SPMAC: Secure and privacy-preserving multi-authority access control for fog-enabled IoT cloud storage

Abstract

The fog computing paradigm extends the storage, network and computing facilities of the Internet of Things (IoT) to the edge of the network and provides increased convenience in real life. However, IoT still faces great security challenges, such as unauthorized access, collusion attacks between users, cloud attack, and privacy leaks. Most recently, Xiong et al. proposed a scheme to attempt to solve these issues (Xiong et al., 2020). However, we found that their scheme still could not resist the collusion attacks between non-revoked users and revoked users. This study performs the security analysis of SEM-ACSIT and proposes a secure and privacy-preserving multi-authority access control scheme named SPMAC. The proposed scheme can realize flexible user and attribute revocation. The proposed scheme achieves forward security and backward security. For the resource-limited devices, This scheme csn achieve lightweight computing using online–offline encryption technique, outsourced decryption method, and fog computing. It is worth noting that the scheme proposes a ciphertext update check algorithm, allowing users to confirm whether the ciphertext from the untrusted cloud and the user secret key have been updated. The security analysis shows that the proposed scheme can resist multiple collusion attacks, such as revoked and non-revoked users attack, cloud-users attack, and cloud attack. In addition, we realize the hidden access policy to protect users’ privacy. Finally, the results of simulation experiments indicate that the proposed scheme has great practical significance in the access control of IoT.