Cloud-based Internet of Things (IoT) management services are a promising means of ingesting data from globally dispersed devices. In this setting, it is important to regulate access to data managed by potentially untrusted cloud servers. Attribute-based encryption (ABE) is a highly effective tool for access control. However, applying ABE to IoT environments shows limitations in the following three aspects: First, the demands for storage resources increase in proportion to the complexity of the access control policies. Second, the computation cost of ABE is onerous for resource-limited devices. Lastly, ABE alone is intractable to prevent illegal key-sharing which leads to unauthorized access to data. In this article, we propose an efficient and secure cloud-based IoT data management scheme using ABE. First, we remove the storage-side dependency on the complexity of the access control policies. Second, a substantial part of computationally intensive operations is securely outsourced to the cloud servers. Lastly, unauthorized access to data via illegal key-sharing is strictly forbidden. Our security analysis and experimental results show the security and practicability of the proposed scheme.
Bibliographical noteFunding Information:
This work was supported by Institute of Information and communications Technology Planning and Evaluation (IITP) grant funded by the Korea government (MSIT) (Grant No.2019-0-00533 and Research on CPU vulnerability detection and validation), (No.2018-0-00269, A research on safe and convenient big data processing methods)
© 2013 IEEE.
- access control
- attribute-based encryption
- cloud computing
ASJC Scopus subject areas
- Information Systems
- Hardware and Architecture
- Computer Science Applications
- Computer Networks and Communications