Abstract
As more applications move data storage to the cloud, protecting sensitive data becomes increasingly important, especially for the Internet of Things (IoT) environments. Ciphertext-policy attribute-based encryption (CP-ABE) is a practical approach for confidentiality and secure access control for data outsourced to the cloud. However, the underlying CP-ABE operations based on bilinear pairings are too demanding for resource-constrained IoT devices. Furthermore, applications such as Industrial IoT (IIoT) have requirements (efficiency, operative, and security) that existing CP-ABE proposals cannot fulfill, and advanced IoT architectures (e.g., fog computing) have not been well-exploited. This paper proposes a novel CP-ABE scheme suitable for IoT scenarios, using an IIoT generic model as a reference. It targets multiple attribute authorities, outsourced encryption and decryption to fog nodes, user revocation, and asymmetric pairings constructions to achieve recommended security levels. As the main distinctive, revocation is defined using a broadcast encryption-based approach, allowing data owners to enforce user revocation over their outsourced data. According to the performance analysis, the proposed scheme achieves high efficiency for IoT nodes. It is also competitive in terms of storage, bandwidth, and computation efficiency compared to previous proposals. Moreover, the security of the suggested construction is demonstrated against chosen-plaintext attacks.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.