1. Field of the Invention
The present invention relates to a method of configuring a hierarchical network of a user group and a resource group and a key distribution center.
The present invention has been produced from the work supported by the IT R&D program of MIC (Ministry of Information and Communication)/IITA (Institute for Information Technology Advancement) [2006-S-019-01, The Development of Digital Cable Transmission and Receive System for 1 Gbps Downstream] in Korea.
2. Discussion of Related Art
As networks are developed, a resource group providing data information in a network is connected in a very complicated manner with a user receiving and using the information in the network, and furthermore, a user connected to each resource group is continuously changed.
In such a complicated network structure, forward secrecy and backward secrecy must be guaranteed in order for network subscribers to freely join, withdraw from and change a group, so that a user and a resource group can have a hierarchical access relationship and safely communicate with each other. Here, the backward secrecy indicates a requirement that a subscriber newly joining a network group must not know communication content between members of the corresponding network before he/she joins, and the forward secrecy indicates a requirement that a subscriber that withdraws from a network group must not know a communication content between members of the corresponding network after he/she withdraws.
To meet the above requirements, key information for information security between each resource group and a currently connected user must be provided to both the user and the resource group, and used requirement keys must be appropriately managed. Particularly, in a centralized method, a key distribution center (KDC) disposed at a head-end performs the above functions.
Meanwhile, performance of a requirement key management method can be verified using communication cost and storage cost according to dynamic membership change of subscribers. The communication cost denotes the amount of messages that a KDC sends to subscribers every time a dynamic membership of a subscriber is generated, and the storage cost denotes key storage capacity for the messages. Needless to say, the lower the costs, the better the key management method is.
Therefore, a method of hierarchically connecting a user group with a resource group has been researched, that is, a method which can minimize key information cost while maintaining both the forward secrecy and the backward secrecy in a relationship where a user group and a resource group are hierarchically connected.