A combined public-key scheme in the case of attribute-based for wireless body area networks

The wireless body area networks (WBANs) is a practical application model of Internet of things. It can be used in many scenarios, especially for e-healthcare. The medical data of patients is collected by sensors and transmitted using wireless communication techniques. Different users can access the patient’s data with different privileges. Access control is a crucial problem in WBANs. In this paper, we design a new security mechanism named combined public-key scheme in the case of attribute-based (CP-ABES) to address the user access control in WBANs. Our scheme combines encryption and digital signatures. It uses ciphertext-policy attribute-based encryption to achieve data confidentially, access control, and ciphertext-policy attribute-based signature to realize the identity authentication. The access policy used in our scheme is threshold. Based on this feature, the length of ciphertext and signature of our scheme is constant. Our scheme provides confidentiality, unforgeability, signer privacy and collusion resistance. We prove the efficiency of our scheme theoretically and analyze the security level and energy consumption of our scheme.

[1]  Kyung-Ah Shim,et al.  EIBAS: An efficient identity-based broadcast authentication scheme in wireless sensor networks , 2013, Ad Hoc Networks.

[2]  Reihaneh Safavi-Naini,et al.  Threshold Attribute-Based Signatures and Their Application to Anonymous Credential Systems , 2009, AFRICACRYPT.

[3]  Cheng Chen,et al.  Threshold Ciphertext Policy Attribute-Based Encryption with Constant Size Ciphertexts , 2012, ACISP.

[4]  Atsuko Miyaji,et al.  A ciphertext-policy attribute-based encryption scheme with constant ciphertext length , 2009, Int. J. Appl. Cryptogr..

[5]  Manoj Prabhakaran,et al.  Attribute-Based Signatures , 2011, CT-RSA.

[6]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[7]  Ashok Kumar Das,et al.  A novel and efficient user access control scheme for wireless body area sensor networks , 2014, J. King Saud Univ. Comput. Inf. Sci..

[8]  Qun Li,et al.  Achieving Distributed User Access Control in Sensor Networks , 2022 .

[9]  Dongqing Xie,et al.  Attribute-based signature and its applications , 2010, ASIACCS '10.

[10]  Yuguang Fang,et al.  Location-based compromise-tolerant security mechanisms for wireless sensor networks , 2006, IEEE Journal on Selected Areas in Communications.

[11]  Seong Oun Hwang,et al.  An efficient identity-based broadcast signcryption scheme for wireless sensor networks , 2011, International Symposium on Wireless and Pervasive Computing.

[12]  Peilin Hong,et al.  Distributed access control with adaptive privacy preserving property for wireless sensor networks , 2014, Secur. Commun. Networks.

[13]  Ming Li,et al.  Data security and privacy in wireless body area networks , 2010, IEEE Wireless Communications.

[14]  María Isabel González Vasco,et al.  Combined (identity-based) public key schemes , 2008, IACR Cryptol. ePrint Arch..

[15]  Bin Zhao,et al.  IMBAS: Identity-based multi-user broadcast authentication in wireless sensor networks , 2008, Comput. Commun..

[16]  Dong-Yuan Shi,et al.  Integrating Ciphertext-Policy Attribute-Based Encryption with Identity-Based Ring Signature to Enhance Security and Privacy in Wireless Body Area Networks , 2014, Inscrypt.

[17]  Sencun Zhu,et al.  Least privilege and privilege deprivation: towards tolerating mobile sink compromises in wireless sensor networks , 2005, MobiHoc '05.

[18]  Qun Li,et al.  Distributed User Access Control in Sensor Networks , 2006, DCOSS.

[19]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[20]  Benny Pinkas,et al.  Securely combining public-key cryptosystems , 2001, CCS '01.

[21]  Wenjing Lou,et al.  FDAC: Toward Fine-Grained Distributed Data Access Control in Wireless Sensor Networks , 2011 .

[22]  Tatsuaki Okamoto,et al.  Efficient Attribute-Based Signatures for Non-Monotone Predicates in the Standard Model , 2014, IEEE Transactions on Cloud Computing.

[23]  Kyung-Ah Shim,et al.  S2DRP: Secure implementations of distributed reprogramming protocol for wireless sensor networks , 2014, Ad Hoc Networks.

[24]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[25]  Victor C. M. Leung,et al.  Enabling technologies for wireless body area networks: A survey and outlook , 2009, IEEE Communications Magazine.

[26]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[27]  Aijun-J. Ge,et al.  Attribute-based Signature Scheme with Constant Size Signature ⋆ , 2012 .

[28]  Javier Herranz,et al.  Attribute-based encryption schemes with constant-size ciphertexts , 2012, Theor. Comput. Sci..

[29]  Rolf H. Weber,et al.  Internet of Things - New security and privacy challenges , 2010, Comput. Law Secur. Rev..

[30]  Xiaofeng Liao,et al.  Body Area Network Security: A Fuzzy Attribute-Based Signcryption Scheme , 2013, IEEE Journal on Selected Areas in Communications.

[31]  Chunhua Jin,et al.  Secure and efficient data transmission in the Internet of Things , 2015, Telecommunication Systems.

[32]  Kazuki Yoneyama,et al.  Attribute-Based Encryption with Partially Hidden Encryptor-Specified Access Structures , 2008, ACNS.

[33]  W. Wenqiang,et al.  Attribute-based ring signature scheme with constant-size signature , 2010 .

[34]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[35]  Donggang Liu,et al.  Efficient and distributed access control for sensor networks , 2007, Wirel. Networks.

[36]  Cheng Chen,et al.  Combined Public-Key Schemes: The Case of ABE and ABS , 2012, ProvSec.

[37]  Ye Tian,et al.  An Attribute-Based Encryption Scheme with Revocation for Fine-Grained Access Control in Wireless Body Area Networks , 2014, Int. J. Distributed Sens. Networks.

[38]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).