An Efficient, Accountable, and Privacy-Preserving Access Control Scheme for Internet of Things in a Sharing Economy Environment

The Internet of Things (IoT) has set off a new information technology revolution due to its convenience and efficiency. An IoT enables sharing economy, as more people are willing to share their own things (mostly mobile devices) to leverage the under-used value. In such a situation where owners and users are often not familiar with each other, an efficient access control mechanism is needed to deal with the trust issue and support service accountability to help owners accurately get their deserved profits. Besides, in such a sharing economy environment, the mobility of most shared IoT devices and their privacy preserving should also be taken into account. Regrettably, the existing schemes cannot achieve all of the aforementioned goals simultaneously and only few schemes were implemented to evaluate the claimed performance. In this article, we propose an efficient, accountable, and privacy-preserving access control solution for IoT in a sharing economy environment. In our scheme, we utilize the one-time signature to achieve anonymous authentication and let gateways store the signatures as service credentials for accountability. Meanwhile, we adopt the identity-based authentication to exclude malicious gateways and shared devices from the system and design a specialized protocol for those devices moving with the users. We conduct a detailed security analysis to show that our scheme can effectively defend against potential attacks, and also implement a prototype system to demonstrate that our design is indeed an efficient one.

[1]  Xiaohui Liang,et al.  Privacy-Preserving Ride Sharing Scheme for Autonomous Vehicles in Big Data Era , 2017, IEEE Internet of Things Journal.

[2]  Yaw-Wen Kuo,et al.  Design of a Wireless Sensor Network-Based IoT Platform for Wide Area and Heterogeneous Applications , 2018, IEEE Sensors Journal.

[3]  Nenghai Yu,et al.  Fog-Aided Verifiable Privacy Preserving Access Control for Latency-Sensitive Data Sharing in Vehicular Cloud Computing , 2018, IEEE Network.

[4]  Wei Li,et al.  TMACS: A Robust and Verifiable Threshold Multi-Authority Access Control System in Public Cloud Storage , 2016, IEEE Transactions on Parallel and Distributed Systems.

[5]  Choong Seon Hong,et al.  Internet of things forensics: Recent advances, taxonomy, requirements, and open challenges , 2019, Future Gener. Comput. Syst..

[6]  Bharat K. Bhargava,et al.  A role-based access in a hierarchical sensor network architecture to provide multilevel security , 2008, Comput. Commun..

[7]  Kaiping Xue,et al.  SecGrid: A Secure and Efficient SGX-Enabled Smart Grid System With Rich Functionalities , 2018, IEEE Transactions on Information Forensics and Security.

[8]  Chun Chen,et al.  Distributed Access Control with Privacy Support in Wireless Sensor Networks , 2011, IEEE Transactions on Wireless Communications.

[9]  Sneha A. Dalvi,et al.  Internet of Things for Smart Cities , 2017 .

[10]  Xiaodong Lin,et al.  The Security of Autonomous Driving: Threats, Defenses, and Future Directions , 2020, Proceedings of the IEEE.

[11]  Jie Wu,et al.  PrivacyProtector: Privacy-Protected Patient Data Collection in IoT-Based Healthcare Systems , 2018, IEEE Communications Magazine.

[12]  Antonio F. Gómez-Skarmeta,et al.  DCapBAC: embedding authorization logic into smart things through ECC optimizations , 2016, Int. J. Comput. Math..

[13]  Xavier Masip-Bruin,et al.  A Survey of Communication Protocols for Internet of Things and Related Challenges of Fog and Cloud Computing Integration , 2018, ACM Comput. Surv..

[14]  Ramjee Prasad,et al.  Identity Authentication and Capability Based Access Control (IACAC) for the Internet of Things , 2012, J. Cyber Secur. Mobil..

[15]  Liang Xiao,et al.  IoT Security Techniques Based on Machine Learning: How Do IoT Devices Use AI to Enhance Security? , 2018, IEEE Signal Processing Magazine.

[16]  Andrei Gurtov,et al.  Lightweight and Secure Session-Key Establishment Scheme in Smart Home Environments , 2016, IEEE Sensors Journal.

[17]  Yuanyuan Yang,et al.  Heracles: Scalable, Fine-Grained Access Control for Internet-of-Things in Enterprise Environments , 2018, IEEE INFOCOM 2018 - IEEE Conference on Computer Communications.

[18]  Sudip Misra,et al.  Reputation-based role assignment for role-based access control in wireless sensor networks , 2011, Comput. Commun..

