Affiliation:
1. School of Electronic and Electrical Engineering, Kyungpook National University, Daegu 41566, Republic of Korea
2. Decentralized Network Research Section, Electronics and Telecommunications Research Institute, Daejeon 34129, Republic of Korea
3. Center for Security, Theory and Algorithmic Research, International Institute of Information Technology, Hyderabad 500 032, India
4. School of Electronics Engineering, Kyungpook National University, Daegu 41566, Republic of Korea
Abstract
Recently, with the increasing application of the Internet of Things (IoT), various IoT environments such as smart factories, smart homes, and smart grids are being generated. In the IoT environment, a lot of data are generated in real time, and the generated IoT data can be used as source data for various services such as artificial intelligence, remote medical care, and finance, and can also be used for purposes such as electricity bill generation. Therefore, data access control is required to grant access rights to various data users in the IoT environment who need such IoT data. In addition, IoT data contain sensitive information such as personal information, so privacy protection is also essential. Ciphertext-policy attribute-based encryption (CP-ABE) technology has been utilized to address these requirements. Furthermore, system structures applying blockchains with CP-ABE are being studied to prevent bottlenecks and single failures of cloud servers, as well as to support data auditing. However, these systems do not stipulate authentication and key agreement to ensure the security of the data transmission process and data outsourcing. Accordingly, we propose a data access control and key agreement scheme using CP-ABE to ensure data security in a blockchain-based system. In addition, we propose a system that can provide data nonrepudiation, data accountability, and data verification functions by utilizing blockchains. Both formal and informal security verifications are performed to demonstrate the security of the proposed system. We also compare the security, functional aspects, and computational and communication costs of previous systems. Furthermore, we perform cryptographic calculations to analyze the system in practical terms. As a result, our proposed protocol is safer against attacks such as guessing attacks and tracing attacks than other protocols, and can provide mutual authentication and key agreement functions. In addition, the proposed protocol is more efficient than other protocols, so it can be applied to practical IoT environments.
Funder
Electronics and Telecommunications Research Institut
Subject
Electrical and Electronic Engineering,Biochemistry,Instrumentation,Atomic and Molecular Physics, and Optics,Analytical Chemistry
Reference32 articles.
1. Holst, A. (2021, January 30). Volume of Data/Information Created, Captured, Copied, and Consumed Worldwide from 2010 to 2024. Available online: https://www.statista.com/statistics/871513/worldwide-data-created/.
2. Cloud attack and risk assessment taxonomy;Juliadotter;IEEE Cloud Comput.,2015
3. Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework;Osanaiye;J. Netw. Comput. Appl.,2016
4. New publicly verifiable databases with efficient updates;Chen;IEEE Trans. Dependable Secur. Comput.,2015
5. Sahai, A., and Waters, B. (2005, January 22–26). Fuzzy identity-based encryption. Proceedings of the Advances in Cryptology–EUROCRYPT 2005: 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark.
Cited by
4 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献