Towards Time-Sensitive and Verifiable Data Aggregation for Mobile Crowdsensing

Mobile crowdsensing systems use the extraction of valuable information from the data aggregation results of large-scale IoT devices to provide users with personalized services. Mobile crowdsensing combined with edge computing can improve service response speed, security, and reliability. However, previous research on data aggregation paid little attention to data verifiability and time sensitivity. In addition, existing edge-assisted data aggregation schemes do not support access control of large-scale devices. In this study, we propose a time-sensitive and verifiable data aggregation scheme (TSVA-CP-ABE) supporting access control for edge-assisted mobile crowdsensing. Specifically, in our scheme, we use attribute-based encryption for access control, where edge nodes can help IoT devices to calculate keys. Moreover, IoT devices can verify outsourced computing, and edge nodes can verify and filter aggregated data. Finally, the security of the proposed scheme is theoretically proved. The experimental results illustrate that our scheme outperforms traditional ones in both effectiveness and scalability under time-sensitive constraints.

Download Full-text

A Key-Policy Searchable Attribute-Based Encryption Scheme for Efficient Keyword Search and Fine-Grained Access Control over Encrypted Data

Electronics ◽

10.3390/electronics8030265 ◽

2019 ◽

Vol 8 (3) ◽

pp. 265 ◽

Cited By ~ 3

Author(s):

Hui Yin ◽

Yinqiao Xiong ◽

Jixin Zhang ◽

Lu Ou ◽

Shaolin Liao ◽

...

Keyword(s):

Access Control ◽

Large Scale ◽

Keyword Search ◽

Data Access ◽

Encryption Scheme ◽

Encrypted Data ◽

Fine Grained ◽

Data Access Control ◽

Attribute Based Encryption ◽

Key Policy

Attribute based encryption is a promising technique that achieves flexible and fine-grained data access control over encrypted data, which is very suitable for a secure data sharing environment such as the currently popular cloud computing. However, traditional attribute based encryption fails to provide an efficient keyword based search on encrypted data, which somewhat weakens the power of this encryption technique, as search is usually the most important approach to quickly obtain data of interest from large-scale dataset. To address this problem, attribute based encryption with keyword search (ABKS) is designed to achieve fine-grained data access control and keyword based search, simultaneously, by an ingenious combination of attribute based encryption and searchable encryption. Recently, several ABKS schemes have been constructed in secure cloud storage system for data access control and keyword search. Nonetheless, each of these schemes has some defects such as impractical computation overhead and insufficient access policy expression. To overcome these limitations, in this paper, we design a Key-Policy Searchable Attribute-based Encryption Scheme (KPSABES) based on the full-blown key-policy attribute-based encryption proposed by Vipul Goyal et al. By novel design, our scheme not only inherits all advantages of that scheme but also achieves efficient and secure keyword search over encrypted data. We provide the detailed performance analyses and security proofs for our scheme. Extensive experiments demonstrated that our proposed scheme is superior in many aspects to the similar work.

Download Full-text

A Comprehensive Review of Access Control Mechanism Based on Attribute Based Encryption Scheme for Cloud Computing

International Journal of Advanced Pervasive and Ubiquitous Computing ◽

10.4018/ijapuc.2019070103 ◽

2019 ◽

Vol 11 (3) ◽

pp. 33-52

Author(s):

Lokesh B. Bhajantri ◽

Tabassum N. Mujawar

Keyword(s):

Cloud Computing ◽

Access Control ◽

Large Scale ◽

Control Mechanism ◽

Fine Grained ◽

Prevailing Paradigm ◽

Attribute Based Encryption ◽

Encryption Schemes ◽

Access Control Mechanism ◽

A New Technique

Cloud computing is the most prevailing paradigm, which provides computing resources and services over the Internet. Due to immense development in services provided by cloud computing, the trend to share large-scale and confidential data on cloud has been increased. Though cloud computing provides many benefits, ensuring security of the data stored in cloud is the biggest challenge. The security concern about the data becomes main barrier for adoption of cloud. One of the important security aspects is fine grained access control mechanism. The most widely used and efficient access control scheme for cloud computing is Attribute Based Encryption (ABE). The Attribute Based Encryption (ABE) scheme provides a new technique for embedding access policies cryptographically into encryption process. The article presents an overview of various existing attribute-based encryption schemes and traditional access control models. Also, the comparison of existing ABE schemes for cloud computing, on basis of various criteria is presented in the article.

Download Full-text

Ensuring Purpose Limitation in Large-Scale Infrastructures with Provenance-Enabled Access Control

Sensors ◽

10.3390/s21093041 ◽

2021 ◽

Vol 21 (9) ◽

pp. 3041

Author(s):

Shizra Sultan ◽

Christian D. Jensen

Keyword(s):

Access Control ◽

Large Scale ◽

Control Mechanism ◽

Personal Information ◽

Fair Share ◽

Data Usage ◽

Personalized Services ◽

Access Control Mechanism ◽

Distributed Infrastructures

The amount of data generated in today’s world has a fair share of personal information about individuals that helps data owners and data processors in providing them with personalized services. Different legal and regulatory obligations apply to all data owners collecting personal information, specifying they use it only for the agreed-upon purposes and in a transparent way to preserve privacy. However, it is difficult to achieve this in large-scale and distributed infrastructures as data is continuously changing its form, such as through aggregation with other sources or the generation of new transformed resources, resulting often in the loss or misinterpretation of the collection purpose. In order to preserve the authorized collection purposes, we propose data is added as a part of immutable and append-only resource metadata (provenance), to be retrieved by an access control mechanism when required for data-usage verification. This not only ensures purpose limitation in large-scale infrastructures but also provides transparency for individuals and auditing authorities to track how personal information is used.

