A trust and attribute-based access control framework in internet of things

With the assistance of edge computing which reduces the heavy burden of the cloud center server by using the network edge servers, the Internet of Things (IoTs) architectures enable low latency for real-time devices and applications. However, there still exist security challenges on data access control for the IoT. Multiauthority attribute-based encryption (MA-ABE) is a promising technique to achieve access control over encrypted data in cross-domain applications. Based on the characteristics and technical requirements of the IoT, we propose an efficient fine-grained revocable large universe multiauthority access control scheme. In the proposed scheme, the most expensive encryption operations have been executed in the user’s initialization phase by adding a reusable ciphertext pool besides splitting the encryption algorithm to online encryption and offline encryption. Massive decryption operations are outsourced to the near-edge servers for reducing the computation overhead of decryption. An efficient revocation mechanism is designed to change users’ access privileges dynamically. Moreover, the scheme supports ciphertext verification. Only valid ciphertext can be stored and transmitted, which saves system resources. With the help of the chameleon hash function, the proposed scheme is proven CCA2-secure under the q-DPBDHE2 assumption. The performance analysis results indicate that the proposed scheme is efficient and suitable in edge computing for the IoT.

Download Full-text

Enhancing context data distribution for the internet of things using qoc-awareness and attribute-based access control

annals of telecommunications - annales des télécommunications ◽

10.1007/s12243-015-0480-9 ◽

2015 ◽

Vol 71 (3-4) ◽

pp. 121-132 ◽

Cited By ~ 10

Author(s):

Léon Lim ◽

Pierrick Marie ◽

Denis Conan ◽

Sophie Chabridon ◽

Thierry Desprats ◽

...

Keyword(s):

Internet Of Things ◽

Access Control ◽

Data Distribution ◽

The Internet ◽

Context Data ◽

Attribute Based Access Control ◽

The Internet Of Things

Download Full-text

An Intelligent Context Aware Based Access Control Framework to Prevent Attacker Nodes in Internet of Things

2018 4th International Conference on Computing Sciences (ICCS) ◽

10.1109/iccs.2018.00044 ◽

2018 ◽

Author(s):

Amritpal Kaur ◽

Isha Batra ◽

Aditya Bakshi

Keyword(s):

Internet Of Things ◽

Access Control ◽

Context Aware ◽

Control Framework

Download Full-text

ABSAC: Attribute-Based Access Control Model Supporting Anonymous Access for Smart Cities

Security and Communication Networks ◽

10.1155/2021/5531369 ◽

2021 ◽

Vol 2021 ◽

pp. 1-11

Author(s):

Runnan Zhang ◽

Gang Liu ◽

Shancang Li ◽

Yongheng Wei ◽

Quan Wang

Keyword(s):

Internet Of Things ◽

Access Control ◽

Private Information ◽

Smart Cities ◽

Control Model ◽

User Privacy ◽

Access Control Models ◽

The Subject ◽

Attribute Based Access Control ◽

Iot Devices

Smart cities require new access control models for Internet of Things (IoT) devices that preserve user privacy while guaranteeing scalability and efficiency. Researchers believe that anonymous access can protect the private information even if the private information is not stored in authorization organization. Many attribute-based access control (ABAC) models that support anonymous access expose the attributes of the subject to the authorization organization during the authorization process, which allows the authorization organization to obtain the attributes of the subject and infer the identity of the subject. The ABAC with anonymous access proposed in this paper called ABSAC strengthens the identity-less of ABAC by combining homomorphic attribute-based signatures (HABSs) which does not send the subject attributes to the authorization organization, reducing the risk of subject identity re-identification. It is a secure anonymous access framework. Tests show that the performance of ABSAC implementation is similar to ABAC’s performance.

Download Full-text

Attribute-Based Access Control Using Smart Contracts for the Internet of Things

Procedia Computer Science ◽

10.1016/j.procs.2020.06.079 ◽

2020 ◽

Vol 174 ◽

pp. 231-242

Author(s):

Lihua Song ◽

Mengchen Li ◽

Zongke Zhu ◽

Peng Yuan ◽

Yunhua He

Keyword(s):

Internet Of Things ◽

Access Control ◽

The Internet ◽

Smart Contracts ◽

Attribute Based Access Control ◽

The Internet Of Things

Download Full-text

Distributed access control framework for IPv6-based hierarchical internet of things

IEEE Wireless Communications ◽

10.1109/mwc.2016.7721737 ◽

2016 ◽

Vol 23 (5) ◽

pp. 17-23 ◽

Cited By ~ 3

Author(s):

Yun Li ◽

Kok Keong Chai ◽

Yue Chen ◽

Jonathan Loo

Keyword(s):

Internet Of Things ◽

Access Control ◽

Distributed Access Control ◽

Control Framework

Download Full-text

An Access Control Framework for Cloud-Enabled Wearable Internet of Things

2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC) ◽

10.1109/cic.2017.00050 ◽

2017 ◽

Cited By ~ 11

Author(s):

Smriti Bhatt ◽

Farhan Patwa ◽

Ravi Sandhu

Keyword(s):

Internet Of Things ◽

Access Control ◽

Control Framework

Download Full-text

An Integrated Privacy Preserving Attribute Based Access Control Framework Supporting Secure Deduplication

IEEE Transactions on Dependable and Secure Computing ◽

10.1109/tdsc.2019.2946073 ◽

2019 ◽

pp. 1-1

Author(s):

Runhua Xu ◽

James Joshi ◽

Prashant Krishnamurthy

Keyword(s):

Access Control ◽

Privacy Preserving ◽

Control Framework ◽

Attribute Based Access Control

Download Full-text

LIP-PA: A Logistics Information Privacy Protection Scheme with Position and Attribute-Based Access Control on Mobile Devices

Wireless Communications and Mobile Computing ◽

10.1155/2018/9436120 ◽

2018 ◽

Vol 2018 ◽

pp. 1-14 ◽

Cited By ~ 6

Author(s):

Qi Gao ◽

Junwei Zhang ◽

Jianfeng Ma ◽

Chao Yang ◽

Jingjing Guo ◽

...

Keyword(s):

Internet Of Things ◽

Access Control ◽

Mobile Devices ◽

Privacy Protection ◽

Personal Information ◽

Information Privacy ◽

Smart Devices ◽

Protection Scheme ◽

Logistics Information ◽

Attribute Based Access Control

With the fast development of Logistics Internet of Things and smart devices, the security of express information processed by mobile devices in Logistics Internet of Things has attracted much attention. However, the existing secure express schemes only focus on privacy protection of personal information but do not consider the security of the logistics information against couriers with malicious mobile devices. For example, a privacy-preserving delivery path should be required in order to prevent the privacy leakage in the express delivery procedure. Therefore, besides the security of personal information, the privacy protection of logistics information and authentication of mobile devices used in express company are important to security in Logistics Internet of Things. In this paper, we propose a secure logistics information scheme LIP-PA to provide privacy protection of both personal information and logistics information. First, we define the basic requirements of Logistics Internet of Things. Then, using attribute-based encryption and position-based key exchange, we propose a logistics information privacy protection scheme with position and attribute-based access control for mobile devices. The analysis results show that our scheme satisfies the defined requirements. Finally, the performance of our scheme is evaluated and the experiment results show that our scheme is efficient and feasible for mobile devices in real parcel delivery scenario.

Download Full-text