Abstract
Edge computing is an emerging distributed computing concept that allows edge servers to provide authorized consumers with various on-demand services. Due to highly dynamic and untrustworthy network environments, various potential security concerns (e.g., unauthorized access, data manipulation, and privacy leakage) have been the critical factors restricting the development of edge computing. A recent heterogeneous framework proposed by Dougherty et al. (CCS’21), named APECS, deploys token-based authorization and multiple attribute-based encryption (MABE) to guarantee access control and data confidentiality. While APECS achieves a secure asynchronous access control without the “always-on” cloud, it suffers from privacy leakage (caused by the public identity information) and fake data spreading issues (due to the data confidentiality). In this paper, we propose an Anonymous and Auditable Distributed Access Control Framework for Edge Computing (AADEC) to relieve these issues. AADEC is based on two building blocks that we designed, namely a conditional anonymous authentication and an auditable MABE with optimized performance. We also define the formal security models and present security proofs for our proposal. The final qualitative comparison and performance benchmark demonstrate that AADEC can achieve a trade-off among anonymity, confidentiality, auditability and efficiency.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: IEEE Transactions on Information Forensics and Security
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.