scholarly journals BSSPD: A Blockchain-Based Security Sharing Scheme for Personal Data with Fine-Grained Access Control

2021 ◽  
Vol 2021 ◽  
pp. 1-20
Author(s):  
Hongmin Gao ◽  
Zhaofeng Ma ◽  
Shoushan Luo ◽  
Yanping Xu ◽  
Zheng Wu
Keyword(s):  
Access Control ◽  
Data Sharing ◽  
Personal Data ◽  
Security And Privacy ◽  
Access Policy ◽  
Fine Grained ◽  
Sharing Scheme ◽  
Data Owner ◽  
Data User ◽  
Cloud Server

Privacy protection and open sharing are the core of data governance in the AI-driven era. A common data-sharing management platform is indispensable in the existing data-sharing solutions, and users upload their data to the cloud server for storage and dissemination. However, from the moment users upload the data to the server, they will lose absolute ownership of their data, and security and privacy will become a critical issue. Although data encryption and access control are considered up-and-coming technologies in protecting personal data security on the cloud server, they alleviate this problem to a certain extent. However, it still depends too much on a third-party organization’s credibility, the Cloud Service Provider (CSP). In this paper, we combined blockchain, ciphertext-policy attribute-based encryption (CP-ABE), and InterPlanetary File System (IPFS) to address this problem to propose a blockchain-based security sharing scheme for personal data named BSSPD. In this user-centric scheme, the data owner encrypts the sharing data and stores it on IPFS, which maximizes the scheme’s decentralization. The address and the decryption key of the shared data will be encrypted with CP-ABE according to the specific access policy, and the data owner uses blockchain to publish his data-related information and distribute keys for data users. Only the data user whose attributes meet the access policy can download and decrypt the data. The data owner has fine-grained access control over his data, and BSSPD supports an attribute-level revocation of a specific data user without affecting others. To further protect the data user’s privacy, the ciphertext keyword search is used when retrieving data. We analyzed the security of the BBSPD and simulated our scheme on the EOS blockchain, which proved that our scheme is feasible. Meanwhile, we provided a thorough analysis of the storage and computing overhead, which proved that BSSPD has a good performance.

scholarly journals A Secured Proxy-Based Data Sharing Module in IoT Environments Using Blockchain

Sensors ◽  
2019 ◽  
Vol 19 (5) ◽  
pp. 1235 ◽  
Author(s):  
Kwame Obour Agyekum ◽  
Qi Xia ◽  
Emmanuel Sifah ◽  
Jianbin Gao ◽  
Hu Xia ◽  
...  
Keyword(s):  
Access Control ◽  
Data Sharing ◽  
Security And Privacy ◽  
Inner Product ◽  
Data Confidentiality ◽  
Collusion Attacks ◽  
Fine Grained ◽  
Computing Paradigm ◽  
Attribute Based Encryption ◽  
Data Owner

Access and utilization of data are central to the cloud computing paradigm. With the advent of the Internet of Things (IoT), the tendency of data sharing on the cloud has seen enormous growth. With data sharing comes numerous security and privacy issues. In the process of ensuring data confidentiality and fine-grained access control to data in the cloud, several studies have proposed Attribute-Based Encryption (ABE) schemes, with Key Policy-ABE (KP-ABE) being the prominent one. Recent works have however suggested that the confidentiality of data is violated through collusion attacks between a revoked user and the cloud server. We present a secured and efficient Proxy Re-Encryption (PRE) scheme that incorporates an Inner-Product Encryption (IPE) scheme in which decryption of data is possible if the inner product of the private key, associated with a set of attributes specified by the data owner, and the associated ciphertext is equal to zero 0 . We utilize a blockchain network whose processing node acts as the proxy server and performs re-encryption on the data. In ensuring data confidentiality and preventing collusion attacks, the data are divided into two, with one part stored on the blockchain network and the other part stored on the cloud. Our approach also achieves fine-grained access control.

scholarly journals Enabling Efficient Decentralized and Privacy Preserving Data Sharing in Mobile Cloud Computing

2021 ◽  
Vol 2021 ◽  
pp. 1-15
Author(s):  
Jiawei Zhang ◽  
Ning Lu ◽  
Teng Li ◽  
Jianfeng Ma
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Mobile Devices ◽  
Data Sharing ◽  
Mobile Cloud Computing ◽  
High Efficiency ◽  
Mobile Cloud ◽  
User Privacy ◽  
Access Policy ◽  
Fine Grained

