With the high popularity of IoT devices, industrial IoT platforms, such as smart factories and oilfield industrial control systems, have become a new trend in the development of smart city. Although various manufacturers pay wide attention to the different functional requirements of IoT platforms, they seldom consider security issues, especially in terms of data security, which has led to a large number of cases of privacy leakage. Some works have been made to provide secure and reliable communication solutions for industrial IoT platforms, unfortunately, as different communication protocols and interaction models are adopted in different scenarios, these solutions are mainly isolated and fragmented. Therefore, it is an urgent challenge to construct a universal cross-platform secure communication scheme for industrial IoT platforms. In this article, we analyze the logic and requirements of different industrial IoT scenarios to abstracts them into a universal model. We summarize the possible attacks on different industrial IoT platforms and design a security scheme to capture these attacks based on the conditional proxy re-encryption primitive. The proposed scheme ensures that data cannot be accessed by an unauthorized user. We also evaluate the security and performance of our scheme, and the experimental results show that our scheme can achieve the functionality and security requirements with low overhead.

中文翻译：

---

智慧城市工业物联网平台数据安全的细粒度方案


随着物联网设备的高度普及，智能工厂、油田工控系统等工业物联网平台已成为智慧城市发展的新趋势。虽然各厂商广泛关注物联网平台的不同功能需求，但很少考虑安全问题，尤其是数据安全方面，从而导致大量隐私泄露的案例。为工业物联网平台提供安全可靠的通信解决方案已经做了一些工作，但不幸的是，由于不同场景采用不同的通信协议和交互模型，这些解决方案主要是孤立和碎片化的。因此，为工业物联网平台构建通用的跨平台安全通信方案是一项紧迫的挑战。在本文中，我们分析了不同工业物联网场景的逻辑和需求，将其抽象为通用模型。我们总结了对不同工业物联网平台可能发生的攻击，并设计了一种基于条件代理重加密原语的安全方案来捕获这些攻击。所提出的方案确保未经授权的用户无法访问数据。我们还评估了我们的方案的安全性和性能，实验结果表明我们的方案可以以较低的开销实现功能和安全要求。