A Role-based Secure Group Communication Framework Jiang Bian, Umit Topaloglu, Remzi Seker, Coskun Bayrak and Chia-Chu Chiang Department of Computer Science University of Arkansas at Little Rock Little Rock, Arkansas 72204 Email: jxbian, utopaloglu, rxserker, cxbayrak, cxchiang@ualr.edu Abstract—Building a secure group communication system is an active research topic. Several studies have focused on achieving a good level of privacy among a group of people via agreement on a shared encryption key. However, there is not much work published on easily manageable, simple, and effective systems that can provide secure communication in a role-based environment. In this paper, we propose a comprehensive solution to the key exchange problem for group communication. A centralized key server is used to produce a key chain, based on recursive hashing, and securely distributing the keys to the recipients according to their roles. The proposed work makes it possible that a user with a higher clearance can audit the communications among the users that are hierarchically below him/her. Moreover, the system has the ability to isolate communications among different groups, which means the compartmentation is reserved. Index Terms—Secure group communication, role-based sys- tem, group conference key, hashed key chain. I. I NTRODUCTION Key management is one of the fundamental building blocks used in securing communications between users or systems. The task is more challenging if interactions are among more than two users, where a group key management system is required. Moreover, most of the current distributed network systems rely on a role hierarchy structure [1] [2]. In this research, it is claimed that combining the key management system with a role hierarchy will result in a Role-based Secure Group Communication (RBSGC) scheme that is easy to implement, manage, and adapt into existing communication architectures. The Bell-LaPadula model [3] was developed by David Elliott Bell and Len LaPadula in 1973. The model forms the basis of many others including the U.S. Department of Defense (DoD) multilevel security (MLS) service. Bell- LaPadula model defines a set of access control rules, which uses security labels on objects and clearances on subjects. The security labels and clearances range from the most sensitive information as the ”Top Secret” down to the least sensitive as the ”Public”. The key rule of the Bell-LaPadula model is ”write up” and ”read down”, which means an entity (subject) who has a lower clearance could only write to the objects above his/her level, and can only read the objects below his/her level. However, the Bell-LaPadula model only defines the rules for access control in a linear manner. The mechanism of how to securely transfer information at a given clearance level is missing. In addition, in the Bell-LaPadula model subjects/objects have static clearance levels. In this paper, we propose a comprehensive security frame- work in which the secrecy of the Bell-LaPadula model is achieved by utilizing a role-based key generation algorithm. The generated keys can then be utilized in an encryption algorithm of choice; polymorphic encryption and decryption [4] in this case. The paper is organized as follows. Section II presents a background on widely used conference key agreements In section III, we introduce the system structure of our framework and discuss all the challenges we are facing. The paper concludes with the summary of the contribution of this framework in section IV. In section V, as future work, potential improvements are discussed to improve the performance of the proposed framework by maintaining its secure architecture. II. RELATED WORKS A. Group Key Agreement When a group of users want to communicate privately over an open network environment, a conference key management system is required. There are two fundamental approaches to achieve a conference key among a peer group. One approach is to use a decentralized conference key distribution system (CKDS). Basically, the system collects a contribution from each member, computes a common secret and securely dis- tributes this shared key back to every user for future use. In a typical group environment, messages will be automat- ically multicasted to each user by the underlying communica- tion protocol. In such situations, it is difficult to create a logical ring without extensive overhead. Even if a user only meant to send an intermediate key to U i , such group communication system will automatically send a copy to every other user as well. Since this value is not required by the rest of the group, all the other users will simply discard it. These discarded messages form unnecessary network traffic. Moreover, in all three aforementioned CKDSs, a user U i needs to raise a previously received intermediate key to the power of its own private key, r i , and pass it to the next member or broadcast to everyone else. However, exponentiation is computationally expensive. Michael et. al.’s system, which has the minimal number of exponentiations compared to others, still requires 5n - 6 exponentiations.