scholarly journals A Non-Interactive Attribute-Based Access Control Scheme by Blockchain for IoT

Electronics ◽  
2021 ◽  
Vol 10 (15) ◽  
pp. 1855
Author(s):  
Qiliang Yang ◽  
Mingrui Zhang ◽  
Yanwei Zhou ◽  
Tao Wang ◽  
Zhe Xia ◽  
...  
Keyword(s):  
Access Control ◽  
High Efficiency ◽  
Denial Of Service ◽  
Control Mechanisms ◽  
Access Policy ◽  
Blockchain Technology ◽  
Access Problem ◽  
Data User ◽  
Control Scheme ◽  
Attribute Based Access Control

As an important method of protecting data confidentiality in the Internet of Things (IoT), access control has been widely concerned. Because attribute-based access control mechanisms are dynamic, it is not only suitable to solve the dynamic access problem in IoT, but also to deal with the dynamic caused by node movement and access data change. The traditional centralized attribute-based access control mechanism has some problems: due to the large number of devices in IoT, the central trusted entity may become the bottleneck of the whole system. Moreover, when a central trusted entity is under distributed denial-of-service (DDoS) attack, the entire system may crash. Blockchain is a good way to solve the above problems. Therefore, we developed a non-interactive, attribute-based access control scheme that applies blockchain technology in IoT scenarios by using PSI technology. In addition, the attributes of data user and data holder are hidden, which protects the privacy of both parties’ attributes and access policy. Furthermore, the experimental results indicate that our scheme has high efficiency.

scholarly journals Enabling Efficient Decentralized and Privacy Preserving Data Sharing in Mobile Cloud Computing

2021 ◽  
Vol 2021 ◽  
pp. 1-15
Author(s):  
Jiawei Zhang ◽  
Ning Lu ◽  
Teng Li ◽  
Jianfeng Ma
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Mobile Devices ◽  
Data Sharing ◽  
Mobile Cloud Computing ◽  
High Efficiency ◽  
Mobile Cloud ◽  
User Privacy ◽  
Access Policy ◽  
Fine Grained

Mobile cloud computing (MCC) is embracing rapid development these days and able to provide data outsourcing and sharing services for cloud users with pervasively smart mobile devices. Although these services bring various conveniences, many security concerns such as illegally access and user privacy leakage are inflicted. Aiming to protect the security of cloud data sharing against unauthorized accesses, many studies have been conducted for fine-grained access control using ciphertext-policy attribute-based encryption (CP-ABE). However, a practical and secure data sharing scheme that simultaneously supports fine-grained access control, large university, key escrow free, and privacy protection in MCC with expressive access policy, high efficiency, verifiability, and exculpability on resource-limited mobile devices has not been fully explored yet. Therefore, we investigate the challenge and propose an Efficient and Multiauthority Large Universe Policy-Hiding Data Sharing (EMA-LUPHDS) scheme. In this scheme, we employ fully hidden policy to preserve the user privacy in access policy. To adapt to large scale and distributed MCC environment, we optimize multiauthority CP-ABE to be compatible with large attribute universe. Meanwhile, for the efficiency purpose, online/offline and verifiable outsourced decryption techniques with exculpability are leveraged in our scheme. In the end, we demonstrate the flexibility and high efficiency of our proposal for data sharing in MCC by extensive performance evaluation.

Privacy-Preserving Decentralized Key-Policy Attribute-Based Signcryption in Cloud Computing Environments

2013 ◽  
Vol 475-476 ◽  
pp. 1144-1149
Author(s):  
Xian Yong Meng ◽  
Zhong Chen ◽  
Xiang Yu Meng
Keyword(s):  
Cloud Computing ◽  
Access Control ◽  
Secret Sharing ◽  
Public Key ◽  
Control Scheme ◽  
Public Keys ◽  
Key Policy ◽  
Computing Environments ◽  
Attribute Based Access Control ◽  
Signcryption Scheme

In this paper, a novel decentralized key-policy attribute-based signcryption (ABS) scheme is proposed, where each authority can generate secret-public key pair for the user independently without any cooperation and a centralized authority. In the proposed scheme, each authority can join or leave the system randomly without reinitializing the system,and issue secret-public keys to user respectively. Therefore, it is clear that the multi-authority attribute-based access control scheme can reduce the communication cost and the collaborative computing cost. Additionally, the attribute-based signcryption scheme is efficient in terms of both the identification authentication and the confidential communication, and can realize security secret sharing in cloud computing environments.

