FDO-ABE: A Fully Decentralized Lightweight Access Control Architecture for Mobile Edge Computing

Abstract

Attribute-based encryption (ABE) is an emergent cryptographic primitive introduced in recent years. Due to its fine-grained access policy, ABE has been widely used in cloud security to build an attribute-based access control architecture. As a promising edge technology, Mobile Edge Computing (MEC), introduced for the Internet of Mobile Things (IoMT), provides the high quality services for the end-users with mobile IoT devices. In MEC, the data is stored and processed isolately and independently in fog nodes or cloudlets located at the edge of the Internet in the vicinity of the mobile users. But in most existing ABE schemes, researchers only consider there is a single data storage in the system. So this makes the existing ABE scheme not applicable for the MEC with distributed micro data storages. To solve this prominent challenge in traditional ABE, in this paper, we propose a fully decentralized outsourced ABE scheme (FDO-ABE) acted as the access control architecture for the MEC. Our FDO-ABE scheme, based on the non-interactive multi-authority ABE (NI-MA-ABE) scheme, not only supports the multi attribute authorities (AAs) in generating the multi attribute-based private keys for user, but also provides the independent and isolated ciphertext storage for the distributed cloudlets or fog nodes. What's more, to offload the computational intensive tasks from mobile devices, we design an efficient outsourced decryption (oDec) algorithm for our FDO-ABE scheme. By using our oDec algorithm, the complex operations in decryption phase can be transmitted from mobile IoT devices to the cloudlets. Summing up, our FDO-ABE scheme is more suitable as an access control model for MEC.