摘要： 提出了一种安全有效的分级密钥管理方案。该方案是基于单向函数的，每个安全类可随机独立地选取组密钥，利用它能有效地得到其后继者的组密钥。讨论了诸如添加/删除安全类、修改组密钥等动态密钥管理问题。此外，根据该方案可得到一个改进的Lin 方案，它不仅克服了Lee 和Hwang 提出的两个缺陷，而且比Rhee 方案、 Chen-Chung 方案等其它有关Lin 方案的改进方案具有更低的计算复杂度，效果更好。

关键词: 单向函数；访问控制；用户分级系统；偏序集

Abstract: The paper presents a secure efficient hierarchical key management scheme in order to solve the dynamic access control problems in distributed environments. By using the scheme based on the one-way function, each security class chooses randomly and independently a secret key that can be used to derive his successors’ secret keys efficiently. The dynamic key management problem, such as adding/ deleting classes, and changing secret key, are discussed. Moreover, an improved Lin’s scheme can be derived from the scheme, which overcomes the two vulnerabilities issued by Lee and Hwang, in addition, it is more efficient than other improvement of Lin’s, such as Rhee’s scheme, Chen-Chung scheme, in terms of computational complexities.

Key words: One-way function; Access control; User hierarchy system; Partially ordered set