Abstract
Access and utilization of data are central to the cloud computing paradigm. With the advent of the Internet of Things (IoT), the tendency of data sharing on the cloud has seen enormous growth. With data sharing comes numerous security and privacy issues. In the process of ensuring data confidentiality and fine-grained access control to data in the cloud, several studies have proposed Attribute-Based Encryption (ABE) schemes, with Key Policy-ABE (KP-ABE) being the prominent one. Recent works have however suggested that the confidentiality of data is violated through collusion attacks between a revoked user and the cloud server. We present a secured and efficient Proxy Re-Encryption (PRE) scheme that incorporates an Inner-Product Encryption (IPE) scheme in which decryption of data is possible if the inner product of the private key, associated with a set of attributes specified by the data owner, and the associated ciphertext is equal to zero . We utilize a blockchain network whose processing node acts as the proxy server and performs re-encryption on the data. In ensuring data confidentiality and preventing collusion attacks, the data are divided into two, with one part stored on the blockchain network and the other part stored on the cloud. Our approach also achieves fine-grained access control.
Highlights
It has been estimated that there will be an enormous growth in the number of devices that will be connected to the internet by 2030 [1], and this will diminish the boundary between physical and digital worlds [2]
In ensuring data confidentiality and preventing collusion attacks, the data are divided into two, with one part stored on the blockchain network and the other part stored on the cloud
Collusion Resistance: Our proposed scheme prevents collusion attack in the sense that the re-encrypted data are divided into two parts with one part stored on the blockchain network, and the other part stored on the cloud
Summary
It has been estimated that there will be an enormous growth in the number of devices that will be connected to the internet by 2030 [1], and this will diminish the boundary between physical and digital worlds [2]. To ensure effective data sharing and user revocation, a system model employing Key Policy-Attribute Based Encryption (KP-ABE) and Proxy Re-Encryption (PRE) is proposed in [11]. Our proxy re-encryption satisfies fine-grained access control in that users have access right to different sets of data, which is made possible by the ABE scheme. Our scheme is collusion resistant as the cloud server and/or the proxy and the (revoked) user cannot collude to access data This is made possible because the blockchain network is a decentralized system and all processes (transactions) are monitored by every participant on the network, and recorded and stored into blocks.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
