当前位置: X-MOL 学术Sustain. Comput. Inform. Syst. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
PAC-FIT: An efficient privacy preserving access control scheme for fog-enabled IoT
Sustainable Computing: Informatics and Systems ( IF 4.5 ) Pub Date : 2021-03-04 , DOI: 10.1016/j.suscom.2021.100527
Richa Sarma , Chandan Kumar , Ferdous Ahmed Barbhuiya

With the proliferation of data produced by IoT devices, a new paradigm called fog computing has developed that allows processing and analysis of data at the edge. Together with fog, cloud computing co-exists for purposes such as enormous storage, processing resources, etc. However, storage and computation of data at various levels increase the risk of data privacy. Therefore, an access control mechanism is necessary for the fog-cloud framework in an IoT environment. Ciphertext-policy attribute-based encryption (CP-ABE) is a well-known cryptographic mechanism that provides confidentiality and fine-grained access control. Unfortunately, the existing CP-ABE schemes are not well suited for the cloud-fog-IoT environment as they do not provide the following functionalities together: key-escrow resistance, attribute revocation, attribute addition, and outsourcing of expensive operations. Therefore, this paper proposes a CP-ABE scheme named PAC-FIT that supports key-escrow resistance, attribute revocation, and attribute addition features. Additionally, the expensive encryption and decryption operations are outsourced to fog nodes, which greatly reduces the computational overhead from resource-constrained IoT devices. Further, the tasks of attribute revocation and addition are also outsourced to third parties. The cost incurred during attribute revocation and addition are efficient as only those key components and ciphertexts are updated, which are associated with revoked or added attributes. Meanwhile, unlike existing CP-ABE schemes, the user holds a constant size secret key, which remains unchanged throughout. The security analysis proves that PAC-FIT is secure against Chosen-Plaintext Attack under Decisional Bilinear Diffie-Hellman assumption. The performance analysis shows that PAC-FIT is efficient and suitable for IoT devices.



中文翻译:

PAC-FIT:针对启用雾的物联网的高效隐私保护访问控制方案

随着物联网设备产生的数据的激增,一种称为雾计算的新范式得以发展,它可以在边缘进行数据的处理和分析。云计算与雾计算并存,例如用于巨大的存储,处理资源等目的。但是,不同级别的数据存储和计算会增加数据隐私的风险。因此,物联网环境中的雾云框架需要一种访问控制机制。基于密文策略的基于属性的加密(CP-ABE)是一种众所周知的加密机制,可提供机密性和细粒度的访问控制。不幸的是,现有的CP-ABE方案不能同时提供以下功能,因此不适用于云雾物联网环境:密钥托管抵抗,属性吊销,属性添加,并外包昂贵的业务。因此,本文提出了一种名为PAC-FIT的CP-ABE方案,该方案支持密钥托管抗性,属性吊销和属性添加功能。此外,昂贵的加密和解密操作已外包给雾节点,这大大减少了资源受限的IoT设备的计算开销。此外,属性吊销和添加的任务也外包给第三方。在属性吊销和添加期间所产生的成本是有效的,因为仅更新那些与吊销或添加的属性相关联的关键组件和密文。同时,与现有的CP-ABE方案不同,用户拥有恒定大小的密钥,该密钥始终保持不变。安全性分析证明,在决策双线性Diffie-Hellman假设下,PAC-FIT对选择的明文攻击是安全的。性能分析表明,PAC-FIT高效且适用于物联网设备。

更新日期:2021-03-11
down
wechat
bug