Abstract
Fog computing is a paradigm that extends cloud computing to the edge of the network. It can provide computation and storage services to end devices in Internet of Things (IoT). Attribute-based cryptography is a well-known technology to guarantee data confidentiality and fine-grained data access control. However, its computational cost in encryption and decryption phase is linear with the complexity of policy. In this paper, we propose a secure and fine-grained data access control scheme with ciphertext update and computation outsourcing in fog computing for IoT. The sensitive data of data owner are first encrypted using attribute-based encryption with multiple policies and then outsourced to cloud storage. Hence, the user whose attributes satisfy the access policy can decrypt the ciphertext. Based on the attribute-based signature technique, authorized user whose attributes integrated in the signature satisfy the update policy can renew the ciphertext. Specifically, most of the encryption, decryption, and signing computations are outsourced from end devices to fog nodes, and thus, the computations for data owners to encrypt, end users to decrypt, re-encrypt, and sign are irrelevant to the number of attributes in the policies. The security analysis shows that the proposed scheme is secure against known attacks, and the experimental results show that the fog nodes perform most of the computation operations of encryption, decryption, and signing, and hence, the time of encryption for data owner, decryption, re-encryption, and signing for users is small and constant.
Highlights
Nowadays, the cloud computing is considered as a promising computing paradigm, since it can provide elastic computing resources to users based on the techniques of distributed computing, virtualization, and so on [1]
The main contributions are as follows: 1) We propose a fine-grained data access control scheme with ciphertext update based on CP-attribute-based encryption (ABE) and attribute-based signature (ABS) in fog computing
2) We provide a secure outsourcing construction which outsources most of encryption, decryption and signing computations from end Internet of Things (IoT) devices to fog nodes, the computations for data owners to encrypt, end users to decrypt, re-encrypt and sign are irrelevant to the number of attributes in the policies
Summary
The cloud computing is considered as a promising computing paradigm, since it can provide elastic computing resources to users based on the techniques of distributed computing, virtualization, and so on [1]. The encryption, decryption and signing operations of ABE and ABS require a large number of module exponentiations, which commonly grow linearly with the number of attributes in policies This presents a significant challenge for users who access and modify data on resource-constrained IoT devices with limited computation and storage capacity. The main contributions are as follows: 1) We propose a fine-grained data access control scheme with ciphertext update based on CP-ABE and ABS in fog computing. 2) We provide a secure outsourcing construction which outsources most of encryption, decryption and signing computations from end IoT devices to fog nodes, the computations for data owners to encrypt, end users to decrypt, re-encrypt and sign are irrelevant to the number of attributes in the policies.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
