A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance

Internet of Things (IoT) cloud provides a practical and scalable solution to accommodate the data management in large-scale IoT systems by migrating the data storage and management tasks to cloud service providers (CSPs). However, there also exist many data security and privacy issues that must be w...

Full description

Saved in:
Bibliographic Details
Main Authors: XU, Shengmin, YANG, Guomin, MU, Yi, LIU, Ximeng
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2019
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/5150
https://ink.library.smu.edu.sg/context/sis_research/article/6153/viewcontent/Secure_IoT_Cloud_av.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
id sg-smu-ink.sis_research-6153
record_format dspace
spelling sg-smu-ink.sis_research-61532020-07-09T04:20:19Z A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance XU, Shengmin YANG, Guomin MU, Yi LIU, Ximeng Internet of Things (IoT) cloud provides a practical and scalable solution to accommodate the data management in large-scale IoT systems by migrating the data storage and management tasks to cloud service providers (CSPs). However, there also exist many data security and privacy issues that must be well addressed in order to allow the wide adoption of the approach. To protect data confidentiality, attribute-based cryptosystems have been proposed to provide fine-grained access control over encrypted data in loT cloud. Unfortunately, the existing attributed-based solutions are still insufficient in addressing some challenging security problems, especially when dealing with compromised or leaked user secret keys due to different reasons. In this paper, we present a practical attribute-based access control system for loT cloud by introducing an efficient revocable attribute-based encryption scheme that permits the data owner to efficiently manage the credentials of data users. Our proposed system can efficiently deal with both secret key revocation for corrupted users and accidental decryption key exposure for honest users. We analyze the security of our scheme with formal proofs, and demonstrate the high performance of the proposed system via experiments. (C) 2019 Elsevier B.V. All rights reserved. 2019-08-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/5150 info:doi/10.1016/j.future.2019.02.051 https://ink.library.smu.edu.sg/context/sis_research/article/6153/viewcontent/Secure_IoT_Cloud_av.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University IoT cloud Attribute-based encryption Revocation Decryption key exposure Information Security
institution Singapore Management University
building SMU Libraries
continent Asia
country Singapore
Singapore
content_provider SMU Libraries
collection InK@SMU
language English
topic IoT cloud
Attribute-based encryption
Revocation
Decryption key exposure
Information Security
spellingShingle IoT cloud
Attribute-based encryption
Revocation
Decryption key exposure
Information Security
XU, Shengmin
YANG, Guomin
MU, Yi
LIU, Ximeng
A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance
description Internet of Things (IoT) cloud provides a practical and scalable solution to accommodate the data management in large-scale IoT systems by migrating the data storage and management tasks to cloud service providers (CSPs). However, there also exist many data security and privacy issues that must be well addressed in order to allow the wide adoption of the approach. To protect data confidentiality, attribute-based cryptosystems have been proposed to provide fine-grained access control over encrypted data in loT cloud. Unfortunately, the existing attributed-based solutions are still insufficient in addressing some challenging security problems, especially when dealing with compromised or leaked user secret keys due to different reasons. In this paper, we present a practical attribute-based access control system for loT cloud by introducing an efficient revocable attribute-based encryption scheme that permits the data owner to efficiently manage the credentials of data users. Our proposed system can efficiently deal with both secret key revocation for corrupted users and accidental decryption key exposure for honest users. We analyze the security of our scheme with formal proofs, and demonstrate the high performance of the proposed system via experiments. (C) 2019 Elsevier B.V. All rights reserved.
format text
author XU, Shengmin
YANG, Guomin
MU, Yi
LIU, Ximeng
author_facet XU, Shengmin
YANG, Guomin
MU, Yi
LIU, Ximeng
author_sort XU, Shengmin
title A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance
title_short A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance
title_full A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance
title_fullStr A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance
title_full_unstemmed A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance
title_sort secure iot cloud storage system with fine-grained access control and decryption key exposure resistance
publisher Institutional Knowledge at Singapore Management University
publishDate 2019
url https://ink.library.smu.edu.sg/sis_research/5150
https://ink.library.smu.edu.sg/context/sis_research/article/6153/viewcontent/Secure_IoT_Cloud_av.pdf
_version_ 1770575296114720768