KTH-SEECS Applied Information Security Lab

National University of Sciences and Technology (NUST)

Secure Group Communications

Digital information is one of the sensitive resources in any organization that needs to be well-protected and secured to avoid unauthorized access and its misuse. Keeping a resource safe and not using it at all seems to be a good strategy to secure resources. But practically, intellectual resources and assets of an organization need to be shared among users. In a group-centric environment, dynamic sharing of resources takes place within an authorized group of users for a specific purpose. Security of a resource is highly important in a group-centric environment, which can be achieved either through enforcing confidentiality, access rights or authorizations. In addition to securing the resources, effective management of these resources within authorized groups is critical in order to deal with the dynamics of group-centric approach. Sharing of sensitive resources in any organization pose the concerns of its security and effective management. The security aspects can be dealt by restricting access of sensitive information to only authorized users; access control mechanisms are used for this purpose. Once secure groups have been formed and access to authorized users has been granted, the process of access rights delegation takes place. Thus, an overall management of resources and groups together with its security in complex group centric environments, where multiple groups are created and demarcated, is needed. We emphasize on providing solutions that can deal with the dynamics of group-centric environment, solving the complexity of group-centric environment with respect to provisioning of dynamic access control rights, delegation of access rights and management of resources related to dynamics of group-centric environment.