A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance

A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance

Internet of Things (IoT) cloud provides a practical and scalable solution to accommodate the data management in large-scale IoT systems by migrating the data storage and management tasks to cloud service providers (CSPs). However, there also exist many data security and privacy issues that must be w...

Full description

Saved in:
Bibliographic Details
Main Authors: XU, Shengmin, YANG, Guomin, MU, Yi, LIU, Ximeng
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2019
Subjects:
IoT cloud
Attribute-based encryption
Revocation
Decryption key exposure
Information Security
Online Access:https://ink.library.smu.edu.sg/sis_research/5150
https://ink.library.smu.edu.sg/context/sis_research/article/6153/viewcontent/Secure_IoT_Cloud_av.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
Description
Summary:Internet of Things (IoT) cloud provides a practical and scalable solution to accommodate the data management in large-scale IoT systems by migrating the data storage and management tasks to cloud service providers (CSPs). However, there also exist many data security and privacy issues that must be well addressed in order to allow the wide adoption of the approach. To protect data confidentiality, attribute-based cryptosystems have been proposed to provide fine-grained access control over encrypted data in loT cloud. Unfortunately, the existing attributed-based solutions are still insufficient in addressing some challenging security problems, especially when dealing with compromised or leaked user secret keys due to different reasons. In this paper, we present a practical attribute-based access control system for loT cloud by introducing an efficient revocable attribute-based encryption scheme that permits the data owner to efficiently manage the credentials of data users. Our proposed system can efficiently deal with both secret key revocation for corrupted users and accidental decryption key exposure for honest users. We analyze the security of our scheme with formal proofs, and demonstrate the high performance of the proposed system via experiments. (C) 2019 Elsevier B.V. All rights reserved.

Similar Items