College of Information Security Engineering, Chengdu University of Information Technology, Chengdu, 610225, China.
School of engineering and technology, University of Hertfordshire, Hertford, UK.
Abstract:
Quantum authorization management (QAM) is the quantum scheme for privilege management infrastructure (PMI) problem. Privilege management (authorization management) includes authentication and authorization. Authentication is to verify a user’s identity. Authorization is the process of verifying that a authenticated user has the authority to perform a operation, which is more fine-grained. In most classical schemes, the authority management center (AMC) manages the resources permissions for all network nodes within the jurisdiction. However, the existence of AMC may be the weakest link of the whole scheme. In this paper, a protocol for QAM without AMC is proposed based on entanglement swapping. In this protocol, Bob (the owner of resources) authenticates the legality of Alice (the user) and then shares the right key for the resources with Alice. Compared with the other existed QAM protocols, this protocol not only implements authentication, but also authorizes the user permissions to access certain resources or carry out certain actions. The authority division is extended to fin-grained rights division. The security is analyzed from the four aspects: the outsider’s attack, the user’s attack, authentication and comparison with the other two QAM protocols.
