security domain graph (SDG) . An example of SDG is shown in figure 1 (a - security domains tree (SDT) , b - a general security domain graph (GSDG)) . where the following representations have the similar sense (figure 2) The most simple keys management model assumes the existence of a keys server and if an entity needs to decrypt a message, it has to ask the proper key over a secure channel, or each security domain has to store all successors secret keys. These models are not really feasible, because the tendencies of increasing the networks dimensions require large storage spaces and a lot of secure channels. In this way, there is quite a challenge to define a keys management model properly adjusted to the security domain ...

Similar publications

Figure 1. Conceptual framework
Export decision-making orientation: An exploratory study
Article
Full-text available
  • Jul 2012
Purpose The purpose of this paper is to examine two predominant export decision‐making orientations emanating from normative and descriptive decision theory, namely planning and improvisation and their coexistence within exporting firms. In addition, contingencies under which one may be more appropriate than the other for optimal performance conseq...
View