HIERARCHICAL ACCESS CONTROL IN DYNAMIC PEER GROUPS USING SYMMETRIC POLYNOMIAL AND TREE BASED GROUP ELLIPTIC CURVE DIFFIE HELLMAN SCHEME

Hierarchical Access Control in group communication is an active area of research which is difficult to achieve it. Its primary objective is to allow users of a higher authority group to access information or resource held by lower group users and preventing the lower group users to access information held by higher class users. Large collection of collaborative applications in organizations inherently has hierarchical structures for functioning, where providing security by efficient group key management is a big challenging issue. While preserving centralized methods for hierarchical access control, it is difficult to achieve efficiency as a single membership change will result in lot of changes which are difficult to maintain. So, using distributed key agreement techniques is more appropriate for this scenario. This study explore on novel group key agreement approach, which combines both the symmetric polynomial scheme and Tree Based Group elliptic Curve key exchange. Also, it yields a secure protocol suite that is good in fault-tolerant and simple. The efficiency of SP-TGECDH is better than many other schemes. Using TGECDH makes the scheme suitable small Low powered devices.


INTRODUCTION
Fault-tolerant, scalable and reliable communication services have become critical in modern computing. An important and popular trend is to convert traditional centralized services (e.g., file sharing, authentication, web and mail) into distributed services spread across multiple systems and networks (Kim et al., 2004). Many of these newly distributed and other inherently collaborative applications (e.g., conferencing, whiteboards and shared instruments) need secure communication. However, experience shows that security mechanisms for collaborative and dynamic peer groups tend to be both expensive and unexpectedly complex. In that regard, dynamic peer groups are very different from non-collaborative, centrally managed, one-to-many (or few-to-many) broadcast groups such as those encountered in Internet multicast.
Dynamic Peer Groups (DPGs) are common in many layers of the network protocol stack and many application areas of recent computing. Examples of DPGs include replicated servers, audio conferencing, video conferencing and other applications supporting collaborative work. Comparing large multicast groups, DPGs seem to be relatively small in size, in the order of hundred larger groups are harder to control on a peer basis and are often organized in a hierarchy. DPGs typically assume a many-to-many (or, equivalently, anyto-any) communication pattern rather than one-to-many pattern common of larger hierarchical groups. Despite

Science Publications
JCS their relatively small number, group members in a DPG could be spread throughout the Internet and should be able to deal with arbitrary partitions due to network failures, congestion and hostile attacks. In essence, a group can be split into a number of disconnected partitions each of which must persist and function as an independent peer group (Kim et al., 2004).
Security requirements in collaborative DPGs present several interesting research challenges. In this study, we focus on secure and efficient group key management. The goal of group key management is to set up and maintain a shared secret key among the group members (Zhong, 2002). It serves as a foundation for other DPG security services.
There are many applications in organizations that share data in a carefully managed fashion by using access control mechanisms. The common method used for enforcing access control is by encrypting the data and managing the encryption keys. Access control can be Discretionary Access Control, Role-Based Access Control, Mandatory Access Control and Hierarchical Access Control. Discretionary Access Control restricts access to objects based solely on the identity of users who are trying to access them.
Mandatory Access Control mechanisms assign a security level to all information, assign a security clearance to each user and ensure that all users only have access to that data for which they have a clearance. It has better security than Discretionary Access Control. In Role Based Access Control a user has access to an object based on the assigned role. Roles are defined based on job functions. Permissions are defined based on job authority and responsibilities within a job function. Based on the permissions, operations on an object are invocated. The object is concerned with the user's role and not the user. Users can change roles frequently and hence once roles are fixed, access can be given to roles and objects of the respective roles get permission.
The realistic assumption is that the structure of any organization (Fig. 1) is a hierarchy of security classes lead to Hierarchical Access Control. Hierarchical Access Control is very difficult to achieve in secure group communication due to highly dynamic nature of members (Kuang et al., 2011;Aparna and Amberker, 2009). In a hierarchical access control system, users are partitioned into a number of classes called security classes which are organized in a hierarchy. Hierarchies arise in systems where some users have higher privileges than others and a security class inherits the privileges of its descendant classes.

