Efficient and privacy preserving access control scheme for fog-enabled IoT

Abstract The fog-to-things paradigm is introduced to mitigate the heavy burden on the edge of cloud-based network due to the centralized processing and storing of the massive volume of IoT data. Fog-enabled IoT architectures ensure small latency and enough computing resource that enables real time devices and applications. However, there still exist security and privacy challenges on data access control for fog-enabled IoT. Ciphertext-policy attribute-based encryption (CP-ABE) can be adopted to realize data access control in cloud-fog computing systems. In this paper, we propose an efficient and privacy preserving outsourced multi-authority access control scheme, named PPO-MACS. All attributes of users are transformed to be anonymous and authenticable to realize privacy preserving. And the verifiable outsourced decryption is introduced to reduce computation overheads on the end user side. Meanwhile, an efficient user revocation method is proposed. Security and performance analysis show that our scheme is secure and highly efficient.

[1]  Qixiang Mei,et al.  Generic and Efficient Constructions of Attribute-Based Encryption with Verifiable Outsourced Decryption , 2016, IEEE Transactions on Dependable and Secure Computing.

[2]  Robert H. Deng,et al.  Fully Secure Cipertext-Policy Hiding CP-ABE , 2011, ISPEC.

[3]  Xuemin Shen,et al.  Securing Fog Computing for Internet of Things Applications: Challenges and Solutions , 2018, IEEE Communications Surveys & Tutorials.

[4]  Matthew Green,et al.  Outsourcing the Decryption of ABE Ciphertexts , 2011, USENIX Security Symposium.

[5]  Ravi S. Sandhu,et al.  Access Control Models for Cloud-Enabled Internet of Things: A Proposed Architecture and Research Agenda , 2016, 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC).

[6]  Giuseppe Anastasi,et al.  Fog Computing for the Internet of Mobile Things: Issues and Challenges , 2017, 2017 IEEE International Conference on Smart Computing (SMARTCOMP).

[7]  Antonio Pescapè,et al.  On the Integration of Cloud Computing and Internet of Things , 2014, 2014 International Conference on Future Internet of Things and Cloud.

[8]  Min Ji,et al.  CCA-secure ABE with outsourced decryption for fog computing , 2018, Future Gener. Comput. Syst..

[9]  Ravi S. Sandhu,et al.  Access Control Models for Virtual Object Communication in Cloud-Enabled IoT , 2017, 2017 IEEE International Conference on Information Reuse and Integration (IRI).

[10]  Sateesh Addepalli,et al.  Fog computing and its role in the internet of things , 2012, MCC '12.

[11]  Ian Goldberg,et al.  Pairing-Based Onion Routing , 2007, Privacy Enhancing Technologies.

[12]  Yixian Yang,et al.  Secure and efficient data collaboration with hierarchical attribute-based encryption in cloud computing , 2017, Future Gener. Comput. Syst..

[13]  Robert H. Deng,et al.  Expressive CP-ABE with partially hidden access structures , 2012, ASIACCS '12.

[14]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[15]  Jiguo Li,et al.  Privacy-preserving personal health record using multi-authority attribute-based encryption with revocation , 2014, International Journal of Information Security.

[16]  Xin Wang,et al.  A Secure and Verifiable Outsourced Access Control Scheme in Fog-Cloud Computing , 2017, Sensors.

[17]  Jie Cui,et al.  Multi-authority attribute-based encryption access control scheme with policy hidden for cloud storage , 2016, Soft Computing.

[18]  Gunasekaran Manogaran,et al.  Centralized Fog Computing Security Platform for IoT and Cloud in Healthcare System , 2018 .

[19]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[20]  Melissa Chase,et al.  Multi-authority Attribute Based Encryption , 2007, TCC.

[21]  Bo Lang,et al.  A CP-ABE scheme with hidden policy and its application in cloud computing , 2016, Int. J. Cloud Comput..

[22]  Weixin Xie,et al.  An Efficient File Hierarchy Attribute-Based Encryption Scheme in Cloud Computing , 2016, IEEE Transactions on Information Forensics and Security.

[23]  Tsz Hon Yuen,et al.  Fully Secure Multi-authority Ciphertext-Policy Attribute-Based Encryption without Random Oracles , 2011, ESORICS.

[24]  Robert H. Deng,et al.  Attribute-Based Encryption With Verifiable Outsourced Decryption , 2013, IEEE Transactions on Information Forensics and Security.

[25]  Xiaohua Jia,et al.  Expressive, Efficient, and Revocable Data Access Control for Multi-Authority Cloud Storage , 2014, IEEE Transactions on Parallel and Distributed Systems.

[26]  Allison Bishop,et al.  Decentralizing Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[27]  Guomin Yang,et al.  Hidden Ciphertext Policy Attribute-Based Encryption Under Standard Assumptions , 2016, IEEE Transactions on Information Forensics and Security.

[28]  Enzo Baccarelli,et al.  Fog of Everything: Energy-Efficient Networked Computing Architectures, Research Challenges, and a Case Study , 2017, IEEE Access.

[29]  Qiaoyan Wen,et al.  An Efficient ABE Scheme With Verifiable Outsourced Encryption and Decryption , 2019, IEEE Access.

[30]  Mateo Valero,et al.  Tackling IoT Ultra Large Scale Systems: Fog Computing in Support of Hierarchical Emergent Behaviors , 2018 .

[31]  Ian Miers,et al.  Charm: a framework for rapidly prototyping cryptosystems , 2013, Journal of Cryptographic Engineering.

[32]  Antonio Pescapè,et al.  Integration of Cloud computing and Internet of Things: A survey , 2016, Future Gener. Comput. Syst..

[33]  Xiaohua Jia,et al.  Attributed-Based Access Control for Multi-authority Systems in Cloud Storage , 2012, 2012 IEEE 32nd International Conference on Distributed Computing Systems.