A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing

With the rapid development of big data and Internet of things (IOT), the number of networking devices and data volume are increasing dramatically. Fog computing, which extends cloud computing to the edge of the network can effectively solve the bottleneck problems of data transmission and data storage. However, security and privacy challenges are also arising in the fog-cloud computing environment. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in fog-cloud computing systems. In this paper, we propose a verifiable outsourced multi-authority access control scheme, named VO-MAACS. In our construction, most encryption and decryption computations are outsourced to fog devices and the computation results can be verified by using our verification method. Meanwhile, to address the revocation issue, we design an efficient user and attribute revocation method for it. Finally, analysis and simulation results show that our scheme is both secure and highly efficient.

[1]  Hella Kaffel Ben Ayed,et al.  Generic Access Control System for Ad Hoc MCC and Fog Computing , 2016, CANS.

[2]  Mihir Bellare,et al.  Fast Batch Verification for Modular Exponentiation and Digital Signatures , 1998, IACR Cryptol. ePrint Arch..

[3]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[4]  Raja Lavanya,et al.  Fog Computing and Its Role in the Internet of Things , 2019, Advances in Computer and Electrical Engineering.

[5]  Qun Li,et al.  Security and Privacy Issues of Fog Computing: A Survey , 2015, WASA.

[6]  Saeid Gorgin,et al.  A Review on Modern Distributed Computing Paradigms: Cloud Computing, Jungle Computing and Fog Computing , 2014, J. Comput. Inf. Technol..

[7]  Pieter H. Hartel,et al.  Mediated Ciphertext-Policy Attribute-Based Encryption and Its Application , 2009, WISA.

[8]  Joseph K. Liu,et al.  Extended Proxy-Assisted Approach: Achieving Revocable Fine-Grained Encryption of Cloud Data , 2015, ESORICS.

[9]  Jin Li,et al.  Securely Outsourcing Attribute-Based Encryption with Checkability , 2014, IEEE Transactions on Parallel and Distributed Systems.

[10]  Ivan Stojmenovic,et al.  An overview of Fog computing and its security issues , 2016, Concurr. Comput. Pract. Exp..

[11]  Huaqun Wang,et al.  Two-Factor Data Access Control With Efficient Revocation for Multi-Authority Cloud Storage Systems , 2017, IEEE Access.

[12]  Xiaohua Jia,et al.  Attributed-Based Access Control for Multi-authority Systems in Cloud Storage , 2012, 2012 IEEE 32nd International Conference on Distributed Computing Systems.

[13]  Chen Yanli,et al.  Attribute-based access control for multi-authority systems with constant size ciphertext in cloud computing , 2016 .

[14]  Weixin Xie,et al.  An Efficient File Hierarchy Attribute-Based Encryption Scheme in Cloud Computing , 2016, IEEE Transactions on Information Forensics and Security.

[15]  Robert H. Deng,et al.  Attribute-Based Encryption With Verifiable Outsourced Decryption , 2013, IEEE Transactions on Information Forensics and Security.

[16]  Xiaohua Jia,et al.  Expressive, Efficient, and Revocable Data Access Control for Multi-Authority Cloud Storage , 2014, IEEE Transactions on Parallel and Distributed Systems.

[17]  Ali A. Ghorbani,et al.  A Lightweight Privacy-Preserving Data Aggregation Scheme for Fog Computing-Enhanced IoT , 2017, IEEE Access.

[18]  Jin Li,et al.  New Ciphertext-Policy Attribute-Based Access Control with Efficient Revocation , 2013, ICT-EurAsia.

[19]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[20]  Cong Wang,et al.  Attribute based data sharing with attribute revocation , 2010, ASIACCS '10.

[21]  Qixiang Mei,et al.  Generic and Efficient Constructions of Attribute-Based Encryption with Verifiable Outsourced Decryption , 2016, IEEE Transactions on Dependable and Secure Computing.

[22]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[23]  Enzo Baccarelli,et al.  Energy-Efficient Adaptive Resource Management for Real-Time Vehicular Cloud Services , 2019, IEEE Transactions on Cloud Computing.

[24]  Ivan Stojmenovic,et al.  DACC: Distributed Access Control in Clouds , 2011, 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications.

[25]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[26]  Rongxing Lu,et al.  Security and Privacy Challenges in Vehicular Cloud Computing , 2016, Mob. Inf. Syst..

[27]  Eui-nam Huh,et al.  Fog Computing and Smart Gateway Based Communication for Cloud of Things , 2014, 2014 International Conference on Future Internet of Things and Cloud.

[28]  Ian Miers,et al.  Charm: a framework for rapidly prototyping cryptosystems , 2013, Journal of Cryptographic Engineering.

[29]  Dong Kun Noh,et al.  Attribute-Based Access Control with Efficient Revocation in Data Outsourcing Systems , 2011, IEEE Transactions on Parallel and Distributed Systems.

[30]  Enzo Baccarelli,et al.  Fog of Everything: Energy-Efficient Networked Computing Architectures, Research Challenges, and a Case Study , 2017, IEEE Access.

[31]  Zhibin Zhou,et al.  Efficient Privacy-Preserving Ciphertext-Policy Attribute Based-Encryption and Broadcast Encryption , 2015, IEEE Transactions on Computers.

[32]  Jianfeng Ma,et al.  Fine-Grained Access Control System Based on Outsourced Attribute-Based Encryption , 2013, ESORICS.

[33]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[34]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).