Auditable and Times limitable Secure Data Access Control for Cloud-based Industrial Internet of Things

Abstract

Recently, the rapid development of Internet of things (IoT) and cloud computing technologies have greatly facilitated various industrial applications and Industrial IoT (IIoT). The widely deployed IIoT devices and large capacity of cloud significantly benefit for and bring convenience to various industrial sectors. However, there exist a large number of concerns about data security in IIoT, especially when a majority of sensitive IIoT data is shared in cloud. Although as one of the most promising technique, Ciphertext-Policy Attribute-Based Encryption (CP-ABE) can provide fine-grained access control for IIoT data shared in cloud, there are still many drawbacks which impede the direct adoption of conventional CP-ABE. On the one hand, unlimited IIoT data access times may disable data access service of cloud and bring serious consequences. On the other hand, the access policies of ciphertexts usually consist of much sensitive information and cause privacy exposure. Moreover, the high computation overhead also extremely hinders resource-limited users in IIoT applications. To solve these problems, we propose TAHP-CP-ABE, a k-times and auditable hidden-policy CP-ABE scheme which is suitable for resource-limited users and privacy-aware access policies with data access times limitation in IIoT applications. Specifically, TAHP-CP-ABE preserves the privacy of access policies by hiding only attribute values and realizes limited access times as well as efficient IIoT ciphertexts decryption with decryption test and outsourced decryption. The security analysis and experimental results indicate that TAHP-CP-ABE is secure, efficient and practical.