Download Full-text

Entitlement-Based Access Control for Smart Cities Using Blockchain

Sensors ◽

10.3390/s21165264 ◽

2021 ◽

Vol 21 (16) ◽

pp. 5264

Author(s):

Fariza Sabrina ◽

Julian Jang-Jaccard

Keyword(s):

Access Control ◽

Large Scale ◽

Smart Cities ◽

Qualitative Evaluation ◽

Control Solution ◽

Resource Owner ◽

Access Rights ◽

Iot Devices ◽

The Internet Of Things ◽

Analyze Data

Smart cities use the Internet of Things (IoT) devices such as connected sensors, lights, and meters to collect and analyze data to improve infrastructure, public utilities, and services. However, the true potential of smart cities cannot be leveraged without addressing many security concerns. In particular, there is a significant challenge for provisioning a reliable access control solution to share IoT data among various users across organizations. We present a novel entitlement-based blockchain-enabled access control architecture that can be used for smart cities (and for any ap-plication domains that require large-scale IoT deployments). Our proposed entitlement-based access control model is flexible as it facilitates a resource owner to safely delegate access rights to any entities beyond the trust boundary of an organization. The detailed design and implementation on Ethereum blockchain along with a qualitative evaluation of the security and access control aspects of the proposed scheme are presented in the paper. The experimental results from private Ethereum test networks demonstrate that our proposal can be easily implemented with low latency. This validates that our proposal is applicable to use in the real world IoT environments.

Download Full-text

Blockchain-Based Secured Access Control in an IoT System

Applied Sciences ◽

10.3390/app11041772 ◽

2021 ◽

Vol 11 (4) ◽

pp. 1772

Author(s):

Sultan Algarni ◽

Fathy Eassa ◽

Khalid Almarhabi ◽

Abduallah Almalaise ◽

Emad Albassam ◽

...

Keyword(s):

Access Control ◽

Secure Communication ◽

Large Scale ◽

Third Party ◽

Security And Privacy ◽

Multi Agent System ◽

Secure Access ◽

Multi Agent ◽

Iot Devices ◽

Privacy Issues

The distributed nature of Internet of Things (IoT) and its rapid increase on a large scale raises many security and privacy issues. Access control is one of the major challenges currently addressed through centralized approaches that may rely on a third party and they are constrained by availability and scalability, which may result in a performance bottleneck. Therefore, this paper proposes a novel solution to manage the delivery of lightweight and decentralized secure access control of an IoT system based on a multi-agent system and a blockchain. The main objective of the proposed solution is to build Blockchain Managers (BCMs) for securing IoT access control, as well as allowing for secure communication between local IoT devices. Moreover, the solution also enables secure communication between IoT devices, fog nodes and cloud computing.

Download Full-text

A Comprehensive Review of Access Control Mechanism Based on Attribute Based Encryption Scheme for Cloud Computing

Research Anthology on Artificial Intelligence Applications in Security ◽

10.4018/978-1-7998-7705-9.ch042 ◽

2021 ◽

pp. 899-921

Author(s):

Lokesh B. Bhajantri ◽

Tabassum N. Mujawar

Keyword(s):

Cloud Computing ◽

Access Control ◽

Large Scale ◽

Control Mechanism ◽

Fine Grained ◽

Prevailing Paradigm ◽

Attribute Based Encryption ◽

Encryption Schemes ◽

Access Control Mechanism ◽

A New Technique

Download Full-text

Attribute-Based Encryption as a Service for Access Control in Large-Scale Organizations

Foundations and Practice of Security - Lecture Notes in Computer Science ◽

10.1007/978-3-319-75650-9_1 ◽

2018 ◽

pp. 3-17

Author(s):

Johannes Blömer ◽

Peter Günther ◽

Volker Krummel ◽

Nils Löken

Keyword(s):

Access Control ◽

Large Scale ◽

Attribute Based Encryption

Download Full-text

Offline/Online Outsourced Attribute-Based Encryption with Partial Policy Hidden for the Internet of Things

Journal of Sensors ◽

10.1155/2020/8861114 ◽

2020 ◽

Vol 2020 ◽

pp. 1-11

Author(s):

Xixi Yan ◽

Guanghui He ◽

Jinxia Yu ◽

Yongli Tang ◽

Mingjie Zhao

Keyword(s):

