OAC-HAS: outsourced access control with hidden access structures in fog-enhanced IoT systems,Connection Science

当前位置： X-MOL 学术 › Connect. Sci. › 论文详情

Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)

OAC-HAS: outsourced access control with hidden access structures in fog-enhanced IoT systems
Connection Science ( IF 3.2 ) Pub Date : 2020-11-23 , DOI: 10.1080/09540091.2020.1841096
Jiale Zhang ₁ , Zhen Cheng ₁ , Xiang Cheng ₁ , Bing Chen _{1,

2}

Affiliation

ABSTRACT

Fog computing is recently a novel distributed computing paradigm that performs a significant achievement in the latency-sensitive smart Internet of Things (IoT) applications. However, the security and privacy issues, such as data leakage, still challenge the wide deployment of fog computing infrastructure. To guarantee data confidentiality and meanwhile achieving fine-grained access control, Ciphertext-Policy Attribute-Based Encryption (CP-ABE) promises to provide a flexible access policy for securely sharing data among users, fog nodes, and cloud center. However, due to the complicated cryptographic operations, CP-ABE has met a significant drawback that requires heavy computation resources on the user-side. In this paper, we propose an outsourced access control scheme with hidden access structures, named OAC-HAS, in fog-enhanced IoT systems. The contributions of our OAC-HAS scheme are three-folds. Firstly, we introduce a fog-cloud computing (FCC) environment which has the outsourcing capability. Then, we design an outsource verification mechanism to guarantee the correctness of executing cryptographic operations on the fog nodes. Finally, we also provide a privacy guarantee that prevents information leakage from the access structures. Security analysis and experimental results show that the proposed OAC-HAS scheme achieves flexible access policy, privacy-preserving, and high efficiency in fog-enhanced IoT systems.

中文翻译：

OAC-HAS：在雾增强的物联网系统中具有隐藏访问结构的外包访问控制

摘要

雾计算是最近一种新颖的分布式计算范式，它在对延迟敏感的智能物联网 (IoT) 应用程序中取得了重大成就。然而，数据泄露等安全和隐私问题仍然挑战雾计算基础设施的广泛部署。为了保证数据的机密性，同时实现细粒度的访问控制，Ciphertext-Policy Attribute-Based Encryption (CP-ABE) 承诺提供灵活的访问策略，以在用户、雾节点和云中心之间安全地共享数据。然而，由于密码操作复杂，CP-ABE 遇到了一个显着的缺点，即需要用户侧大量的计算资源。在本文中，我们提出了一种在雾增强型物联网系统中具有隐藏访问结构的外包访问控制方案，称为 OAC-HAS。我们的 OAC-HAS 计划的贡献是三方面的。首先，我们介绍了一个具有外包能力的雾云计算（FCC）环境。然后，我们设计了一种外包验证机制来保证在雾节点上执行密码操作的正确性。最后，我们还提供隐私保证，防止信息从访问结构泄漏。安全分析和实验结果表明，所提出的 OAC-HAS 方案在雾增强的物联网系统中实现了灵活的访问策略、隐私保护和高效率。我们设计了外包验证机制来保证在雾节点上执行密码操作的正确性。最后，我们还提供隐私保证，防止信息从访问结构泄漏。安全分析和实验结果表明，所提出的 OAC-HAS 方案在雾增强的物联网系统中实现了灵活的访问策略、隐私保护和高效率。我们设计了外包验证机制来保证在雾节点上执行密码操作的正确性。最后，我们还提供隐私保证，防止信息从访问结构泄漏。安全分析和实验结果表明，所提出的 OAC-HAS 方案在雾增强的物联网系统中实现了灵活的访问策略、隐私保护和高效率。

更新日期：2020-11-23

点击分享查看原文

点击收藏

阅读更多本刊最新论文本刊介绍/投稿指南11