Ciphertext-Policy Attribute-Based Encryption for Cloud Storage: Toward Data Privacy and Authentication in AI-Enabled IoT System

P Chinnasamy,Gyanendra Prasad Joshi,Ashit Kumar Dutta,P Deepalakshmi,Jinsang You

doi:10.3390/math10010068

Abstract

People can store their data on servers in cloud computing and allow public users to access data via data centers. One of the most difficult tasks is to provide security for the access policy of data, which is also needed to be stored at cloud servers. The access structure (policy) itself may reveal partial information about what the ciphertext contains. To provide security for the access policy of data, a number of encryption schemes are available. Among these, CP-ABE (Ciphertext-Policy Attribute-Based Encryption) scheme is very significant because it helps to protect, broadcast, and control the access of information. The access policy that is sent as plaintext in the existing CP-ABE scheme along with a ciphertext may leak user privacy and data privacy. To resolve this problem, we hereby introduce a new technique, which hides the access policy using a hashing algorithm and provides security against insider attack using a signature verification scheme. The proposed system is compared with existing CP-ABE schemes in terms of computation and expressive policies. In addition, we can test the functioning of any access control that could be implemented in the Internet of Things (IoT). Additionally, security against indistinguishable adaptive chosen ciphertext attacks is also analyzed for the proposed work.

Highlights

The Internet of Things (IoT) offers a new framework for the creation of heterogeneous and distributed networks and has become an increasingly ubiquitous forum for computing services
We highlight some of the latest IoT and cloud computing approaches about access control systems, data protection, and privacy
Based on the foregoing observations, the following are the key contributions of this article: (i) We propose a new strategy CP-Attribute-based encryption (ABE) scheme to enhance the security of user data and privacy of the user by hiding the access policy. (ii) The storage overhead of this scheme is reduced by generating constant size ciphertext. (iii) The identification and prevention from insider attack is achieved by utilizing the short signature scheme. (iv) An enhancement to the IoT architecture has been designed in addition to making it a secure fine-grained access control system that prevents insider attacks. (v) A comparison study was conducted to describe the key components of ABE schemes that hide access policies, along with computational overhead analysis, security, and operational attributes of various access control schemes. 1.3

Summary

Introduction

The Internet of Things (IoT) offers a new framework for the creation of heterogeneous and distributed networks and has become an increasingly ubiquitous forum for computing services. Due to the lack of adequate computing and storage resources for processing and storing large volumes of IoT data, it appears to follow a cloud-based architecture to address the security and resource sharing problems. The entire implementation infrastructure must be secured from attacks that can obstruct IoT services and pose a threat to data privacy, credibility, or confidentiality. Security problems dominate IoT-based applications [3], prompting a major overhaul of established security choices leading many researchers to the evolution of modern techniques. Some of the leading security issues are user access control and maintaining the protection of cloud data. We highlight some of the latest IoT and cloud computing approaches about access control systems, data protection, and privacy

Objectives

Methods

Findings

Conclusion