An Anonymous and Outsourcing-Supported Multiauthority Access Control Scheme With Revocation for Edge-Enabled IIoT System

Abstract

With the application of the Internet of Things and intelligent technologies in industrial systems, the manufacturing efficiency and product quality have been improved, leading to the development of the Industrial Internet of Things (IIoT). Uploading private data to the cloud may lead to data leakage without security protection. Thus, attribute-based encryption (ABE) is widely used to ensure data security and implement data access control, and some multiauthority ABE schemes are proposed to meet the requirement of attributes from different authorities, such as factory and government, which is more suitable for the IIoT system. However, the current multiauthority ABE schemes are with privacy leakage problems on attributes and low-efficiency issues. To address these problems, we propose a multiauthority ABE scheme, which protects users’ privacy by anonymizing attributes in authentication, reduces the computing burden of IIoT devices by adapting online/offline technique and outsourcing decryption to edge devices, and realizes effective attribute revocation. A formal security proof is presented that our scheme is replayable chosen ciphertext attack secure. Finally, we implement the proposed scheme, and experimental results show that our scheme is more efficient than the existing schemes.