Fig. 1. A sample hierarchy in organizations
As shown in Fig. 1, there are seven classes C 1 , C 2 , C 3 , C 4 , C 5 , C 6 and C 7 . Each class has any number of users. There are two hierarchies in the above example and they are C 1 >C 2 >C 4 >C 6 and C 1 >C 3 >C 5 >C 7 . Users of an increasing class should be able to access the resources held by the users of the descendant class. Hierarchical Access Control Problem is defined as the procedure by which members in a group can communicate with each other in a secure manner so that the information or resource that is being shared is known to the members of that group and all members who are destined as ancestors to the group. In such circumstances, a group key is set up among all the participating members and this key is used to encrypt all the messages destined to the group. This key has to be relayed to all the members who are ancestors so that the communication or resource is accessed by the ancestors.
An exceptional protocol should proficiently manage the group key when members join and leave in a descendant group. Hence user dynamics has to be taken care with at most attention to issues of forward and

SYSTEM OVERVIEW
The goal of this research is to propose a communication and computation efficient Hierarchical Access control protocol for Dynamic Peer Groups using Symmetric Polynomial Scheme (Das et al., 2005;Begum et al., 2010a) and Tree Based Group Elliptic Curve Diffie Hellman Scheme (Wang et al., 2006). In huge and highly dynamic networks, it is very difficult to have hierarchical access control. It is commendable to use a dual layer encryption protocol to protect the resources from adversaries and also to provide access to resources for the ancestor users. In the proposed scheme the dual encryption uses the key formed by TGECDH for communication within the dynamic peer groups and for communication among the dynamic peer groups which involves ancestor classes the symmetric polynomial scheme (Zou and Bai, 2008) is used. Use of TGECDH scheme within the classes involves its suitability for use in low power small devices which are abundantly used nowadays. The use of two levels of keys reduces the large enormous cost of computation and communication in re-keying. Hence, in Hierarchical Access control protocol for Dynamic Peer Groups all the member nodes joins their respective classes.
As shown in Fig. 2 the Hierarchical Access Control Problem in an Organization can be logically represented as a set of classes (Hwang and Yang, 2003). Assume that in every class, every user can receive a message broadcasted from other members. The key formation is based on efficient Tree Based Group Elliptic Curve Diffie Hellman protocol. Here, it is not required to create a common key for the global group but for every class keys must be created independently and outer keys using the symmetric polynomial scheme are formed with the help of Central Authority. If a user in a class transmits a message, the message is encrypted by TGECDH key and all the members including the class controller decrypt it. The key is transmitted to the Gateway Node.

Fig. 2. A sample hierarchy in organizations
Science Publications JCS Also, the Gateway Node encrypts the message again using its respective symmetric polynomial key and broadcasts it. All the Gateway Nodes receive this. The Gateway Nodes of the ancestor classes derive the key using polynomial approach.
They decrypt the message and encrypt it again with the class key obtained using TGECDH and transmits to all users of its class. Thus all users of the ancestor class are able to access the resource of their descendant classes.
This Hierarchical Access control protocol for Dynamic Peer Groups using Symmetric Polynomial Scheme and Tree Based Group Elliptic Curve Diffie Hellman Scheme is suitable for the inherent characteristics of networks which have independent, mobile and unreliable links. The main reasons can be summarized as follows: • The protocol is based on contributory group key agreement in the lower layer, so it does not require preexisting infrastructure except a special node called the Gateway Node for performing a TGECDH Group key agreement. It is a hybrid scheme where a central authority needs to have communication with the gateway Nodes and once the polynomial is sent to them. There is no more interference except in very rare cases during a hierarchy change • The Gateway Nodes of each class receive two sets of keys. One from the class controllers of their respective classes and another from the Central Authority which may be powerful nodes in the infrastructure with the capability of encrypting and decrypting and multicasting to their group members • The protocol is efficient especially for large, dynamic group. Because re-keying of one class does not influence other groups which avoids the problem of "1-affects-n" (i.e., a single membership change in the group affects all the other group members) and it can provide better performance • Networks are always composed of unreliable links This Scheme provides reliable communication for networks.
The proposed Hierarchical Access control protocol for Dynamic Peer Groups using Symmetric Polynomial Scheme and Tree Based Group Elliptic Curve Diffie Hellman Scheme mainly targets at security, scalability and efficiency (Wang et al., 2006).
A Class key CK is used for communication between members in the same class. The Class key is re-keyed whenever there is a membership change, joins or leaves and member failure. The Outer keys are rarely changed only during the change in the hierarchical Structure.