scholarly journals Hybrid Role and Attribute Based Access Control Applied in Information Systems

2021 ◽  
Vol 21 (3) ◽  
pp. 85-96
Author(s):  
Maria Penelova
Keyword(s):  
Information Systems ◽  
Access Control ◽  
Accounting Information ◽  
Role Based Access Control ◽  
Accounting Information System ◽  
Fine Grained ◽  
Proposed Model ◽  
Control Scheme ◽  
Attribute Based Access Control ◽  
Role Based

Abstract It this paper it is proposed a new access control model – Hybrid Role and Attribute Based Access Control (HRABAC). It is an extension of Role-Based Access Control (RBAC). HRABAC is designed for information systems and enterprise software and combines the advantages of RBAC and Attribute-Based Access Control (ABAC). HRABAC is easy configurable, fine-grained and supports role hierarchies. The proposed model HRABAC describes the access control scheme in Laravel package laravelroles/rolespermissions, which is developed by the author of the paper, as an answer to the requirements of practice of fine-grained and easy configurable access control solution. Laravel is chosen, because it is the most popular and the most widely used PHP framework. The package laravelroles/rolespermissions is developed on Laravel so that maximum number of programmers could use it. This package contains working and tested functionalities for managing users, roles and permissions, and it is applied in accounting information system.

Detecting Incorrect Uses of Combining Algorithms in XACML 3.0 Policies

2015 ◽  
Vol 25 (09n10) ◽  
pp. 1551-1571
Author(s):  
Dianxiang Xu ◽  
Ning Shen ◽  
Yunpeng Zhang
Keyword(s):  
Access Control ◽  
Theoretical Foundation ◽  
Empirical Studies ◽  
Denial Of Service ◽  
Control Methods ◽  
Constraint Solver ◽  
Access Control Policies ◽  
Policy Composition ◽  
Attribute Based Access Control ◽  
The Given

With the increasing complexity of software, new access control methods have emerged to deal with attribute-based authorization. As a standard language for specifying attribute-based access control policies, XACML offers a number of rule and policy combining algorithms to meet different needs of policy composition. Due to their variety and complexity, however, it is not uncommon to apply combining algorithms incorrectly, which can lead to unauthorized access or denial of service. To solve this problem, this paper presents a fault-based testing approach for revealing incorrect combining algorithms in XACML 3.0 policies. The theoretical foundation of this approach relies on the formalization of semantic differences between rule combining algorithms and between policy combining algorithms. It allows the use of a constraint solver for generating queries to which a given policy produces different responses than its combining algorithm-based mutants. Such queries can determine whether or not the given combining algorithm is used correctly. Our empirical studies using various XACML policies have demonstrated that our approach is effective.

scholarly journals Task-Attribute-Based Access Control Scheme for IoT via Blockchain

2020 ◽  
Vol 65 (3) ◽  
pp. 2441-2453
Author(s):  
Hao Chen ◽  
Wunan Wan ◽  
Jinyue Xia ◽  
Shibin Zhang ◽  
Jinquan Zhang ◽  
...  
Keyword(s):  
Access Control ◽  
Control Scheme ◽  
Attribute Based Access Control

scholarly journals A Survey on Secure and Verifiable Access Control Scheme for Enormous Information Storage In Clouds

2018 ◽  
Vol 7 (3.27) ◽  
pp. 412
Author(s):  
R S. Akshaya Subhasri ◽  
M Ranganayaki ◽  
K Ulaga Priya ◽  
K Kalaivani ◽  
A Sartiha
Keyword(s):  
Access Control ◽  
Open Source ◽  
Information Storage ◽  
Public Key ◽  
Public Key Cryptosystem ◽  
Plain Text ◽  
Main System ◽  
Data User ◽  
Control Scheme ◽  
Lattice Based Cryptography

A secure and verifiable access control scheme for enormous information storage in cloud is based on   open source public-key cryptosystem that uses lattice-based cryptography to encrypt and decrypt data .To overcome the decryption failures of the original LLL, the NTRU decryption algorithm is analysed. It allows to analyze it correctness, accuracy, security qualities and computational effectiveness. When a new entry permission is granted by the data users. It allows the cloud main system to update the cipher method details. It also able to update the counter against the hacking behavior on the cloud. It includes the data holder and eligible users who need to check the data user for accessing the data, the user check the content given by the next user for accurate plain text recovery. Through test shows, this scheme can prevent qualified user against hacking together with some other different raid  such as scam attacks.  

Sign in / Sign up

Export Citation Format

Share Document