This study employs secret codes and secret keys based on the elliptic curve to construct an elliptic curve cryptosystem with a dynamic access control system. Consequently, the storage space needed for the secret key generated by an elliptic curve dynamic access control system is smaller than that needed for the secret key generated by exponential operation built on the secure filter (SF) dynamic access control system. Using the elliptic curve to encrypt/decrypt on the secure filter improves the efficiency and security of using exponential operation on the secure filter in the dynamic access control system. With the proposed dynamic elliptic curve access control system, the trusted central authority (CA) can add/delete classes and relationships and change the secret keys at any time to achieve an efficient control and management. Furthermore, different possible attacks are used to analyze the security risks. Since attackers can only obtain the general equations for the elliptic curve dynamic access control system, they are unable to effectively perform an elliptic curve polynomial (ECP) conversion, or to solve the elliptic curve discrete logarithm problem (ECDLP). Thus, the proposed elliptic curve dynamic access control system is secure.

Access control plays an important role in the area of information security, which guarantees that any access to data is authorized. Hierarchical access control is a special access control model in distributed environment, in which each user protects his local data using a secret key; moreover, for any two related users ui and uj, ui can access uj's data if, and only if, ui's priority is higher than uj. Therefore, there should be a way for ui to obtain the secret key of uj if ui's priority is higher than uj. This paper presents an efficient solution to the problem. A special kind of function called secure filter is used as the building block of the proposed solution. In the solution, an authorized user can acquire correct keys efficiently and securely via secure filters. The proposed solution is also well-performed while inserting/deleting users, injecting/removing relations, and changing secret keys. Especially, only deleting users and removing relations will change some keys in the system, other operations can be performed freely without affecting other keys in the system; only secure filters need to be modified in these cases.