[19]  Douglas R. Stinson,et al.  Short one-time signatures , 2011, Adv. Math. Commun..

[20]  Hao Yue,et al.  Privacy-preserving prepayment based power request and trading in smart grid , 2018, China Communications.

[21]  Mihai T. Lazarescu,et al.  Design of a WSN Platform for Long-Term Environmental Monitoring for IoT Applications , 2013, IEEE Journal on Emerging and Selected Topics in Circuits and Systems.

[22]  Mohsen Guizani,et al.  An Efficient and Robust Data Aggregation Scheme Without a Trusted Authority for Smart Grid , 2020, IEEE Internet of Things Journal.

[23]  Xiao Lu,et al.  Real-Time and Spatio-Temporal Crowd-Sourced Social Network Data Publishing with Differential Privacy , 2018, IEEE Transactions on Dependable and Secure Computing.

[24]  Wei Li,et al.  TAFC: Time and Attribute Factors Combined Access Control on Time-Sensitive Data in Public Cloud , 2014, 2015 IEEE Global Communications Conference (GLOBECOM).

[25]  Jiguo Yu,et al.  A Privacy Preserving Communication Protocol for IoT Applications in Smart Homes , 2016, 2016 International Conference on Identification, Information and Knowledge in the Internet of Things (IIKI).

[26]  Andrei Gurtov,et al.  Anonymous Secure Framework in Connected Smart Home Environments , 2017, IEEE Transactions on Information Forensics and Security.

[27]  Peng Liu,et al.  Discovering and Understanding the Security Hazards in the Interactions between IoT Devices, Mobile Apps, and Clouds on Smart Home Platforms , 2018, USENIX Security Symposium.

[28]  Jianqing Zhang,et al.  Performance evaluation of Attribute-Based Encryption: Toward data privacy in the IoT , 2014, 2014 IEEE International Conference on Communications (ICC).

[29]  Chanathip Namprempre,et al.  Security Proofs for Identity-Based Identification and Signature Schemes , 2004, EUROCRYPT.

[30]  Qian Wang,et al.  Towards Private and Scalable Cross-Media Retrieval , 2021, IEEE Transactions on Dependable and Secure Computing.

[31]  Robert H. Deng,et al.  Security and Privacy in Smart Health: Efficient Policy-Hiding Attribute-Based Access Control , 2018, IEEE Internet of Things Journal.

[32]  Hongyi Wu,et al.  Puncturable Attribute-Based Encryption for Secure Data Delivery in Internet of Things , 2018, IEEE INFOCOM 2018 - IEEE Conference on Computer Communications.

[33]  Mihir Bellare,et al.  Fast Batch Verification for Modular Exponentiation and Digital Signatures , 1998, IACR Cryptol. ePrint Arch..

[34]  Paulo S. L. M. Barreto,et al.  Efficient and Provably-Secure Identity-Based Signatures and Signcryption from Bilinear Maps , 2005, ASIACRYPT.

[35]  Davor Svetinovic,et al.  Security and Privacy in Decentralized Energy Trading Through Multi-Signatures, Blockchain and Anonymous Messaging Streams , 2018, IEEE Transactions on Dependable and Secure Computing.

[36]  Srinivas Devadas,et al.  Intel SGX Explained , 2016, IACR Cryptol. ePrint Arch..

[37]  Yuguang Fang,et al.  EPIC: A Differential Privacy Framework to Defend Smart Homes Against Internet Traffic Analysis , 2018, IEEE Internet of Things Journal.

[38]  Yacine Ghamri-Doudane,et al.  Multi-tenancy in decentralised IoT , 2015, 2015 IEEE 2nd World Forum on Internet of Things (WF-IoT).

[39]  Levent Gürgen,et al.  Sharing user IoT devices in the cloud , 2014, 2014 IEEE World Forum on Internet of Things (WF-IoT).

[40]  Romano Fantacci,et al.  Internet of Vehicles , 2020, Proc. IEEE.

[41]  Peilin Hong,et al.  PPMA: Privacy-Preserving Multisubset Data Aggregation in Smart Grid , 2018, IEEE Transactions on Industrial Informatics.

[42]  Peilin Hong,et al.  An Attribute-Based Controlled Collaborative Access Control Scheme for Public Cloud Storage , 2019, IEEE Transactions on Information Forensics and Security.

[43]  Robert H. Deng,et al.  Variations of Diffie-Hellman Problem , 2003, ICICS.