Loading…

Toward Fine-Grained and Forward-Secure Access Control in Cloud-Assisted IoT

With an increasing amount of data produced by pervasive and ubiquitous smart devices, many Internet of Things (IoT) applications adopt the cloud platform to store and process data. To protect data security and privacy, attribute-based encryption (ABE) has been widely used in cloud-assisted IoT syste...

Full description

Saved in:
Bibliographic Details
Published in:IEEE internet of things journal 2024-11, Vol.11 (22), p.36569-36580
Main Authors: Deng, Hua, Yin, Hui, Qin, Zheng, Ou, Lu, Li, Fangmin, Ge, Ningchao
Format: Article
Language:English
Subjects:
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:With an increasing amount of data produced by pervasive and ubiquitous smart devices, many Internet of Things (IoT) applications adopt the cloud platform to store and process data. To protect data security and privacy, attribute-based encryption (ABE) has been widely used in cloud-assisted IoT systems. However, most ABE schemes usually require a central authority to distribute decryption keys for all users, which may raise security and efficiency concerns; in addition, the exposure of decryption keys would severely damage the data privacy. In this article, we introduce a novel notion of decentralized attribute-based puncturable encryption (DABPE). DABPE allows data owner to generate public and secret keys by himself, without relying on any central authority. When outsourcing data to the cloud, the data owner can encrypt data with an access policy; moreover, the data owner could issue particular keys for different data users and only those users whose keys satisfy the access policy can access the data. To achieve a flexible forward security, the data owner and data user can update their keys with some tags such that the data specified by the tags would not be revealed even if the keys are disclosed. We design a concrete DABPE scheme and prove its security in the standard model, and also conduct extensive experiments to show the efficiency of the proposed scheme.
ISSN:2327-4662
2327-4662
DOI:10.1109/JIOT.2024.3423367