KEY ESTABLISHMENT AMONG THE DYNAMIC PEER GROUPS USING SYMMETRIC POLYNOMIALS
In mathematics, specifically in commutative algebra, the elementary symmetric polynomials are one type of basic building block for symmetric polynomials, in the sense that any symmetric polynomial P can be expressed as a polynomial in elementary symmetric polynomials: P can be given by an expression involving only additions and multiplication of constants and elementary symmetric polynomials. The symmetric polynomials have an excellent property that when the order of the parameters is changed also, the value of the polynomial does not change. This property is used in hierarchical access control by the ancestor classes to derive the keys of the descendant classes.
The underlying principle of the upper Tier scheme is secret sharing. Unlike other schemes which are computationally secure. The proposed scheme is unconditionally secure. A central authority chooses a large positive integer P as the system modulus, P need not be a prime and a threshold t. CA randomly generates a symmetric polynomial in m variables with co-efficient from Z p in which the degree of any variables is at most t as Equation 1: where, a i is randomly generated coefficients by the Central Authority. Every class in the hierarchy has a polynomial function which is derived from P(x 1 , x 2 ,… , x m ) and the polynomial function is transmitted to each class securely by the Central Authority.
To derive proper keys in the hierarchy, the CA generates some publicly known numbers: • N random numbers s i associated with C i for i = 1, 2,... n • (m-1) additional random numbers s j ' for j = 1, 2, ... , m-1. (s i and s j ' belong to Z p ) For each security class C i with an ancestor set S i = {C i1 , C i2 , …,C im } where i j is an ordinal number such that 1≤ i j ≠ i ≤ n, security class C i is given a polynomial function, g i derived by the CA as Equation 2

