Top

Published in:

2019 | OriginalPaper | Chapter

Fine-Grained Access Control in Industrial Internet of Things

Evaluating Outsourced Attribute-Based Encryption

Authors : Dominik Ziegler, Josef Sabongui, Gerald Palfinger

Published in: ICT Systems Security and Privacy Protection

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Putting Attribute-Based Encryption (ABE) to the test, we perform a thorough performance analysis of ABE with outsourced decryption. In order to do so, we implemented a purely Java and Kotlin based Ciphertext-Policy Attribute-Based Encryption (CP-ABE) system. We specifically focus on the requirements and conditions of the Industrial Internet of Things (IIoT), including attribute revocation and limited computing power. We evaluate our system on both resource-constrained devices and high-performance cloud instances. Furthermore, we compare the overhead of our implementation with classical asymmetric encryption algorithms like RSA and ECC.

To demonstrate compatibility with existing solutions, we evaluate our implementation in the Siemens MindSphere IIoT operating system. Our results show that ABE with outsourced decryption can indeed be used in practice in high-security environments, such as the IIoT.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter An Offline Dictionary Attack Against zkPAKE Protocol

next chapter Towards an Automated Extraction of ABAC Constraints from Natural Language Policies

Agrawal, S., Chase, M.: FAME: fast attribute-based message encryption. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, pp. 665–682. ACM, New York (2017). https://doi.org/10.1145/3133956.3134014, ISBN 978-1-4503-4946-8

Ambrosin, M., et al.: On the feasibility of attribute-based encryption on internet of things devices. IEEE Micro 36(6), 25–35 (2016). https://doi.org/10.1109/MM.2016.101. ISSN 0272–1732CrossRef

Ambrosin, M., Conti, M., Dargahi, T.: On the feasibility of attribute-based encryption on smartphone devices. In: Proceedings of the 2015 Workshop on IoT Challenges in Mobile and Industrial Systems, IoT-Sys 2015, pp. 49–54. ACM, New York (2015). https://doi.org/10.1145/2753476.2753482, ISBN 978-1-4503-3502-7

Atzori, L., Iera, A., Morabito, G.: The internet of things: a survey. Comput. Netw. 54(15), 2787–2805 (2010). https://doi.org/10.1016/j.comnet.2010.05.010. ISSN 1389–1286CrossRefMATH

Barker, E.: Recommendation for key management part 1: general. Technical report, National Institute of Standards and Technology, Gaithersburg, MD, January 2016. https://doi.org/10.6028/NIST.SP.800-57pt1r4

Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: 2007 IEEE Symposium on Security and Privacy, SP 2007, pp. 321–334, May 2007. https://doi.org/10.1109/SP.2007.11

Brown, D.R.L.: SEC 2: recommended elliptic curve domain parameters. Technical report, Standards for Efficient Cryptography, Certicom Research (2010)

Chatterjee, S., Hankerson, D., Menezes, A.: On the efficiency and security of pairing-based protocols in the type 1 and type 4 settings. In: Hasan, M.A., Helleseth, T. (eds.) WAIFI 2010. LNCS, vol. 6087, pp. 114–134. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13797-6_9. ISBN 978-3-642-13797-6CrossRefMATH

ECRYPT - CSA: D5.4 algorithms, key size and protocols report (2018). Technical report, H2020-ICT-2014 - project 645421 (2018)

10.

Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, pp. 89–98. ACM, New York (2006). https://doi.org/10.1145/1180405.1180418, ISBN 1-59593-518-5

11.

Green, M., Hohenberger, S., Waters, B.: Outsourcing the decryption of ABE ciphertexts. In: Proceedings of the 20th USENIX Conference on Security, SEC 2011, p. 34. USENIX Association, Berkeley (2011)

12.

Kargermann, H., Wahlster, W., Helbig, J.: Umsetzungsempfehlungen für das Zukunftsprojekt Industrie 4.0. Technical report, April 2013

13.

Hur, J.: Improving security and efficiency in attribute-based data sharing. IEEE Trans. Knowl. Data Eng. 25(10), 2271–2282 (2013). https://doi.org/10.1109/TKDE.2011.78. ISSN 1041–4347CrossRef

14.

Institute for Applied Information Processing and Communications (IAIK): IAIK ECCelerate Library (2018). URL https://jce.iaik.tugraz.at

15.

Institute for Applied Information Processing and Communications (IAIK): IAIK-JCE (2018). URL https://jce.iaik.tugraz.at

16.

Koblitz, N., Menezes, A.: Pairing-based cryptography at high security levels. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 13–36. Springer, Heidelberg (2005). https://doi.org/10.1007/11586821_2CrossRefMATH

17.

Li, J., Chen, X., Li, J., Jia, C., Ma, J., Lou, W.: Fine-grained access control system based on outsourced attribute-based encryption. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 592–609. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40203-6_33CrossRef

18.

Li, J., Huang, X., Li, J., Chen, X., Xiang, Y.: Securely outsourcing attribute-based encryption with checkability. IEEE Trans. Parallel Distrib. Syst. 25(8), 2201–2210 (2014). https://doi.org/10.1109/TPDS.2013.271. ISSN 1045–9219CrossRef

19.

Lin, G., Hong, H., Sun, Z.: A collaborative key management protocol in ciphertext policy attribute-based encryption for cloud data sharing. IEEE Access 5, 9464–9475 (2017). https://doi.org/10.1109/ACCESS.2017.2707126CrossRef

20.

Sadeghi, A.R., Wachsmann, C., Waidner, M.: Security and privacy challenges in industrial internet of things. In: Proceedings of the 52nd Annual Design Automation Conference, DAC 2015, pp. 54:1–54:6. ACM, New York (2015). https://doi.org/10.1145/2744769.2747942, ISBN 978-1-4503-3520-1

21.

Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27CrossRef

22.

Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985). https://doi.org/10.1007/3-540-39568-7_5CrossRef

23.

Wang, X., Zhang, J., Schooler, E.M., Ion, M.: Performance evaluation of attribute-based encryption: toward data privacy in the IoT. In: 2014 IEEE International Conference on Communications, ICC 2014, pp. 725–730 (2014). https://doi.org/10.1109/ICC.2014.6883405

24.

Zhang, R., Ma, H., Lu, Y.: Fine-grained access control system based on fully outsourced attribute-based encryption. J. Syst. Softw. 125, 344–353 (2017). https://doi.org/10.1016/j.jss.2016.12.018. ISSN 0164–1212CrossRef

Title: Fine-Grained Access Control in Industrial Internet of Things
Authors: Dominik Ziegler
Josef Sabongui
Gerald Palfinger
Publisher: Springer International Publishing
Book: ICT Systems Security and Privacy Protection
Print ISBN: 978-3-030-22311-3

Electronic ISBN: 978-3-030-22312-0

Copyright Year: 2019
DOI: https://doi.org/10.1007/978-3-030-22312-0_7

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner