Hierarchical group access control for secure multicast communications

Many group communications require a security infrastructure that ensures multiple levels of access control for group members. While most existing group key management schemes are designed for single level access control, we present a multi-group key management scheme that achieves hierarchical group access control. Particularly, we design an integrated key graph that maintains keying material for all members with different access privileges. It also incorporates new functionalities that are not present in conventional multicast key management, such as user relocation on the key graph. Analysis is performed to evaluate the storage and communication overhead associated key management. Comprehensive simulations are performed for various application scenarios where users statistical behavior is modelled using a discrete Markov chain. Compared with applying existing key management schemes directly to the hierarchical access control problem, the proposed scheme significantly reduces the overhead associated with key management and achieves better scalability.