Working of the Symmetric Polynomial Scheme
The following case study is taken into consideration to demonstrate the working of the Symmetric Polynomial.
The following steps are followed to show Hierarchical Access Control using Symmetric Polynomials: • Diagrammatic Representation of the Hierarchy is given above • Key Calculation by the respective Classes. The keys are named as K1, K 2 to mean that Class C 1 calculates is key K 1 , Class C 2 calculates is key K 2 • Key Derivation of a Descendant Class by the Ancestor Classes. The keys are named as AK 1,2 , AK 1,3 to mean that Ancestor Class C 1 derives the key of its descendant Class C 2 (AK 1,2 ), Ancestor Class C 1 derives the key of its descendant Class C 3 (AK 1,3 ) • Key Derivation by a Class who is not an ancestor of classes. The key is called as NK 2,1 , NK 3,1 , NK 3,6 to mean that a non-ancestor class C 2 derives the key of C 1 (NK 1,2 ), non-ancestor class C 3 derives the key of C 1 (NK 1,3 ) non-ancestor class C 3 derives the key of C 6 (NK 3,6 ) • It is shown that K 2 = AK 1,2 , K 2 = AK 3,2 , i.e., the symmetric polynomials are evaluated with the same parameters but with different permutations • It is shown that K1 ≠ NK 21 , K 1 ≠ NK 31 , K 6 ≠ NK 36 i.e., the symmetric polynomials are evaluated with different parameters which results in the wrong value for the key • There is no restriction on the number of users in each class. The Key Calculation, Key Derivation is taken care by one user of each class designated as the class controller • In all the case studies the following symmetric Polynomial is used Equation 3 1 2 • The value of m is chosen as m ≥ max {m 1 , m 2 , m 3 , ..., m i }+1, A greater value of m allows to add more classes. Here m value is chosen as 6 • To calculate its key each class applies uses the symmetric polynomial with m parameters. The m parameters are chosen as follows. K i = s i , s i1 , s i2 , ... , s imi , s ' 1 , s ' 2 , ... , s ' m-mi-1 ) • Key Derivation: In key derivation, a term Sj/i that is used to identify the hierarchy is used: • 12) Consider a security class C i which is ancestor to security class C j and key K j can be calculated by C i as: As shown in Table 1 Set of Classes = {C 1 , C 2 , C 3 , C 4 , C 5 , C 6 , C 7 , C 8 , C 9 , C 10 , C 11 , C 12 , C 13 , C 14 , C 15 , C 16 ), Set of Ancestor Classes = {S 1 , S 2 , S 3 , S 4 , S 5 , S 6 , S 7 , S 8 , S 9 , S 10 , S 11 , S 12 , S 13 , S 14 , S 15 ,S 16 }. There are five ancestors in the Hierarchy. C 1 is the ancestor of C 2, C 3 , C 4 and C 5 . C 2 is the ancestor of C 6 , C 7 , C 8 and C 9 . C 3 is the ancestor of C10, C 11 and C 12 . C 4 is the ancestor of C 13 and C 14 . C 5 is the ancestor of C 15 and C 16 . Equation 4 and 5 are used for deriving the keys.  Key derivation of C 2 by C 1 : AK 1,2 = K 2 (same parameters in different permutation) Key derivation of C 3 by C 1 : Key derivation of C 4 by C 1 : j = 4, i = 1 S j / I = S j /S i UC i = {C 1 }/ΦUC 1 } = 0 r j = 0 m-m i -2-r j = 6-0-2-0 = 4 AK 1,4 = P(s 1 , s 4 ,s 1 ' , s 2 ' , s 3 ' , s 4 ' ) K 4 = (s 4 , s 1 , s 1 ' , s 2 ' , s 3 ' , s 4 ' ) AK 1,4 = K 4 (same parameters in different permutation) Key derivation of C 5 by C 1 : = (s 5 , s 1 , s 1 ' , s 2 ' , s 3 ' , s 4 ' ) AK 1,5 = K 5 (same parameters in different permutation)

JCS
NK 3,1 ≠ K 1 ( parameters are not correct hence Class C 3 does not get the correct key of Class C 1 )

Support of Network Dynamics
In a large group the user dynamics is very frequent which is taken care by the lower layer protocols explained in subsequent sections. There may be occasions where there is a necessity for having changes in the Security Classes during a change in the hierarchy once the system starts functioning. This is managed by the Symmetric Polynomial Scheme in the Upper Layer as explained below.

Adding a Security Class
When a new security class C r is added, we need to verify whether m value satisfies the new node restrictions: • If m < max {m 1 , m 2 ... m n ,..m r }+1, a new m value will be generated so that m ≥ max {m 1 , m 2 , ..., m n ,..m r }+1. Also, the CA will stimulate a new polynomial functions P(x 1 , x 2 ,…x m ) accordingly. In addition, all polynomial functions of security classes are recomputed and retransmitted securely to individual security class controllers • If m ≥ max{m 1 , m 2 ,..., m n ,… m r } +1, the CA selects a random number s r for the new security class C r so that a new polynomial function g r can be computed and transmitted to security class C r securely. However, if security class C r is added as a parent security class of any existing security classes, we need to modify keys of C r 's descendant security classes to prevent security class C r from obtaining old keys of its descendant

