Lightweight Access Control Research Articles

User-trust centric lightweight access control for smart IoT crowd sensing applications in healthcare systems

User-trust centric lightweight access control for smart IoT crowd sensing applications in healthcare systems

Privacy-Preserving Spatial Keyword Search With Lightweight Access Control in Cloud Environments

Privacy-Preserving Spatial Keyword Search With Lightweight Access Control in Cloud Environments

ReLAC: Revocable and Lightweight Access Control With Blockchain for Smart Consumer Electronics

The increasing popularity of consumer smart devices has led to concerns about the security of electronic data. Blockchains, which are tamper-proof, can be used to store electronic data securely, preserving the privacy of individuals and devices. However, most of the consumer smart devices are resource-constrained, so the computational overhead of blockchain based schemes should not be ignored. Furthermore, the dynamic change of consumer smart devices in real-world scenarios is also an open issue. In this paper, a revocable and lightweight access control scheme (ReLAC) is proposed to realize deduplication and dynamic user revocation for smart consumer electronics/devices using blockchain. To protect the privacy of consumers and devices in the access matrix, the partially hidden policy is adopted in the proposed scheme. Note that, no detailed attribute values of the consumers or the devices are included in the ciphertext transmission. Finally, outsourced decryption is applied to solve the resource-constrained problem of smart consumer electronics/devices. The proposed scheme is proved to be s-IND-CPA secure in the standard model if there exists no one can crackle the decisional q-BDHE assumption. The performance analysis and experiments demonstrate that the proposed scheme is secure and computational efficiency for the application in consumer electronic systems.

FA-SMW: Fog-Driven Anonymous Lightweight Access Control for Smart Medical Wearables

FA-SMW: Fog-Driven Anonymous Lightweight Access Control for Smart Medical Wearables

A Provably Secure and Lightweight Access Control Protocol for EI-Based Vehicle to Grid Environment

The Energy Internet (EI) presents a novel paradigm for renewable energy distribution that utilizes communication and computing technologies to revolutionize the conventional Intelligent Transportation Systems (ITSs) and power grid into a structure that provides assistance to open innovation. The EI offers sustainable and bidirectional transmission for the improvement and analysis of energy convention among Electric Vehicles (EVs) and service providers. To ensure efficient, reliable, and secure operation, EI must be safe from security attacks. Therefore, efficient and secure key negotiation is a significant issue for the EI-based Vehicle-to-Grid (V2G) architecture. Thus, to ensure the system’s security, we have devised a robust scheme to facilitate a secure key agreement between the entities involved for the secure and efficient renewable energy distribution for the EI-based energy vehicles in V2G. The devised scheme’s robustness is solicited through the widely-accepted formal Random or Real (RoR) model. In addition, the informal security analysis is conducted on the devised scheme, which is evident that the designed scheme achieves all the required security features of EI-based ITS. Moreover, the performance evaluation results endorse that the designed scheme achieves the desired security and minimizes the communication, computation, and energy overhead by 29.33%, 27.94% and 28.08% in comparison to the existing competitive schemes.

IOT Assisted ECG Monitoring Framework with Secure Data Transmission Application

The growing Internet of Things (IoT) frame work enables us to create tiny devices that are capable of sensing processing and communicating, enabling sensors, embedding devices and other' things 'to be created which will help to understand the environment. In this paper, the IoT assisted electrocardiogram (ECG) monitoring framework with secure data transmission has been proposed in this research. With the proposed IoT assisted ECG monitoring system, the development and implementation of a light weight ECG Signal Strength Analysis has been proposed for automatic classification and real time implementation, using ECG sensors, Arduino, Android phones, Bluetooth and cloud servers. The Light weight Secure IoT (LS-IoT) and Light weight Access Control (LAC) have been introduced for asecuredatatypetransmission.Real-timeanalysisandverificationareperformedontheECGsignalsobtainedfromtheMIT-BI Hand Physio Net Challenges databases as well as the ECG signals for various physical activities. The potential for determining the clinical acceptability of ECG signals to increase the effectiveness, accuracy, and dependability of an unsupervised diagnostic system is significant in the proposed IoT assisted ECG monitoring framework.

