Multi-Authority Criteria-Based Encryption Scheme for IoT

Currently, the Internet of Things (IoT) provides individuals with real-time data processing and efficient data transmission services, relying on extensive edge infrastructures. However, those infrastructures may disclose sensitive information of consumers without authorization, which makes data access control to be widely researched. Ciphertext-policy attribute-based encryption (CP-ABE) is regarded as an effective cryptography tool for providing users with a fine-grained access policy. In prior ABE schemes, the attribute universe is only managed by a single trusted central authority (CA), which leads to a reduction in security and efficiency. In addition, all attributes are considered equally important in the access policy. Consequently, the access policy cannot be expressed flexibly. In this paper, we propose two schemes with a new form of encryption named multi-authority criteria-based encryption (CE) scheme. In this context, the schemes express each criterion as a polynomial and have a weight on it. Unlike ABE schemes, the decryption will succeed if and only if a user satisfies the access policy and the weight exceeds the threshold. The proposed schemes are proved to be secure under the decisional bilinear Diffie–Hellman exponent assumption (q-BDHE) in the standard model. Finally, we provide an implementation of our works, and the simulation results indicate that our schemes are highly efficient.

Download Full-text

Efficient Data Access Control for Cloud Computing With Large Universe and Traceable Attribute-Based Encryption

International Journal of Fuzzy System Applications ◽

10.4018/ijfsa.2020100103 ◽

2020 ◽

Vol 9 (4) ◽

pp. 61-81

Author(s):

G. Sravan Kumar

Keyword(s):

Access Control ◽

Data Access ◽

Fine Grained ◽

Data Access Control ◽

Attribute Based Encryption ◽

Efficient Data ◽

Commercial Applications ◽

Setup Phase ◽

Ciphertext Policy ◽

Access Policies

Ciphertext-policy attribute-based encryption (CP-ABE) schemes provide fine-grained access control for the data stored in cloud computers. However, commercial CP-ABE applications need a new encryption scheme for providing two properties such as: supporting large universe attribute and traceability. First, a large universe attribute allows the attribute authority to use any number of attributes in the system. i.e., the attribute universe is dynamic, and it is not fixed at the setup phase. Second, traceable CP-ABE systems trace the dishonest users who intentionally leak the private key for their profit. In this article, a large universe CP-ABE system with white box traceability has been proposed. The attribute universe of the proposed technique is exponentially larger, and it is polynomially unbound. Further, this technique will trace the identity of users who involve in malicious activities. In addition, the proposed scheme can express any kind of monotonic tree access policies into linear secret sharing structure (LSSS). Compared with the existing schemes that are presented to achieve the same property, proposed scheme has achieved better experimental results and so it is applicable for commercial applications.

Download Full-text

Secure Data Access Control with Cipher Text Update and Computation Outsourcing in Fog Computing for Internet of Things

Turkish Journal of Computer and Mathematics Education (TURCOMAT) ◽

10.17762/turcomat.v12i2.1441 ◽

2021 ◽

Vol 12 (2) ◽

pp. 1592-1597

Author(s):

Shaik Jaffer Vali , Et. al.

Keyword(s):

Access Control ◽

Fog Computing ◽

Information Access ◽

Security Analysis ◽

Data Access ◽

The Novel ◽

Fine Grained ◽

Cipher Text ◽

Data Access Control ◽

Ciphertext Policy

Fog Computing is a region of Computer Science that is under steady construction and development, and related to data security, the worldview turns out to be more solid and secure for IoT's edge stages. The verification of limited memory devices has serious issues since memory utilization is high when applied with different models that have the motivation behind shared confirmation. In this paper, we propose the Novel cipher text-based encryption model (NCEM) which has an information access control plot dependent on Ciphertext-Policy it give information privacy, fine-grained control, and mysterious validation in a multi-authority fog computing framework. The sign cryption and plan cryption overhead for the client is altogether diminished by redistributing the bothersome calculation tasks to fog hubs. The proposed conspire is demonstrated to be secure in the standard model and can give trait repudiation and public unquestionable status. The security analysis, asymptotic multifaceted nature examination, and implementation results demonstrate that our construction can offset the security objectives with useful effectiveness in calculation.

Download Full-text

A Review of fine grained access control techniques

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i2.7.10249 ◽

2018 ◽

Vol 7 (2.7) ◽

pp. 20 ◽

Cited By ~ 2

Author(s):

Rakesh Shirsath ◽

Dr K. V. Daya Sagar

Keyword(s):

Cloud Computing ◽

Access Control ◽

Data Access ◽

Control Approach ◽

Access Policy ◽

Fine Grained ◽

Data Access Control ◽

Encrypt Data ◽

Cloud Server ◽

Access Policies

Nowadays cloud computing is most demanding technology where computing resources are availed as per demand through Internet. Cloud computing model also brings many challenges for confidentiality, integrity, privacy of data and data access control. As cloud computing develops vigorously, an increasing number of enterprises and individuals are motivated to upload their data sources to the public cloud server for sharing. It is not entirely credible for enterprises and individuals to transfer data owing to the openness of the cloud server, so they must encrypt data before uploading and also loose direct control of data. Therefore, an elastic access control or fine-grained access control approach for data is urgently required and becomes a challenging open problem. In this paper, the issue of access control is discussed by defining traditional access policies. Attribute based access policy is analysed with its types. Finally, comparison is made among all policies with respect to various parameters.