Deleting a Security Class
When a security class C r is removed from the hierarchy, we need to resolve whether the security class C r is a leaf node or a parent node. Here, a leaf node a node without any descendant: • Security class C r is a leaf node: The CA can plainly discard the public parameter s r without changing any other keys • Security class C r is a parent node: Once security class C r is deleted from the hierarchy, we cannot allow it to calculate keys of C r 's descendant security classes using polynomial function g r . We need to thwart security class C r from accessing its descendants' resources

Moving a Security Class
A security class C r can be moved from one node to another node in the hierarchy. There are four cases: • Leaf node to another leaf node: The CA simply recomputes new polynomial function g r according the new hierarchy and securely transmits g r to C r • Leaf node to parent node: The CA re-computes polynomial functions of security class C r and C r 's new descendant security classes according to the new hierarchy. The CA securely transmits polynomial functions to the affected security classes • Parent node to leaf node: The CA re-computes polynomial functions of previous descendant security classes of C r and security class C r according to the new hierarchy and then, securely transmits these polynomial functions to the affected security classes • Parent node to parent node: The CA re-computes polynomial functions of previous and present descendant security classes of C r and security class C r according to the new hierarchy and then, securely transmits these polynomial functions to the affected security classes

Merging a Security Class
Two or more security classes can merge together and become one security class C r . Similarly, the CA needs to find previous and present descendant security classes of the merging security classes. The CA randomly chooses a new number S r and then, generates polynomial functions for all corresponding security classes.

Splitting a Security Class
A security class C r splits into two security classes C r1 and C r2 . Depending on whether C r is a parent node or leaf node, the CA has to determine what previous and present descendant security classes are associated with these security classes (C r , C r1 and C r2 ). The CA then Science Publications JCS selects two new numbers s j1 and s j2 and generates polynomial functions for these affected security classes.

Adding a Link
If two security classes C r and C k are linked together, we establish a new direct parent-child relationship between two security classes; say security class C r is the parent of security class C k . There are two different cases: (1) Security class C r was an ancestor of security class C k through other security classes. The CA does not need to perform anything; and (2) security class C r is the only parent for security class C k in the new hierarchy. The CA selects a new number S k and generates new polynomial functions for security class C k and its descendants security classes. The CA securely transmits new polynomial functions to these affected security classes.

Deleting a Link
If two linked security classes C r and C k are disconnected, we destroy a direct parent-child relationship between two security classes; say security class C r will not be the parent of security class C k in the new hierarchy. Again, there are two different cases: (1) Security class C r is still an ancestor of security class C k through other security classes in the new hierarchy. The CA does not need to perform anything; and (2) security class C r is not an ancestor for security class C k in the new hierarchy. The CA selects a new number S k and generates new polynomial functions for security class C k and its descendants security classes. The CA securely transmits new polynomial functions to these affected security classes.

KEY ESTABLISHMENT WITHIN THE DYNAMIC PEER GROUPS
Tree based Group Elliptic Curve Diffie-Hellman (TGECDH) protocol is used for maintaining the Classes (C 1 , C 2 , C 3 , C 4 , C 5 , C 6 and C 7 ) individually. The key establishment in the class C 6 is shown. The same procedure is used in all the Classes. Each Member contributes the partial key to compute the class key. In this section, an example of the TGECDH key establishment scheme has been discussed. This example shows how the shared key is obtained by the members and the class key is computed in the group consisting of four SixM1, SixM2, SixM3 and SixM 4 .
In the class (e.g., C 6 ), initially two members SixM 1 & SixM 2 are available (Fig. 3). If a new member SixM 3 wants to join the class (Fig. 4), it broadcasts a join request message to class controller.  If the key tree is fully balanced, the new member joins the root node. The class controller is the rightmost leaf in the sub tree rooted at the insertion node. When a member joins in the class, it creates a new intermediate node and promotes the new intermediate node to be the parent of both the insertion node and the new member node. After updating tree, the class controller proceeds to update its share and passes all public keys tree structure to new member.
The new member acts as the new class controller and computes the new class key. Next, the class controller broadcasts the new tree that contains all public keys. All other members update their trees accordingly and compute the new class key.
If a member wants to leave the class, first it should send the leave request to the class controller to generate the new class key. When the leave request message is received by class controller, it updates its key tree by Science Publications JCS deleting the leaf node corresponding to leave member. The former sibling of leave member is promoted to parent node. The class controller generates a new private key share, computes all public key pairs on the key-path up to the root and broadcasts the new key tree that contains all public keys. The entire member in the class computes the new class key as: Where: K <l,v> = The private key BK <l,v> = The public key r v = A random number and G = The Generator The intermediate node with two children does not represent any class member but it represents a sub-class. The intermediate node's private key is treated as the subclass key. It can be calculated by the following rule where node <l, v>'s two children are <l+1, 2v> and < l+1, 2v+1>. Where, l is the level, v is the vertices index, K <l,v> can be calculated as X co (K <l+1,2v> *BK <l+1,2v+1> ). This can be solved as: where, X co is the x-coordinate of the point represented within the parentheses. L is the height (level) of the node and v is the index of the node at level l.

