Top

World Wide Web

Published in:

11-05-2017

DECENT: Secure and fine-grained data access control with policy updating for constrained IoT devices

Authors: Qinlong Huang, Licheng Wang, Yixian Yang

Published in: World Wide Web | Issue 1/2018

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The Internet of Things (IoT) is a novel paradigm where many of the objects that surround us can be connected to the internet. Since IoT is always related to user’s personal information, it raises lot of data security and privacy issues. In this paper, we present a secure and fine-grained data access control scheme for constrained IoT devices and cloud computing based on hierarchical attribute-based encryption, which reduces the key management by introducing hierarchical attribute authorities. In order to relieve local computation burden, we propose an outsourced encryption and decryption construction by delegating most of laborious operations to gateway and cloud server. Further, our scheme achieves efficient policy updating, which allows the sender device to update access policies without retrieving and re-encrypting the data. The security and performance analysis results show that our scheme is secure and efficient.

previous article An automatically vetting mechanism for SSL error-handling vulnerability in android hybrid Web apps

next article Securely outsourcing the ciphertext-policy attribute-based encryption

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Hur, J.: Attribute-based secure data sharing with hidden policies in smart grid. IEEE Transactions on Parallel and Distributed Systems. 24(11), 2171–2180 (2013)CrossRef

Barua, M., Liang, X., Lu, R., Shen, X.: ESPAC: enabling security and patient-centric access control for eHealth in cloud computing. International Journal of Security and Networks. 6(2), 67–76 (2011)CrossRef

Gubbia, J., Buyyab, R., Marusic, S., Palaniswami, M.: Internet of things (IoT): a vision, architectural elements, and future directions. Futur. Gener. Comput. Syst. 29(7), 2013 (1645-1660)

Ning, H., Liu, H., Yang, L.: Cyberentity security in the internet of things. Computer. 46(4), 46–53 (2013)CrossRef

Huang, Q., Ma, Z., Yang, Y., Fu, J., Niu, X.: EABDS: attribute-based secure data sharing with efficient revocation in cloud computing. Chin. J. Electron. 24(4), 862–868 (2015)CrossRef

Wang, G., Liu, Q., Wu, J., Guo, M.: Hierarchical attribute-based encryption and scalable user revocation for sharing data in cloud servers. Computers and Security. 30(5), 320–331 (2011)CrossRef

Huang, Q., Yang, Y., Shen, M.: Secure and efficient data collaboration with hierarchical attribute-based encryption in cloud computing. Futur. Gener. Comput. Syst. 72, 239–249 (2017)

Li, J., Huang, X., Li, J., Chen, X., Xiang, Y.: Securely outsourcing attribute-based encryption with checkability. IEEE Transactions on Parallel and Distributed Systems. 25(8), 2201–2210 (2014)CrossRef

Ying, Z., Li, H., Ma, J., Zhang, J., Cui, J.: Adaptively secure ciphertext-policy attribute-based encryption with dynamic policy updating. Science China Inf. Sci. 59(4), 1–16 (2016)CrossRef

10.

Thilakanathan, D., Chen, S., Nepal, S., Calvo, R., Alem, L.: A platform for secure monitoring and sharing of generic health data in the cloud. Futur. Gener. Comput. Syst. 35, 102–113 (2014)CrossRef

11.

C. Tan, H. Wang, S. Zhong, Q. Li. Body sensor network security: an identity-based cryptography approach. Proceedings of the First ACM Conference on Wireless Network Security, WiSec'08, Alexandria, Virginia, USA, 2008, pp. 148–153.

12.

A. Sahai, B. Waters. Fuzzy identity-based encryption. Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT'05, Aarhus, Denmark, 2005, pp. 457–473.

13.

A. Lewko, B. Waters. Decentralizing attribute-based encryption. Proceedings of the 30th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT'11, Tallinn, Estonia, 2011, pp. 568–588.

14.

Goyal V., Pandey O., Sahai A., Waters B.: Attribute-based encryption for fine-grained access control of encrypted data. Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS'06, New York, USA, 2006, pp. 89–98.

15.

J. Bethencourt, A. Sahai, B. Waters. Ciphertext-policy attribute-based encryption. Proceedings of 2007 I.E. Symposium on Security and Privacy, SP'07, Berkeley, California, USA, 2007, pp. 321–334.

16.

S. Ruj, A. Nayak, I. Stojmenovic. Distributed fine-grained access control in wireless sensor networks. Proceedings of 2011 I.E. International Parallel & Distributed Processing Symposium, IPDPS'11, Anchorage, Alaska, 2011, pp. 352–362.

17.

