Cryptographically-enforced hierarchical access control with multiple keys

Hierarchical access control policies, in which users and objects are associated with nodes in a hierarchy, can be enforced using cryptographic mechanisms. Protected data is encrypted and authorized users are given the appropriate keys. Lazy re-encryption techniques and temporal hierarchical access control policies require that multiple keys may be associated with a node in the hierarchy. In this paper, we introduce the notion of a multi-key assignment scheme to address this requirement. We define bounded, unbounded, synchronous, and asynchronous schemes. We demonstrate that bounded, synchronous schemes provide an alternative to temporal key assignment schemes in the literature, and that unbounded asynchronous schemes provide the desired support for lazy re-encryption.