Download Full-text

Efficient Data Access Control with Fine-Grained Data Protection in Cloud-Assisted IIoT

IEEE Internet of Things Journal ◽

10.1109/jiot.2020.3020979 ◽

2020 ◽

pp. 1-1 ◽

Cited By ~ 1

Author(s):

Saiyu Qi ◽

Youshui Lu ◽

Wei Wei ◽

Xiaofeng Chen

Keyword(s):

Access Control ◽

Data Protection ◽

Data Access ◽

Fine Grained ◽

Data Access Control ◽

Efficient Data

Download Full-text

Enabling efficient traceable and revocable time-based data sharing in smart city

EURASIP Journal on Wireless Communications and Networking ◽

10.1186/s13638-021-02072-5 ◽

2022 ◽

Vol 2022 (1) ◽

Author(s):

Jiawei Zhang ◽

Teng Li ◽

Qi Jiang ◽

Jianfeng Ma

Keyword(s):

Access Control ◽

Data Sharing ◽

Smart City ◽

Large Scale ◽

Fog Computing ◽

Data Access ◽

Sensitive Information ◽

Fine Grained ◽

Data Access Control ◽

Security Proof

AbstractWith the assistance of emerging techniques, such as cloud computing, fog computing and Internet of Things (IoT), smart city is developing rapidly into a novel and well-accepted service pattern these days. The trend also facilitates numerous relevant applications, e.g., smart health care, smart office, smart campus, etc., and drives the urgent demand for data sharing. However, this brings many concerns on data security as there is more private and sensitive information contained in the data of smart city applications. It may incur disastrous consequences if the shared data are illegally accessed, which necessitates an efficient data access control scheme for data sharing in smart city applications with resource-poor user terminals. To this end, we proposes an efficient traceable and revocable time-based CP-ABE (TR-TABE) scheme which can achieve time-based and fine-grained data access control over large attribute universe for data sharing in large-scale smart city applications. To trace and punish the malicious users that intentionally leak their keys to pursue illicit profits, we design an efficient user tracing and revocation mechanism with forward and backward security. For efficiency improvement, we integrate outsourced decryption and verify the correctness of its result. The proposed scheme is proved secure with formal security proof and is demonstrated to be practical for data sharing in smart city applications with extensive performance evaluation.

Download Full-text

A Survey: Attribute Based Encryption for Secure Cloud

IJOSTHE ◽

10.24113/ojssports.v5i3.70 ◽

2018 ◽

Vol 5 (3) ◽

pp. 12

Author(s):

Aayushi Priya ◽

Rajeev Tiwari

Keyword(s):

Cloud Computing ◽

Data Privacy ◽

Data Access ◽

Cloud Services ◽

Sensitive Information ◽

Access Policy ◽

Private Key ◽

Cipher Text ◽

Data Access Control ◽

Attribute Based Encryption

Cloud computing is an enormous area which shares huge amount of data over cloud services and it has been increasing with its on-demand technology. Since, with these versatile cloud services, when the delicate data stored within the cloud storage servers, there are some difficulties which has to be managed like its Security Issues, Data Privacy, Data Confidentiality, Data Sharing and its integrity over the cloud servers dynamically. Also, the authenticity and data access control should be maintained in this wide environment. Thus, Attribute based Encryption (ABE) is a significant version of cryptographic technique in the cloud computing environment. Public Key Encryption acts as the basic technique for ABE where it provides one to many encryptions, here, the private key of users & the cipher-text both rely on attributes such that, when the set of the attributes of users key matches set of attributes of cipher-text with its corresponding access policy, only then decryption is possible. Thus, an opponent could grant access to the sensitive information that holds multiple keys, if it has at least one individual key for accession. The techniques based on ABE consist of two types: KP-ABE (Key- Policy ABE) where the user’s private key is linked to an access structure (or access policy) over attributes and cipher-text is connected to the set of attributes, and CP-ABE (cipher-text policy ABE) is vice versa. Hence, in this, Review we discuss about the various security techniques and relations based on Attributes Based Encryption, especially, the type KP-ABE over data attributes which explains secured methods & its schemes related to time specifications.

