A Data Security Enhanced Access Control Mechanism in Mobile Edge Computing

Abstract

Mobile edge computing, with characteristics of position awareness, mobile support, low latency, decentralization, and distribution, has received widespread attention from industry and academia, and has been applied to application areas such as intelligent transportation, smart city, and real-time big data analysis. However, it also brings the new security threats, especially data security threats during data access that leads to unauthorized/unauthorized access, alteration and disclosure of data, affecting the confidentiality and integrity of the data. Therefore, access control, as an important method to ensure the security of user data during data access, began to be applied to mobile edge computing. However, the existing access control has the disadvantages of coarse-grain, poor flexibility and accuracy, lack of internal attack considerations, etc., which cannot meet the needs of data security in practical applications of mobile edge computing. In this paper, a data security enhanced Fine-Grained Access Control mechanism (FGAC) is proposed to ensure data security during data access in mobile edge computing. In FGAC, a dynamic fine-grained trusted user grouping scheme based on attributes and metagraphs theory was first designed. Secondly, the scheme was combined with the traditional role-based access control mechanism to assign roles to users based on user group credibility. And then, based on attribute matching the user authentication further verifies whether the user is allowed to perform the access operations to achieve fine-grained data protection. Experimental results show that FGAC can effectively identify malicious users and make group adjustments, while achieving fine-grained access control and assure the data security during the data access process in mobile edge computing.