A lightweight and scalable attribute-based encryption system for smart cities

Abstract

In the near future, a technological revolution will involve our cities, where a variety of smart services based on the Internet of Things will be developed to facilitate the needs of the citizens. Sensing devices are already being deployed in urban environments, and they will generate huge amounts of data. Such data is typically outsourced to some cloud service in order to lower capital and operating expenses and guarantee high availability. However, cloud services may suffer from data breaches due to software and hardware vulnerabilities, or they may have incentives to release stored data to unauthorized entities. In this work we present ABE-Cities, an encryption system for urban sensing which solves the above problems while ensuring fine-grained access control on data by means of Attribute-Based Encryption (ABE). ABE-Cities senses data from the city and stores it on the cloud in an encrypted form. Then, it provides users with keys able to decrypt only data sensed from authorized paths or zones of the city. In ABE-Cities, sensors perform only lightweight symmetric-key encryption, thus we can employ constrained sensor devices such as battery powered motes. ABE-Cities allows us to plan an expiration date for each key, as well as to revoke a given key in an unplanned fashion. We prove that ABE-Cities scales well with the number of users and the number of streets by simulating it with 30 000 users on the Beijing street network, which consists of more than 30 000 streets. In addition to the “vanilla” ABE-Cities scheme, we propose an “advanced” one that leverages the presence of IoT gateways to reduce the computational load otherwise weighing on a single Trusted Third Party. We validate this by testing the advanced scheme on the simulated Houston and Beijing street networks.