Skip to Main Content
We survey the literature for access control schemes in a user hierarchy. Some schemes have already been shown to be insecure or incorrect. Many schemes assume very restrictive subordinating relationships existing in a hierarchy where users are grouped into partially ordered relationships without taking resources into consideration. We believe that a practical access control scheme should support access control in a lattice where users and resources are both together grouped into partially ordered relationships. In this paper, we present a scheme to achieve this goal. We also study existing schemes for their efficiency and performance. Based on the results of the study, we design an efficient scheme to support dynamic key management.