Internet Of Things ◽

Large Scale ◽

Personal Data ◽

The Internet ◽

Cloud Platform ◽

Computational Overhead ◽

Attribute Based Encryption ◽

Wide Range ◽

Iot Devices ◽

The Internet Of Things

In the Internet of Things (IoT) environment, the intelligent devices collect and share large-scale sensitive personal data for a wide range of application. However, the power of storage and computing of IoT devices is limited, so the mass perceived data will be encrypted and transmitted to a cloud platform-interconnected IoT devices. Therefore, the concern how to save the encryption/decryption cost and preserve the privacy of the sensitive data in IoT environment is an issue that deserves research. To mitigate these issues, an offline/online attribute-based encryption scheme that supports partial policy hidden and outsourcing decryption will be proposed. This scheme adopts offline/online attribute-based encryption algorithms; then, the key generation algorithm and encryption algorithm are divided into two stages: offline stage and online stage. Meanwhile, in order to solve the problem of policy disclosure under the cloud platform, the policy hidden is supported, that is, the attribute is divided into the attribute value and the attribute name. For the pairing operation involved in decryption process, a verifiable outsourced decryption is implemented. Our scheme is constructed based on composite bilinear groups, which meets full security under the standard model. Finally, by comparing with other schemes in terms of functionality and computational overhead, it is shown that the proposed scheme is more efficient and applicable to the mobile devices with limited computing and storage functions in the Internet of Things environment.

Download Full-text

A Lightweight Authentication and Authorization Framework for Blockchain-Enabled IoT Network in Health-Informatics

Sustainability ◽

10.3390/su12176960 ◽

2020 ◽

Vol 12 (17) ◽

pp. 6960 ◽

Cited By ~ 2

Author(s):

Muhammad Tahir ◽

Muhammad Sardaraz ◽

Shakoor Muhammad ◽

Muhammad Saud Khan

Keyword(s):

Access Control ◽

Health Informatics ◽

Large Scale ◽

Denial Of Service ◽

Distributed Applications ◽

Third Party ◽

Security And Privacy ◽

Smart Healthcare ◽

Authentication And Authorization ◽

Iot Devices

Blockchain and IoT are being deployed at a large scale in various fields including healthcare for applications such as secure storage, transactions, and process automation. IoT devices are resource-constrained, have no capability of security and self-protection, and can easily be hacked or compromised. Furthermore, Blockchain is an emerging technology with immutability features which provide secure management, authentication, and guaranteed access control to IoT devices. IoT is a cloud-based internet service in which processing and collection of user’s data are accomplished remotely. Smart healthcare also requires the facility to provide the diagnosis of patients located remotely. The smart health framework faces critical issues such as data security, costs, memory, scalability, trust, and transparency between different platforms. Therefore, it is important to handle data integrity and privacy as the user’s authenticity is in question due to an open internet environment. Several techniques are available that primarily focus on resolving security issues i.e., forgery, timing, denial of service and stolen smartcard attacks, etc. Blockchain technology follows the rules of absolute privacy to identify the users associated with transactions. The motivation behind the use of Blockchain in health informatics is the removal of the centralized third party, immutability, improved data sharing, enhanced security, and reduced overhead costs in distributed applications. Healthcare informatics has some specific requirements associated with the security and privacy along with the additional legal requirements. This paper presents a novel authentication and authorization framework for Blockchain-enabled IoT networks using a probabilistic model. The proposed framework makes use of random numbers in the authentication process which is further connected through joint conditional probability. Hence, it establishes a secure connection among IoT devices for further data acquisition. The proposed model is validated and evaluated through extensive simulations using the AVISPA tool and the Cooja simulator, respectively. Experimental results analyses show that the proposed framework provides robust mutual authenticity, enhanced access control, and lowers both the communication and computational overhead cost as compared to others.

Download Full-text

LP-SBA-XACML. (c2019)

10.26756/th.2020.168 ◽

2019 ◽

Author(s):

◽

Mohamad A. Chehab

Keyword(s):

Large Scale ◽

Real Life ◽

Smart Devices ◽

Time Behavior ◽

User Privacy ◽

Sensitive Data ◽

Private Data ◽

Personalized Services ◽

Protection Mechanisms ◽

Iot Devices

The wide applicability of Internet of Things (IoT) would truly enable the pervasiveness of smart devices for sensing data. IoT coupled with machine learning would enter us in an era of smart and personalized, services. In order to achieve service personalization, there is a need to collect sensitive data about the users. That yields to privacy concerns due to the possibility of abusing the data or having attackers to gain unauthorized access. Moreover, the nature of IoT devices, being resource and computationally constrained, makes it di cult to perform heavy protection mechanisms. Despite the presence of several solutions for protecting user privacy, they were not created for the purpose of running on small devices at a large scale. On top of that, existing solutions lack the customization of user privacy in which users have little to no control over their own private data. In this regards, we address the aforementioned issue of protecting user's privacy while taking into account e ciency as well as memory usage. The proposed scheme embeds an e cient and lightweight algebra based that targets user privacy and provides e cient policy evaluation. Moreover, an intelligent model to customize user's privacy based on real time behavior is integrated. Experiments conducted on synthetic and real-life scenarios to demonstrate the feasibility and relevance of our proposed framework within IoT environment.

Download Full-text