Smart Contract-Enabled Secure Sharing of Health Data for a Mobile Cloud-Based E-Health System

Healthcare comprises the largest revenue and data boom markets. Sharing knowledge about healthcare is crucial for research that can help healthcare providers and patients. Several cloud-based applications have been suggested for data sharing in healthcare. However, the trustworthiness of third-party cloud providers remains unclear. The third-party dependency problem was resolved using blockchain technology. The primary objective of this growth was to replace the distributed system with a centralized one. Therefore, security is a critical requirement for protecting health records. Efforts have been made to implement blockchain technology to improve the security of this sensitive material. However, existing methods depend primarily on information obtained from medical examinations. Furthermore, they are ineffective for sharing continuously produced data streams from sensors and other monitoring devices. We propose a trustworthy access control system that uses smart contracts to achieve greater security while sharing electronic health records among various patients and healthcare providers. Our concept offers an active resolution for secure data sharing in mobility computing while protecting personal health information from potential risks. In assessing existing data sharing models, the framework valuation and protection approach recognizes increases in the practicality of lightweight access control architecture, low network expectancy, and significant levels of security and data concealment.

Blockchain-based framework for secure and efficient exchange of electronic medical records on mobile cloud environments

The maintenance of Electronic Medical Records (EMRs) on mobile cloud platforms, in which mobile devices are incorporated with cloud computing to ease healthcare information exchange between healthcare providers and patients, has become a paradigm shift in latest days. This cutting-edge strategy makes it possible to provide medical care at a low overhead expense, with a high level of flexibility, and with electronic health record access. Furthermore, this new approach also expresses concern over the confidentiality of patient data and the safety of the networks that support e-health systems. It is a tough problem to figure out a way to effectively share EMRs amongst mobile users while also maintaining maximum security measures in mobile cloud environments. In this research, a novel framework is presented for the sharing of EMRs that integrates blockchain technology and the decentralized Interplanetary File System (DIFS) on a mobile cloud. The empirical results suggest that the concept offers a useful method for ensuring the reliability of data transfers on mobile clouds, while also preserving important patient data from any potential dangers that may arise. Comparing the results of this performance assessment and security analysis to those of previously implemented data sharing models reveals significant performance enhancements in areas such as lightweight access control method, minimal network latency, maximum security levels, and data privacy protections.

B-FLACS: blockchain-based flexible lightweight access control scheme for data sharing in cloud

B-FLACS: blockchain-based flexible lightweight access control scheme for data sharing in cloud

A blockchain-based lightweight access control solution in the healthcare sector for developing countries: A case from Conakry

A blockchain-based lightweight access control solution in the healthcare sector for developing countries: A case from Conakry

A Blockchain-based Lightweight Access Control Solution in the Healthcare Sector for Developing countries: A case from Conakry

A Blockchain-based Lightweight Access Control Solution in the Healthcare Sector for Developing countries: A case from Conakry

Blockchain Technology-Based Electronic Payment Strategy for City Mobile Pass Cards

Currently, there has been a paradigm shifted in the storing of electronic payment records (EPRs) on mobile distributed systems, wherein mobile devices are coupled with cloud computing to ease financial data transfers between consumers and stakeholders. This enhanced architecture allows low-cost online payment services with high versatility and EPR accessibility. Nevertheless, for e-payment platforms, such a new paradigm poses worries about data privacy and network security. A difficult challenge is how to reliably disseminate EPRs across mobile users while maintaining high-security security standards in the mobile cloud. This paper investigates and demonstrates the electronic payment approach of urban mobile pass cards’ dependability and excellence. Furthermore, on a mobile cloud platform, our technology integrates blockchain with the decentralized interplanetary file system (IPFS). We specifically create a reliable access control method on smart contracts to ensure secure EPR sharing across various clients and stakeholders. Our empirical results indicate that our concept provides a viable solution for data transfers on mobile clouds while protecting critical payment information from potential attacks. When compared to previous data sharing models, the system evaluation and security analysis show performance gains in lightweight access control architecture, minimal network latency with excellent security and data confidentiality levels.

