Privacy-Preserving Broker-ABE Scheme for Multiple Cloud-Assisted Cyber Physical Systems

Cloud-assisted cyber–physical systems (CCPSs) integrate the physical space with cloud computing. To do so, sensors on the field collect real-life data and forward it to clouds for further data analysis and decision-making. Since multiple services may be accessed at the same time, sensor data should be forwarded to different cloud service providers (CSPs). In this scenario, attribute-based encryption (ABE) is an appropriate technique for securing data communication between sensors and clouds. Each cloud has its own attributes and a broker can determine which cloud is authorized to access data by the requirements set at the time of encryption. In this paper, we propose a privacy-preserving broker-ABE scheme for multiple CCPSs (MCCPS). The ABE separates the policy embedding job from the ABE task. To ease the computational burden of the sensors, this scheme leaves the policy embedding task to the broker, which is generally more powerful than the sensors. Moreover, the proposed scheme provides a way for CSPs to protect data privacy from outside coercion.

[1]  Jay Lee,et al.  A Cyber-Physical Systems architecture for Industry 4.0-based manufacturing systems , 2015 .

[2]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[3]  Javier Herranz,et al.  Attribute-based encryption schemes with constant-size ciphertexts , 2012, Theor. Comput. Sci..

[4]  Qiaoyan Wen,et al.  An Efficient ABE Scheme With Verifiable Outsourced Encryption and Decryption , 2019, IEEE Access.

[5]  Marina Blanton,et al.  Deniable cloud storage: sharing files via public-key deniability , 2010, WPES '10.

[6]  Hugo Krawczyk,et al.  Chameleon Signatures , 2000, NDSS.

[7]  Markus Dürmuth,et al.  Deniable Encryption with Negligible Detection Probability: An Interactive Construction , 2011, EUROCRYPT.

[8]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[9]  Insup Lee,et al.  Cyber-physical systems: The next computing revolution , 2010, Design Automation Conference.

[10]  Zhong Chen,et al.  Ciphertext Policy Attribute-Based Proxy Re-encryption , 2010, ICICS.

[11]  Piotr K. Tysowski,et al.  Hybrid Attribute- and Re-Encryption-Based Key Management for Secure and Scalable Mobile Applications in Clouds , 2013, IEEE Transactions on Cloud Computing.

[12]  Lihua Liu,et al.  A Note on Bilinear Groups of a Large Composite Order , 2013, IACR Cryptol. ePrint Arch..

[13]  Feng Zhou,et al.  T-Broker: A Trust-Aware Service Brokering Scheme for Multiple Cloud Collaborative Services , 2015, IEEE Transactions on Information Forensics and Security.

[14]  Larry Feldman,et al.  The NIST Definition of Fog Computing , 2017 .

[15]  Ilia Petrov,et al.  From Active Data Management to Event-Based Systems and More , 2010, Lecture Notes in Computer Science.

[16]  P. Praveen Chandar,et al.  Hierarchical attribute based proxy re-encryption access control in cloud computing , 2014, 2014 International Conference on Circuits, Power and Computing Technologies [ICCPCT-2014].

[17]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[18]  Ram D. Sriram,et al.  A Vision of Cyber-Physical Cloud Computing for Smart Networked Systems , 2013 .

[19]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[20]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[21]  Hamid Sarbazi-Azad,et al.  A Cloud Broker Architecture for Multicloud Environments , 2014 .

[22]  Keying Li,et al.  Matrix Access structure Policy used in Attribute-Based Proxy Re-encryption , 2013, ArXiv.

[23]  Zhi Chen,et al.  A lightweight attribute-based encryption scheme for the Internet of Things , 2015, Future Gener. Comput. Syst..

[24]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[25]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[26]  Chin-Laung Lei,et al.  Audit-Free Cloud Storage via Deniable Attribute-Based Encryption , 2018, IEEE Transactions on Cloud Computing.

[27]  Allison Bishop,et al.  Tools for Simulating Features of Composite Order Bilinear Groups in the Prime Order Setting , 2012, EUROCRYPT.

[28]  P. MuraliKrishna,et al.  SECURE SCHEMES FOR SECRET SHARING AND KEY DISTRIBUTION USING PELL'S EQUATION , 2013 .

[29]  Dan Boneh Bilinear Groups of Composite Order , 2007, Pairing.

[30]  Willy Susilo,et al.  A Ciphertext-Policy Attribute-Based Proxy Re-encryption with Chosen-Ciphertext Security , 2013, 2013 5th International Conference on Intelligent Networking and Collaborative Systems.

[31]  Rafail Ostrovsky,et al.  Deniable Encryption , 1997, IACR Cryptol. ePrint Arch..

[32]  Friedemann Mattern,et al.  From the Internet of Computers to the Internet of Things , 2010, From Active Data Management to Event-Based Systems and More.

[33]  Fuchun Guo,et al.  Ciphertext-policy attribute-based encryption against key-delegation abuse in fog computing , 2018, Future Gener. Comput. Syst..

[34]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[35]  Ralf Tönjes,et al.  Using Attribute-Based Encryption on IoT Devices with instant Key Revocation , 2019, 2019 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops).

[36]  Min Ji,et al.  CCA-secure ABE with outsourced decryption for fog computing , 2018, Future Gener. Comput. Syst..

[37]  Yacine Challal,et al.  Instantaneous Proxy-Based Key Update for CP-ABE , 2016, 2016 IEEE 41st Conference on Local Computer Networks (LCN).

[38]  Nouha Oualha,et al.  Lightweight Attribute-Based Encryption for the Internet of Things , 2016, 2016 25th International Conference on Computer Communication and Networks (ICCCN).

[39]  Jiafu Wan,et al.  Cloud-Assisted Cyber-Physical Systems for the Implementation of Industry 4.0 , 2017, Mob. Networks Appl..

[40]  Brent Waters,et al.  Bi-Deniable Public-Key Encryption , 2011, CRYPTO.

[41]  William E. Burr,et al.  Recommendation for Key Management, Part 1: General (Revision 3) , 2006 .