A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance
Internet of Things (IoT) cloud provides a practical and scalable solution to accommodate the data management in large-scale IoT systems by migrating the data storage and management tasks to cloud service providers (CSPs). However, there also exist many data security and privacy issues that must be w...
Saved in:
Main Authors: | , , , |
---|---|
Format: | text |
Language: | English |
Published: |
Institutional Knowledge at Singapore Management University
2019
|
Subjects: | |
Online Access: | https://ink.library.smu.edu.sg/sis_research/5150 https://ink.library.smu.edu.sg/context/sis_research/article/6153/viewcontent/Secure_IoT_Cloud_av.pdf |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Singapore Management University |
Language: | English |
id |
sg-smu-ink.sis_research-6153 |
---|---|
record_format |
dspace |
spelling |
sg-smu-ink.sis_research-61532020-07-09T04:20:19Z A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance XU, Shengmin YANG, Guomin MU, Yi LIU, Ximeng Internet of Things (IoT) cloud provides a practical and scalable solution to accommodate the data management in large-scale IoT systems by migrating the data storage and management tasks to cloud service providers (CSPs). However, there also exist many data security and privacy issues that must be well addressed in order to allow the wide adoption of the approach. To protect data confidentiality, attribute-based cryptosystems have been proposed to provide fine-grained access control over encrypted data in loT cloud. Unfortunately, the existing attributed-based solutions are still insufficient in addressing some challenging security problems, especially when dealing with compromised or leaked user secret keys due to different reasons. In this paper, we present a practical attribute-based access control system for loT cloud by introducing an efficient revocable attribute-based encryption scheme that permits the data owner to efficiently manage the credentials of data users. Our proposed system can efficiently deal with both secret key revocation for corrupted users and accidental decryption key exposure for honest users. We analyze the security of our scheme with formal proofs, and demonstrate the high performance of the proposed system via experiments. (C) 2019 Elsevier B.V. All rights reserved. 2019-08-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/5150 info:doi/10.1016/j.future.2019.02.051 https://ink.library.smu.edu.sg/context/sis_research/article/6153/viewcontent/Secure_IoT_Cloud_av.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University IoT cloud Attribute-based encryption Revocation Decryption key exposure Information Security |
institution |
Singapore Management University |
building |
SMU Libraries |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
SMU Libraries |
collection |
InK@SMU |
language |
English |
topic |
IoT cloud Attribute-based encryption Revocation Decryption key exposure Information Security |
spellingShingle |
IoT cloud Attribute-based encryption Revocation Decryption key exposure Information Security XU, Shengmin YANG, Guomin MU, Yi LIU, Ximeng A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance |
description |
Internet of Things (IoT) cloud provides a practical and scalable solution to accommodate the data management in large-scale IoT systems by migrating the data storage and management tasks to cloud service providers (CSPs). However, there also exist many data security and privacy issues that must be well addressed in order to allow the wide adoption of the approach. To protect data confidentiality, attribute-based cryptosystems have been proposed to provide fine-grained access control over encrypted data in loT cloud. Unfortunately, the existing attributed-based solutions are still insufficient in addressing some challenging security problems, especially when dealing with compromised or leaked user secret keys due to different reasons. In this paper, we present a practical attribute-based access control system for loT cloud by introducing an efficient revocable attribute-based encryption scheme that permits the data owner to efficiently manage the credentials of data users. Our proposed system can efficiently deal with both secret key revocation for corrupted users and accidental decryption key exposure for honest users. We analyze the security of our scheme with formal proofs, and demonstrate the high performance of the proposed system via experiments. (C) 2019 Elsevier B.V. All rights reserved. |
format |
text |
author |
XU, Shengmin YANG, Guomin MU, Yi LIU, Ximeng |
author_facet |
XU, Shengmin YANG, Guomin MU, Yi LIU, Ximeng |
author_sort |
XU, Shengmin |
title |
A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance |
title_short |
A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance |
title_full |
A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance |
title_fullStr |
A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance |
title_full_unstemmed |
A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance |
title_sort |
secure iot cloud storage system with fine-grained access control and decryption key exposure resistance |
publisher |
Institutional Knowledge at Singapore Management University |
publishDate |
2019 |
url |
https://ink.library.smu.edu.sg/sis_research/5150 https://ink.library.smu.edu.sg/context/sis_research/article/6153/viewcontent/Secure_IoT_Cloud_av.pdf |
_version_ |
1770575296114720768 |