The authors present a cryptographic key assignment scheme based on both the
Rabin public key system and the Chinese remainder theorem, in order to sol
ve dynamic access control problems in user hierarchies. Compared to earlier
assignment schemes, the new scheme ensures that a security class can effic
iently derive secret keys of its successors. Dynamic access control problem
s, such as adding/deleting classes, adding/deleting relationships, and chan
ging secret keys, are considered. Moreover, without altering other keys pre
sent in the system, each user in the hierarchy can freely change his own ke
y.