Managing user relationships in hierarchies for information system security

Mark Vroblefski, Andrew Chen, Benjamin Shao, Matthew Swinarski

Research output: Contribution to journalArticlepeer-review

6 Scopus citations


Hierarchies are an important concept in information protection systems. The uses of hierarchies in the security domain of computer information systems include access hierarchies, levels of abstraction in security kernels, multi-level security, and user hierarchies, among others. Using user hierarchies as an example, this paper proposes a new protection mechanism to achieve the key-to-key (KTK) security policy wherein each user in the hierarchy is assigned a key pair and the relationship between any two users can be revealed through an operation on their corresponding keys. In addition to the security provided by the policy, the new mechanism manifests several advantages over the previous methods in the literature. Among its merits are (1) simple and quick operations performed to determine user relationships, (2) less storage requirements, and (3) a high degree of dynamism that allows easy addition and deletion of user keys without affecting most of the existing keys in the user hierarchy. The relevance of the new KTK scheme to organizations and its implications for potential business applications are also discussed.

Original languageEnglish (US)
Pages (from-to)408-419
Number of pages12
JournalDecision Support Systems
Issue number2
StatePublished - Mar 2007

All Science Journal Classification (ASJC) codes

  • Management Information Systems
  • Information Systems
  • Developmental and Educational Psychology
  • Arts and Humanities (miscellaneous)
  • Information Systems and Management


Dive into the research topics of 'Managing user relationships in hierarchies for information system security'. Together they form a unique fingerprint.

Cite this