Demands to match security with performance in Web applications where access to shared data needs to be controlled dynamically make self-protecting security schemes attractive. Yet, standard schemes focus primarily on correctness as opposed to adaptability and so need to be extended to handle these new scenarios. One of the approaches to enforcing cryptographically controlled access to shared data is to encrypt it with a single secret key that is then distributed to the users requiring access. Data security is ensured by replacing the group key and re-encrypting the affected data whenever group membership changes. Thus, key management (KM) is expensive when changes in group membership occur frequently and involve large amounts of data. This paper presents a framework, based on the autonomic computing paradigm, that allows a KM scheme to continually monitor the rate at which changes in group membership occur and generate keys as well as encrypted replicas to anticipate future changes. S...
Anne V. D. M. Kayem, Patrick Martin, Selim G. Akl,