Yu, S., Ren, K., Lou, W.: FDAC: toward fine-grained distributed data access control in wireless sensor networks. IEEE Transactions on Parallel and Distributed Systems. 22(4), 673–686 (2011)CrossRef

18.

Hu, C., Li, H., Huo, Y., Xiang, T., Liao, X.: Secure and efficient data communication protocol for wireless body area networks. IEEE Transactions on Multi-Scale Computing Systems. 2(2), 94–107 (2016)CrossRef

19.

Yeh, L., Chiang, P., Tsai, Y., Huang, J.: Cloud-based fine-grained health information access control framework for lightweight IoT devices with dynamic auditing and attribute revocation. IEEE Transactions on Cloud Computing. doi:10.1109/TCC.2015.2485199

20.

Li, M., Yu, S., Zheng, Y., Ren, K., Lou, W.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Transactions on Parallel and Distributed Systems. 24(1), 131–143 (2013)CrossRef

21.

Yang, K., Jia, X.: Expressive, efficient, and revocable data access control for multi-authority cloud storage. IEEE Transactions on Parallel and Distributed Systems. 25(7), 2014 (1735-1744)

22.

Deng, H., Wu, Q., Qin, B., Domingo-Ferrer, J., Zhang, L., Liu, J., Shi, W.: Ciphertext-policy hierarchical attribute-based encryption with short ciphertexts. Inf. Sci. 275, 370–384 (2014)MathSciNetCrossRefMATH

23.

Hohenberger S., Waters B.: Online/offline attribute-based encryption. Proceedings of the 17th International Conference on Practice and Theory in Public-Key Cryptography, PKC'14, Buenos Aires, Argentina, 2014, pp. 293–310.

24.

Oualha N., Nguyen K.T.: Lightweight attribute-based encryption for the internet of things. Proceedings of the 25th International Conference on Computer Communications and Networks, ICCCN 2016, Waikoloa, Hawaii, USA, 2016, pp. 1–6.

25.

Lounis, A., Hadjidj, A., Bouabdallah, A., Challal, Y.: Healing on the cloud: secure cloud architecture for medical wireless sensor networks. Futur. Gener. Comput. Syst. 55, 266–277 (2016)CrossRef

26.

Ma, H., Zhang, R., Wan, Z., Lu, Y., Lin, S.: Verifiable and exculpable outsourced attribute-based encryption for access control in cloud computing. IEEE Transactions on Dependable and Secure Computing. doi:10.1109/TDSC.2015.2499755

27.

Yang Y., Zheng X., Tang C.: Lightweight distributed secure data management system for health internet of things. Journal of Network and Computer Applications. doi:10.1016/j.jnca.2016.11.017

28.

Yang L., Humayed A., Li F.: A multi-cloud based privacy-preserving data publishing scheme for the internet of things. Proceedings of the 32nd Annual Computer Security Applications Conference, ACSAC 2016, Los Angeles, California, USA, 2016, pp. 30–39.

29.

Sahai A., Seyalioglu H., Waters B.: Dynamic credentials and ciphertext delegation for attribute-based encryption. Proceedings of the 32nd Annual International Cryptology Conference, CRYPTO'12, Santa Barbara, CA, USA, 2012, pp. 199–217.

30.

Ruj, S., Nayak, A.: A decentralized security framework for data aggregation and access control in smart grids. IEEE Transactions on Smart Grid. 4(1), 196–205 (2013)CrossRef

31.

Yang, K., Jia, X., Ren, K.: Secure and verifiable policy update outsourcing for big data access control in the cloud. IEEE Transactions on Parallel and Distributed Systems. 26(12), 3461–3470 (2015)CrossRef

32.

Li, H., Liu, D., Alharbi, K., Zhang, S., Lin, X.: Enabling fine-grained access control with efficient attribute revocation and policy updating in smart grid. KSII Transactions on Internet and Information Systems. 9(4), 1404–1423 (2015)

Title: DECENT: Secure and fine-grained data access control with policy updating for constrained IoT devices
Authors: Qinlong Huang
Licheng Wang
Yixian Yang
Publication date: 11-05-2017
Publisher: Springer US
Published in: World Wide Web / Issue 1/2018
Print ISSN: 1386-145X
Electronic ISSN: 1573-1413
DOI: https://doi.org/10.1007/s11280-017-0462-0

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Other articles of this Issue 1/2018

An automatically vetting mechanism for SSL error-handling vulnerability in android hybrid Web apps

IIoT-SIDefender: Detecting and defense against the sensitive information leakage in industry IoT

Trustworthy service composition with secure data transmission in sensor networks

Traceability and visual analytics for the Internet-of-Things (IoT) architecture

Discovering and understanding android sensor usage behaviors with data flow analysis

An infrastructure framework for privacy protection of community medical internet of things

Premium Partner