Mobile cloud computing (MCC) is embracing rapid development these days and able to provide data outsourcing and sharing services for cloud users with pervasively smart mobile devices. Although these services bring various conveniences, many security concerns such as illegally access and user privacy leakage are inflicted. Aiming to protect the security of cloud data sharing against unauthorized accesses, many studies have been conducted for fine-grained access control using ciphertext-policy attribute-based encryption (CP-ABE). However, a practical and secure data sharing scheme that simultaneously supports fine-grained access control, large university, key escrow free, and privacy protection in MCC with expressive access policy, high efficiency, verifiability, and exculpability on resource-limited mobile devices has not been fully explored yet. Therefore, we investigate the challenge and propose an Efficient and Multiauthority Large Universe Policy-Hiding Data Sharing (EMA-LUPHDS) scheme. In this scheme, we employ fully hidden policy to preserve the user privacy in access policy. To adapt to large scale and distributed MCC environment, we optimize multiauthority CP-ABE to be compatible with large attribute universe. Meanwhile, for the efficiency purpose, online/offline and verifiable outsourced decryption techniques with exculpability are leveraged in our scheme. In the end, we demonstrate the flexibility and high efficiency of our proposal for data sharing in MCC by extensive performance evaluation.

scholarly journals Traceable Attribute-Based Secure Data Sharing with Hidden Policies in Mobile Health Networks

2020 ◽  
Vol 2020 ◽  
pp. 1-12
Author(s):  
Xueyan Liu ◽  
Yukun Luo ◽  
Xiaotao Yang
Keyword(s):  
Bilinear Pairing ◽  
Health Networks ◽  
Access Policy ◽  
Fine Grained ◽  
Attribute Based Encryption ◽  
Data Owner ◽  
Data User ◽  
Efficient Scheme ◽  
And Performance ◽  
The One

The growing need to store, share, and manage medical and health records has resulted in electronic medical health sharing system (mHealth), which provides intelligent medical treatment for people. Attribute-based encryption (ABE) is regarded as a new cryptology to enhance fine-grained access control over encrypted sharing data in mHealth. However, some existing attribute-based mHealth systems not only violate the one-to-many application characteristics of attribute-based encryption mechanism but also destroy the anonymity of user. In this study, an efficient scheme is proposed to tackle the above defaults and offer two-way anonymity of data owner and data user by introducing a pseudoidentity. The computation of hidden access policy is reduced by removing the bilinear pairing, whereas the interaction between cloud storage and data user is avoided to save bandwidth during trapdoor generation. We also consider the temporal factor of the uploaded information by introducing access validity. Security and performance analyses show that the proposed scheme is efficient without reducing security.

scholarly journals BFR-SE: A Blockchain-Based Fair and Reliable Searchable Encryption Scheme for IoT with Fine-Grained Access Control in Cloud Environment

2021 ◽  
Vol 2021 ◽  
pp. 1-21
Author(s):  
Hongmin Gao ◽  
Shoushan Luo ◽  
Zhaofeng Ma ◽  
Xiaodan Yan ◽  
Yanping Xu
Keyword(s):  
Access Control ◽  
Service Providers ◽  
Auxiliary Information ◽  
Bloom Filter ◽  
Searchable Encryption ◽  
Security And Privacy ◽  
Encryption Scheme ◽  
Fine Grained ◽  
Data User ◽  
Iot Devices

Due to capacity limitations, large amounts of data generated by IoT devices are often stored on cloud servers. These data are usually encrypted to prevent the disclosure, which significantly affects the availability of this data. Searchable encryption (SE) allows a party to store his data created by his IoT devices or mobile in encryption on the cloud server to protect his privacy while retaining his ability to search for data. However, the general SE techniques are all pay-then-use. The searchable encryption service providers (SESP) are considered curious but honest, making it unfair and unreliable. To address these problems, we combined ciphertext-policy attribute-based encryption, Bloom filter, and blockchain to propose a blockchain-based fair and reliable searchable encryption scheme (BFR-SE) in this paper. In BFR-SE, we constructed an attribute-based searchable encryption model that can provide fine-grained access control. The data owner stores the indices on SESP and stores some additional auxiliary information on the blockchain. After a data user initiates a request, SESP must return the correct and integral search results before the deadline. Otherwise, the data user can send an arbitration request, and the blockchain will make a ruling. The blockchain will only perform arbitrations based on auxiliary information when disputes arise, saving the computing resources on-chain. We analyzed the security and privacy of BFR-SE and simulated our scheme on the EOS blockchain, which proves that BFR-SE is feasible. Meanwhile, we provided a thorough analysis of storage and computing overhead, proving that BFR-SE is practical and has good performance.

scholarly journals A Review of fine grained access control techniques

2018 ◽  
Vol 7 (2.7) ◽  
pp. 20 ◽  
Author(s):  
Rakesh Shirsath ◽  
Dr K. V. Daya Sagar
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Data Access ◽  
Control Approach ◽  
Access Policy ◽  
Fine Grained ◽  
Data Access Control ◽  
Encrypt Data ◽  
Cloud Server ◽  
Access Policies

Nowadays cloud computing is most demanding technology where computing resources are availed as per demand through Internet. Cloud computing model also brings many challenges for confidentiality, integrity, privacy of data and data access control. As cloud computing develops vigorously, an increasing number of enterprises and individuals are motivated to upload their data sources to the public cloud server for sharing. It is not entirely credible for enterprises and individuals to transfer data owing to the openness of the cloud server, so they must encrypt data before uploading and also loose direct control of data. Therefore, an elastic access control or fine-grained access control approach for data is urgently required and becomes a challenging open problem. In this paper, the issue of access control is discussed by defining traditional access policies. Attribute based access policy is analysed with its types. Finally, comparison is made among all policies with respect to various parameters.