Blockchain-Based Privacy Access Control Mechanism and Collaborative Analysis for Medical Images

Medical image analysis technology based on deep learning has played an important role in computer-aided disease diagnosis and treatment. Classification accuracy has always been the primary goal pursued by researchers. However, the image transmission process also faces the problems of limited wireless ad-hoc network (WAN) bandwidth and increased security risks. Moreover, when user data are exposed to unauthorized users, platforms can easily leak personal privacy. Aiming at the abovementioned problems, a system model and an access control scheme for the collaborative analysis of the diagnosis of diabetic retinopathy (DR) are constructed in this paper. The system model includes two stages of data cleaning and lesion classification. In the data cleaning phase, the private cloud writes the model obtained after training into the blockchain, and other private clouds use the best-performing model on the chain to identify the image quality when cleaning data and pass the high-quality image to the lesion classification model for use. In the lesion classification stage, each private cloud trains the classification model separately; uploads its own model parameters to the public cloud for aggregation to obtain a global model; and then sends the global model to each private cloud to achieve collaborative learning, reduce the amount of data transmission, and protect personal privacy. Access control schemes include improved role-based access control (RAC) used within the private cloud and blockchain-based access control used during the interaction between the private cloud and the public cloud program (BAC). RAC grants both functional rights and data access rights to roles and takes into account object attributes for fine-grained level control. Based on certificateless public-key encryption technology and blockchain technology, BAC can realize the identity authentication and authority identification of the private cloud while requesting the transmission of model parameters from the private cloud to the public cloud and protect the security of the identity, authority, and model parameters of the private cloud to achieve the effect of lightweight access control. In the experimental part, two retinal datasets are used for DR classification analysis. The results show that data cleaning can effectively remove low-quality images and improve the accuracy of early lesion classification for doctors, with an accuracy rate of 90.2%.

Secure Boolean Spatial Keyword Query With Lightweight Access Control in Cloud Environments

Spatial keyword query has attracted wide-spread academic and industrial concerns due to the popularity of location-based services and Internet of Things. To efficiently support the online query processing, the data owners need to outsource their data to cloud platforms. However, the outsourcing services may raise privacy leaking issues. Moreover, access control, another important security concern, is largely ignored. Therefore, we first propose and formalize the problem of secure boolean spatial keyword query under lightweight access control while guaranteeing the widely accepted <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">adaptive indistinguishability against chosen keyword attack</i> model. Then, we devise a novel hybrid Bloom filter encoding strategy, including a linear embedding and exponent-based transformation schemes and a secure index structure, called <monospace xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">SAGTree</monospace> . They can maintain both geo-text and access policy information together in a secure way while answering the encrypted queries under access control without decryption. Finally, we present the in-depth security analysis and demonstrate the performance of our proposed algorithms.

Privacy-Preserving Keyword Similarity Search Over Encrypted Spatial Data in Cloud Computing

With the proliferation of cloud computing, data owners can outsource the spatial data from the Internet of Things devices to a cloud server to enjoy the pay-as-you-go storage resources and location-based services. However, the outsourced services may raise privacy concerns, since the cloud server may not be fully trusted for both data owners and search users. If the data owners and search users conventionally encrypt the spatial data and query requests, the efficiency and functionality of query processing are weakened. Most of the existing works only focus on spatial data search or keyword search and do not consider spatial keyword search over encrypted data. In this article, we first design a geometric range query (GRQ) scheme, which can generate an arbitrary geometric range to fit the search user’s desired spatial data while protecting location privacy. Furthermore, based on GRQ, we propose a multidimensional spatial keyword similarity search scheme with access control (MSSAC) by integrating the polynomial function and matrix transformation. Specifically, an access control strategy is defined by a role-based polynomial function, which is embedded in the vectors of indices and trapdoors to achieve efficient and lightweight access control. Moreover, MSSAC enables the cloud server to execute compute-then-compare operations for spatial keyword search in a privacy-preserving manner by leveraging techniques of randomizable permutation and matrix multiplication. The formal security analyses and extensive experiments demonstrate that GRQ and MSSAC preserve the privacy of data owners and search users while achieving efficient spatial keyword search.

An access control protocol for IoT‐based critical infrastructure in smart grid environment

SummaryInformation and communication technology (ICT) can add appealing attributes such as transparency, energy conservation, cost reduction, reliability, and efficiency to the traditional power grid. The addition of these attributes is possible due to the concept of a smart grid (SG). However, ICT applications engender new access control challenges. Therefore, many studies have been conducted in recent years to investigate that the most significant challenge of the smart grid is privacy. In the light of these studies, two significant problems have been identified for SG access control protocols that must be addressed. First, we have all essential security requirements such as integrity, confidentiality, and authentication. Moreover, the cryptographic algorithms impose significant computational and communication costs on the system, however, in most of the contemporary infrastructure's devices usually have limited‐resource. Therefore, second, the lightweight design of access control protocols is also a significant challenge. To address these challenges, we introduce a provably secure and lightweight access control protocol for SGs that eliminates key exchange issues while increasing privacy and security. We evaluate the proposed protocol to determine its security strength against well‐known security attacks. Finally, we present a performance evaluation of the proposed protocol to demonstrate its efficiency in terms of computation and communication costs.

