A data-owner centric privacy model with blockchain and adapted attribute-based encryption for internet-of-things and cloud environment

Abstract

Advances in internet of things (IoT) and cloud computing technologies have led to the emergence of new applications such as in e-health domain bringing convenience for both physicians and patients. However, the development of these new technologies makes users' privacy vulnerable. The threats on private data may arise from service providers themselves voluntarily or by inadvertence. As a result, the data owner would like to ensure that the collected data are securely stored and accessed only by authorised users. In this paper, we propose a novel data-owner centric privacy model in IoT/cloud environment. Our model combines two promising paradigms for data privacy, which are attribute-based encryption (ABE) and blockchain, to strengthen the data-owner privacy protection. We propose a new scheme of ABE that is, in one hand, suitable to resource-constrained devices by externalising the computing capabilities, thanks to fog computing paradigm and, in the other hand, combined with a blockchain-based protocol to overcome a single point of trust and to enhance data-owner access control.