Leave Operation
In the individual classes either the member or the class controller may leave.

PERFORMANCE ANALYSIS OF DEP (SP-TGECDH) PROTOCOL
The following Evaluation Criteria is used for analyzing the performance of the proposed scheme: • Size of the information stored • Amount of public information • Efficiency of key derivation by the ancestor classes • Communication complexity of key updates • Computational Complexity • Security against attacks

Size of Information (Public and Private)
Storage overhead can be considered as the memory capacity required for maintaining the keys, which is directly proportional to the number of members. The total storage required can be calculated as sum of cost incurred for the TGECDH protocol and the Symmetric Polynomial. Suppose there are C classes. Total Storage cost = ∑TGECDH i +Cost for Symmetric Polynomial. Storage Cost (Private Keys +Public Keys) of TGECDH for a single class = (2×n i ) + n i +1. Where, n i is the number of members in the class i and TGECDH Cost for c classes is Σ ((2×n i )+ n i +1) for i = 1 to c: where, m is the number of public parameters. In our case it is 6. The Class Controllers forming a part of Symmetric Polynomial Scheme need to store only one key. The Table 2 shows the key size for an equivalent security using normal schemes and ECC. where, K i is Private Key size in bits PK u is Public key size in bits. Always public key size is twice that of private key in ECC. The ECC offers a very high security with very less key size and hence is more suitable for implementing the hierarchical access control on devices with low power.

Efficiency of Key Derivation By The Ancestor Classes
One common operation for HAC is key derivation, which is a node develops the key of its descendant from its own key.

Communication Cost
Communication Cost depends on Number of Rounds, Number of Messages and Size of a message. Communication costs needed for the group key agreement protocol in terms of number of messages. In each class a join operation requires 2 rounds of message and 3 messages are exchanged to form a key. The leave operation needs only a single message. As the membership changes are local to the respective classes the key for that class alone is changed and the remaining keys of all other classes do not get affected. Dynamic Peer Groups are efficiently managed by this method.

Computation Cost
The computation cost is the cost involved in the case of calculating the key. In the proposed scheme, only during the changes in hierarchy the key is recalculated by the Central Authority and distributed to the class controllers. In the proposed scheme, asymmetric keys are used between communicating nodes. The class dynamically establishes keys using TGECDH. This offers distinct advantages for key establishment including scalability. ECC is an ideal public key algorithm because it offers the most security per bit than any other public key scheme.
The Total Cost for the proposed scheme is the sum of the cost for Tree Based Group Elliptic Curve Diffie Hellman Scheme and Symmetric Polynomial Scheme. The TGECDH can be calculated as total number of point operations. The following operations take place point Addition P+Q (ADD), point Doubling (DBL), number of field operations: Addition/subtraction (A), Multiplication (M), Squaring (S), Inversion (I). The Common assumptions (from Table 3 k t 2 k * t exponentiation, t * t 2 where, k is the threshold. For a Pentium 4 processor at 3 GHz., the number of clock cycles for Addition = 3 clock cycles = (3/3)/1000 = 0.001 µs. Multiplication: 10 clock cycles = (10/3)/1000 = 0.003333333 µs. The Time for bit operations for symmetric polynomial scheme is 0.003 µs. The bit operations have been calculated taking into consideration the key sizes for equivalent security as that for ECC. The timings of prime field operations which are addition, subtraction, modular reduction, multiplication, squaring and inversion are given. These values have been used in calculating the computation time for TGECDH.

