Updating a revocation list to foil an adversary
The lists used to verify whether an access identifier has been revoked are processed and maintained in a random fashion to reduce the likelihood of a revoked access identifier being accepted for access after a passage of time. When the access control system updates its local revocation list, a non-d...
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | The lists used to verify whether an access identifier has been revoked are processed and maintained in a random fashion to reduce the likelihood of a revoked access identifier being accepted for access after a passage of time. When the access control system updates its local revocation list, a non-deterministic method is used to determine the resultant content of the local revocation list. In accordance with another aspect of this invention, the communication of the revoked identifiers is also based on a non-deterministic selection of revoked identifiers. In this manner, the mere passage of time will not necessary result in a prior revoked identifier becoming revived. The replicated device will become "unreliable", in that the user can never be assured that the replicated device will operate "properly". In accordance with another aspect of this invention, the enforcement of the revocation is also randomized. For example, the access control system may initially provide the content material to a device having a revoked identifier, then, at some random time later, terminate the transmission. In this manner, a user of a replicated device can never be assured that the content material, such as a movie, can be viewed in its entirety. |
|---|