Download Full-text

A Secure and Fine-Grained Big Data Access Control Scheme for Cloud-Based Services

International Journal of Scientific Research in Computer Science Engineering and Information Technology ◽

10.32628/cseit206448 ◽

2020 ◽

pp. 254-262

Author(s):

Nisha J William ◽

Nisha O S

Keyword(s):

Cloud Computing ◽

Big Data ◽

Access Control ◽

Data Access ◽

End Users ◽

Access Policy ◽

Fine Grained ◽

Data Access Control ◽

Control Scheme ◽

Access Policies

Cloud computing is the delivery of computing services including servers, storage, databases, networking, software, analytics, and intelligence over the Internet. Nowadays, access control is one of the most critical problems with cloud computing. Ciphertext-Policy Attribute Based Encryption (CP-ABE) is a promising encryption technique that enables end-users to encrypt their data under the access policies defined over some attributes of data consumers and only allows data consumers whose attributes satisfy the access policies to decrypt the data. In CP-ABE, the access policy is attached to the ciphertext in plaintext form, which may also leak some private information about end-users. Existing methods only partially hide the attribute values in the access policies, while the attribute names are still unprotected. This paper proposes an efficient and fine-grained big data access control scheme with privacy-preserving policy. Specifically, it hides the whole attribute (rather than only its values) in the access policies. To assist data decryption, it designs an algorithm called Attribute Bloom Filter to evaluate whether an attribute is in the access policy and locate the exact position in the access policy if it is in the access policy. The paper also deals with offline attribute guessing attack. Security analysis and performance evaluation show that this scheme can preserve the privacy from any LSSS access policy without employing much overhead.

Download Full-text

Outsourced ciphertext-policy attribute-based encryption with partial policy hidden

International Journal of Distributed Sensor Networks ◽

10.1177/1550147720926368 ◽

2020 ◽

Vol 16 (5) ◽

pp. 155014772092636

Author(s):

Jinxia Yu ◽

Guanghui He ◽

Xixi Yan ◽

Yongli Tang ◽

Rongxia Qin

Keyword(s):

Bilinear Pairing ◽

Sensitive Information ◽

Privacy Concerns ◽

Access Policy ◽

Fine Grained ◽

Attribute Based Encryption ◽

Cloud Server ◽

And Performance ◽

Ciphertext Policy ◽

Access Policies

Attribute-based encryption is an efficient and flexible fine-grained access control scheme. However, how to realize the attribute privacy concerns in the access policy and optimize the heavy computing overhead have been not adequately addressed. First, in view of the open-access policies formulated by data owners in the cloud environment and the linear growth of bilinear pairing operations with the number of attributes in the decryption process, a verifiable outsourced attribute-based encryption with partial policy hidden scheme is proposed, in which the attribute name of access policy can be sent while attribute value involving sensitive information can be hidden, so nobody can infer information from the access policy. Second, the bilinear pairing operation and modular power operation are outsourced to the cloud server, then users only need to perform constant exponential operation to decrypt. In addition, the proposed scheme is based on the composite order bilinear group and satisfies full secure under the standard model. Finally, compared with other schemes in term of function and performance, it shows that this scheme is more efficient and suitable for resource-constrained mobile devices in outsourcing environment.

Download Full-text

Ciphertext-policy attribute-based encryption with hidden sensitive policy from keyword search techniques in smart city

EURASIP Journal on Wireless Communications and Networking ◽

10.1186/s13638-020-01875-2 ◽

2021 ◽

Vol 2021 (1) ◽

Author(s):

Fei Meng ◽

Leixiao Cheng ◽

Mingqiang Wang

Keyword(s):

Smart City ◽

Keyword Search ◽

Sensitive Information ◽

Security Model ◽

Computational Overhead ◽

Diffie Hellman ◽

Attribute Based Encryption ◽

Iot Devices ◽

Ciphertext Policy ◽

Access Policies

AbstractCountless data generated in Smart city may contain private and sensitive information and should be protected from unauthorized users. The data can be encrypted by Attribute-based encryption (CP-ABE), which allows encrypter to specify access policies in the ciphertext. But, traditional CP-ABE schemes are limited because of two shortages: the access policy is public i.e., privacy exposed; the decryption time is linear with the complexity of policy, i.e., huge computational overheads. In this work, we introduce a novel method to protect the privacy of CP-ABE scheme by keyword search (KS) techniques. In detail, we define a new security model called chosen sensitive policy security: two access policies embedded in the ciphertext, one is public and the other is sensitive and hidden. If user's attributes don't satisfy the public policy, he/she cannot get any information (attribute name and its values) of the hidden one. Previous CP-ABE schemes with hidden policy only work on the “AND-gate” access structure or their ciphertext size or decryption time maybe super-polynomial. Our scheme is more expressive and compact. Since, IoT devices spread all over the smart city, so the computational overhead of encryption and decryption can be shifted to third parties. Therefore, our scheme is more applicable to resource-constrained users. We prove our scheme to be selective secure under the decisional bilinear Diffie-Hellman (DBDH) assumption.

Download Full-text