A faster outsourced medical image retrieval scheme with privacy preservation

With the rapid development of computer technology and medical imaging technology, medical images present an explosive growth. To save storage and computation overhead, hospitals often choose to outsource digital medical images to cloud server. Since medical images are a major auxiliary means for doctors’ diagnosis or medical researchers’ study, the secure retrieval of outsourced medical images is especially important. To address this problem, we propose a Faster outsourced Medical Image Retrieval scheme with privacy preservation (FMIR) in this paper. FMIR first makes a simple classification to outsourced medical images, which narrows the retrieval range and improves the retrieval efficiency compared with the existing unclassified retrieval schemes. Second, FMIR implements a lightweight access control for each class using polynomial-based access control strategy, which provides the fine-grained access control for better privacy protection of medical images. Third, FMIR reduces the interference of random numbers on relevant score to 0, which further improves the accuracy of the retrieval. Finally, the security and performance analysis show that FMIR is secure, accurate and efficient.

Secure Data Sharing with Efficient Key Update for Industrial Cloud-based Access Control

Sharing data in industrial cloud requires both secure and flexibility management of data shared among users in the industry. Users should have ability to access authorized portion of data from smart edge devices with integrated secure protocol for interacting with cloud storage. Among cryptographic-based access control solutions, ciphertext-policy attribute-based encryption (CP-ABE) is recognized as a suitable solution for supporting secure and fine-grained data access control for outsourced data. However, the attribute revocation is a major drawback of CP-ABE since it introduces subsequent costs such as ciphertext re-encryption, user key re-generation, and key re-distribution. Existing revocable CP-ABE based access control models have focused on minimizing the cost of communication and computation cost for ciphertext re-encryption. Unfortunately, the key update issue is subject to re-key generation as traditional CP-ABE does. In essence, key update becomes crucial when there are a high number of users accessing shared data in the cloud. In this paper, we propose a lightweight access control model featured with the efficient key updating scheme. Finally, the performance evaluation is conducted to demonstrate the efficiency of our proposed scheme.

A Fine-Grained and Lightweight Data Access Control Model for Mobile Cloud Computing

With rapidly increasing adoption of cloud computing and the advancement of today mobile computing, it is inevitable that mobile devices are used to receive and send the data through the mobile cloud platform. This increases the convenience and flexibility of data access over the cloud computing since data users are able to access the shared data anytime, anywhere via mobile devices. However, using mobile devices in accessing shared data in a cloud where the sensitive data is encrypted is not practical because mobile devices have limited computing resources in dealing with heavy cryptographic operations. In this article, we propose a lightweight collaborative ciphertext policy attribute role-based encryption (LW-C-CP-ARBE) scheme to support a fine-grained and lightweight access control for mobile cloud environment. We apply CP-ABE approach as a core cryptographic access control and introduce a new proxy re-encryption (PRE) protocol to reduce data re-encryption and decryption cost for the mobile users. To this end, the overhead in running the cryptographic operation at the end-user device is small. In addition, we develop secure access policy sharing and re-encryption protocol to enable users having write privilege to update the data and request the proxy to perform data re-encryption. Finally, we present the evaluation and experiments to demonstrate the efficiency and practicality of our system.

An ECC-based access control scheme with lightweight decryption and conditional authentication for data sharing in vehicular networks

Nowadays, more and more data are stored on cloud for sharing in vehicular networks, but the increasing number of cloud data security incidents makes how to guarantee confidentiality of sharing data one of the main concerns. Attribute-based encryption is considered as a suitable method to solve this issue. However, the requirements of lightweight and privacy make it difficult to apply the existing attribute-based encryption schemes directly in vehicular networks. In this paper, we put forward an access control scheme with lightweight decryption and conditional authentication for secure data sharing in vehicular networks. In this scheme, we extend elliptic-curve cryptography-based key-policy attribute-based encryption scheme with token-based decryption for lightweight access control. Moreover, we integrate Elliptic Curve Qu-Vanstone implicit certificate with ELGamal encryption algorithm to achieve both mutual authentication and conditional privacy protection. The performance analysis shows that the proposed scheme requires less time for both encryption and decryption on the user side. The security analysis shows that the proposed scheme can provide conditional anonymity.