An efficient access control scheme with outsourcing capability and attribute update for fog computing

Fog computing as an extension of cloud computing provides computation, storage and application services to end users. Ciphertext-policy attribute-based encryption (CP-ABE) is a well-known cryptographic technology for guaranteeing data confidentiality and fine-grained data access control. It enables data owners to define flexible access policy for data sharing. However, in CP-ABE systems, the problems of the time required to encrypt, decrypt and attribute update are long-standing unsolved in the literature. In this paper, we propose the first access control (CP-ABE) scheme supporting outsourcing capability and attribute update for fog computing. Specifically, the heavy computation operations of encryption and decryption are outsourced to fog nodes, thus the computation operations for data owners to encrypt and users to decrypt are irrelevant to the number of attributes in the access structure and secret keys, respectively. The cost brought by attribute update is efficient in the sense that we only concentrate on the update of the ciphertext associated with the corresponding updated attribute. The security analysis shows that the proposed scheme is secure under the decisional bilinear Diffie–Hellman assumption. The proposed scheme is efficient, and the time of encryption for data owners and decryption for users are small and constant. The computational ability of fog nodes are fully utilizing during the access control, so the tiny computing cost is left to end users with resource-constrained devices.

[1]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[2]  M. Jaiganesh,et al.  Performance Evaluation of Cloud Services with Profit Optimization , 2015 .

[3]  Ling Cheung,et al.  Provably secure ciphertext policy ABE , 2007, CCS '07.

[4]  Raja Lavanya,et al.  Fog Computing and Its Role in the Internet of Things , 2019, Advances in Computer and Electrical Engineering.

[5]  Qun Li,et al.  Security and Privacy Issues of Fog Computing: A Survey , 2015, WASA.

[6]  Giovanni Stea,et al.  Exploiting LTE D2D communications in M2M Fog platforms: Deployment and practical issues , 2015, 2015 IEEE 2nd World Forum on Internet of Things (WF-IoT).

[7]  Qun Li,et al.  A Survey of Fog Computing: Concepts, Applications and Issues , 2015, Mobidata@MobiHoc.

[8]  Marimuthu Palaniswami,et al.  EHOPES: Data-centered Fog platform for smart living , 2015, 2015 International Telecommunication Networks and Applications Conference (ITNAC).

[9]  Rongxing Lu,et al.  Towards power consumption-delay tradeoff by workload allocation in cloud-fog computing , 2015, 2015 IEEE International Conference on Communications (ICC).

[10]  Qixiang Mei,et al.  Generic and Efficient Constructions of Attribute-Based Encryption with Verifiable Outsourced Decryption , 2016, IEEE Transactions on Dependable and Secure Computing.

[11]  Weixin Xie,et al.  An Efficient File Hierarchy Attribute-Based Encryption Scheme in Cloud Computing , 2016, IEEE Transactions on Information Forensics and Security.

[12]  Milan Petkovic,et al.  Attribute-based encryption with encryption and decryption outsourcing , 2014 .

[13]  Weixin Xie,et al.  Attribute-Based Data Sharing Scheme Revisited in Cloud Computing , 2016, IEEE Transactions on Information Forensics and Security.

[14]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[15]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[16]  R. Pavithra,et al.  Secure Role based Data Access Control in Cloud Computing , 2011 .

[17]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[18]  Joseph K. Liu,et al.  Privacy-Preserving Ciphertext Multi-Sharing Control for Big Data Storage , 2015, IEEE Transactions on Information Forensics and Security.

[19]  Zhibin Zhou,et al.  Efficient and secure data storage operations for mobile cloud computing , 2012, 2012 8th international conference on network and service management (cnsm) and 2012 workshop on systems virtualiztion management (svm).

[20]  Máté Horváth,et al.  Attribute-Based Encryption Optimized for Cloud Computing , 2015, IACR Cryptol. ePrint Arch..

[21]  Angelo De Caro,et al.  jPBC: Java pairing based cryptography , 2011, 2011 IEEE Symposium on Computers and Communications (ISCC).

[22]  Kim-Kwang Raymond Choo,et al.  Cloud based data sharing with fine-grained proxy re-encryption , 2016, Pervasive Mob. Comput..

[23]  Rajkumar Buyya,et al.  Attribute-based data access control in mobile cloud computing: Taxonomy and open issues , 2017, Future Gener. Comput. Syst..

[24]  Joseph K. Liu,et al.  An Efficient Cloud-Based Revocable Identity-Based Proxy Re-encryption Scheme for Public Clouds Data Sharing , 2014, ESORICS.

[25]  Ali Ismail Awad,et al.  Business and Government Organizations' Adoption of Cloud Computing , 2014, IDEAL.

[26]  Josep Domingo-Ferrer,et al.  Cloud Cryptography: Theory, Practice and Future Research Directions , 2016, Future Gener. Comput. Syst..

[27]  Ivan Stojmenovic,et al.  The Fog computing paradigm: Scenarios and security issues , 2014, 2014 Federated Conference on Computer Science and Information Systems.

[28]  Joseph K. Liu,et al.  Extended Proxy-Assisted Approach: Achieving Revocable Fine-Grained Encryption of Cloud Data , 2015, ESORICS.

[29]  Kim-Kwang Raymond Choo Cloud computing: Challenges and future directions , 2010 .

[30]  Ting Wang,et al.  A Cloud-Based Access Control Scheme with User Revocation and Attribute Update , 2016, ACISP.

[31]  Junbeom Hur,et al.  Improving Security and Efficiency in Attribute-Based Data Sharing , 2013, IEEE Transactions on Knowledge and Data Engineering.

[32]  Willy Susilo,et al.  Searchable Attribute-Based Mechanism With Efficient Data Sharing for Secure Cloud Storage , 2015, IEEE Transactions on Information Forensics and Security.

[33]  Ivan Stojmenovic,et al.  An overview of Fog computing and its security issues , 2016, Concurr. Comput. Pract. Exp..