Blockchain-Based Access Control and Data Sharing Mechanism in Cloud Decentralized Storage System

2021 ◽  
Author(s):  
Yogesh M Gajmal ◽  
R. Udayakumar
Keyword(s):  
Access Control ◽  
Data Sharing ◽  
Data Security ◽  
Cloud Storage ◽  
Control Method ◽  
Single Point ◽  
Storage System ◽  
Data Encryption ◽  
Data Owner ◽  
Data User

Access control is a major factor in enhancing data security in the cloud storage system. However, the existing data sharing and the access control method have privacy data leakage and key abuse, which is a major challenge in the research community. Therefore, an effective method named Blockchain-based access control and data sharing approach is developed in the cloud storage system to increase data security. The proposed Blockchain-based access control and data sharing approach effectively solve single-point failure in the cloud system. It provides more benefits by increasing the throughput and reducing the cost. The Data user (DU) makes the registration request using the ID and password and forwards it to the Data Owner (DO), which processes the request and authenticates the Data user. The information of the data owner is embedded in the transactional blockchain using the encrypted master key. The Data owner achieves the data encryption process, and encrypted files are uploaded to the Interplanetary File System (IPFS). Based on the encrypted file location and encrypted key, the Data owner generates the ciphertext metadata and is embedded in the transactional blockchain. The proposed Blockchain-based access control and data sharing approach achieved better performance using the metrics, like a better genuine user detection rate of 95% and lower responsiveness of 25sec with the blockchain of 100 sizes.

A Secure Revocable Fine-grained Access Control and Data Sharing Scheme for SCADA in IIoT Systems

2021 ◽  
pp. 1-1
Author(s):  
Weiting Zhang ◽  
Hanyi Zhang ◽  
Liming Fang ◽  
Zhe Liu ◽  
Chunpeng Ge
Keyword(s):  
Access Control ◽  
Data Sharing ◽  
Fine Grained ◽  
Sharing Scheme

Personal health records sharing scheme based on attribute based signcryption with data integrity verifiable

2021 ◽  
pp. 1-34
Author(s):  
Isaac Amankona Obiri ◽  
Qi Xia ◽  
Hu Xia ◽  
Eric Affum ◽  
Smahi Abla ◽  
...  
Keyword(s):  
Access Control ◽  
Keyword Search ◽  
Data Integrity ◽  
Personal Health Records ◽  
Personal Health ◽  
Health Records ◽  
Fine Grained ◽  
Sharing Scheme ◽  
Query Result ◽  
Cloud Server

The distribution of personal health records (PHRs) via a cloud server is a promising platform as it reduces the cost of data maintenance. Nevertheless, the cloud server is semi-trusted and can expose the patients’ PHRs to unauthorized third parties for financial gains or compromise the query result. Therefore, ensuring the integrity of the query results and privacy of PHRs as well as realizing fine-grained access control are critical key issues when PHRs are shared via cloud computing. Hence, we propose new personal health records sharing scheme with verifiable data integrity based on B+ tree data structure and attribute-based signcryption scheme to achieve data privacy, query result integrity, unforgeability, blind keyword search, and fine-grained access control.

scholarly journals A Distributed Access Control with Outsourced Computation in Fog Computing

2019 ◽  
Vol 2019 ◽  
pp. 1-10 ◽  
Author(s):  
Qihua Wang ◽  
Huaqun Wang ◽  
Yufeng Wang ◽  
Rui Guo
Keyword(s):  
Access Control ◽  
Electronic Health Records ◽  
Rapid Development ◽  
Security And Privacy ◽  
Health Records ◽  
Fine Grained ◽  
Outsourced Computation ◽  
Cloud Server ◽  
Electronic Health ◽  
Internet Of Things Technology

With the rapid development of information technology and the Internet of Things Technology (IOT), data security and healthy privacy are getting a lot of attention. In order to store, access, and share electronic health records, storage of this data is transferred to a third-party-cloud server. The security and privacy of electronic health records stored at date center or cloud server are not guaranteed. Before being sent to date center or cloud server, this data should be encrypted. Designing an efficient and secure fine-grained access control strategy for personal health records is facing enormous challenges. Security and privacy for electronic health records are very important because the electronic health data which plays an important role in medical server and treatment is directly associated with a particular patient. Attribute-based encryption (ABE) can effectively achieve fine-grained access control. However, the computation of bilinear pairings requires a large amount of computation overhead in ABE scheme. In order to decrease the computational overhead and ensure the confidentiality of electronic health records, a distributed fine-grained access control scheme with outsourced computation for IOT is proposed in this paper. Little calculation is executed by the receiver and sender in our proposed scheme. Outsourcing computing reduces the computing burden. The analyses of safety and performance show that our proposed scheme is safe and effective compared with previous schemes.

Sign in / Sign up

Export Citation Format

Share Document