JCS
Optimum storage cost, communication cost and computation cost makes Hierarchical Access Control in Dynamic Peer Groups using Symmetric Polynomial and Tree Based Group Elliptic Curve Diffie Hellman Scheme ideal for use.

Hierarchical Access Control Cost
The HAC cost is the number of keys to be transmitted to make the higher class users to see the resources or messages of the lower class users. For a class assume that there are m ancestor classes. The number of users in the Ancestor class are denoted by H 1 , H 2 , … , H m . Irrespective of the number of users in each class, the proposed scheme uses only one decryption and encryption.

Security Analysis
The Security of SP-TGECDH is good because of the following properties. 1. The use of symmetric polynomial scheme makes key derivation easier. 2. The Two layer approach allows the secret key to be confined to the respective classes alone and the actual key is never moved on to any other class. The system is developed using java net beans and found to be secure and fast. The system takes care of User level and Class level dynamics (Begum et al., 2010b). The large number of parameters prevents a possible guessing e.g., For a sixteen parameter general polynomial 16! (i.e., 10922789888000) combinations are possible. Surges in leave and join operations also can be taken care and the system can be used for any hierarchy. The Security of ECC is due to the discrete logarithms problem over the points on the elliptic curve. Cryptanalysis involves determining x given Q and P where P is a point on the elliptic curve and Q = x P that is P added to itself x times. The best known algorithm to break the elliptic curve points is the pollard-rho algorithm which is a fully exponential algorithm and difficult to solve.

Attack 1: Contrary Attacks
Assuming that E1 (lower privileged user) needs to crack the secret key of B1 (Higher Privileged User). It is not feasible to decrypt messages as the derivation gives a wrong value.

Attack 2: Interior Collecting Attacks
There is no relation bound between any of the ancestor nodes and so a lower level User cannot decrypt messages by negotiating any one parent.

Attack 3: Exterior Collecting Attack
If an attacker is outside the system, it means no idea about what elliptic curve or generator point is being used is known and hence more difficult to attack.

Attack 4: Collaborative Attacks
We assume that if there is a higher privileged user belonging to class B and there are two descendant classes D and E. Users of D and E cannot perform a collaborative attack as the secret key cannot be derived.

Attack 5: Sibling Attacks
Classes who have same parent also cannot crack the key of a sibling class due to the absence of any related parameters among them.

CONCLUSION
In this study the Hierarchical Access Control in Dynamic Peer Groups using Symmetric Polynomial and Tree Based Group Elliptic Curve Diffie Hellman Scheme is proposed and implemented. This can enhance the access control performance by using multiple class keys and in contrast to other existing schemes using only single key, the new proposed scheme exploits asymmetric key, i.e., multiple outer keys and multiple class keys. Compared with other schemes, the new proposed scheme can significantly reduce the key computation cost. Therefore, the number of re-keying messages and the load on computation, communication and memory can be dramatically reduced and communication overheads in the re-keying process can be performed, with acceptable computational overhead.

Future Work
The future work involves use of this approach for real time applications and to provide wide-ranging analysis on network performance constraints such as latency, bandwidth, utilization and throughput. Different channel properties and different topologies need to be investigated to discover further useful interactions. Also, more studies have to be carryout to identify the best topology combinations to achieve high security at the least expense.