SeKMAC: A secure model for key management and access control in cryptographic file system

Growing need for protecting user's data in operating system level, results in developing various cryptographic file systems with their own key management and access control models. But threat model in existing models is not extensive enough, so that they are vulnerable to replay attack, user forging and collusion of users as well. So they can't have secure auditing and separation of duty in a secure way. Super users and recovery agents are in trust domain and this is a security risk. These models have performance overload in some operations such as right revocation. Another problem is about keeping lots of crypto metadata in existing models. In this paper we show a new secure model for key management and access control (SeKMAC) using special concepts for optimizing number of crypto metadata and structure of metadata in system which eliminates attacks on crypto metadata with a desired degree. Key management is based on symmetric operations which causes improvement in performance. We consider parameters for avoiding reply attacks, user forging and collusion of users in insecure environments. SeKMAC includes auditing and separation of duty in a secure way and recovery is done with less trust on external agents and revocation is done in an optimum way.