Match in my way: Fine-grained bilateral access control for secure cloud-fog computing
Cloud-fog computing is a novel paradigm to extend the functionality of cloud computing to provide a variety of on demand data services via the edge network. Many cryptographic tools have been introduced to preserve data confidentiality against the untrustworthy network and cloud servers. However, ho...
Saved in:
| Main Authors: | , , , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2022
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/5176 https://ink.library.smu.edu.sg/context/sis_research/article/6179/viewcontent/09115214__1_.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-6179 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-61792022-08-10T03:01:17Z Match in my way: Fine-grained bilateral access control for secure cloud-fog computing XU, Shengmin NING, Jianting LI, Yingjiu ZHANG, Yinghui XU, Guowen HUANG, Xinyi DENG, Robert H. Cloud-fog computing is a novel paradigm to extend the functionality of cloud computing to provide a variety of on demand data services via the edge network. Many cryptographic tools have been introduced to preserve data confidentiality against the untrustworthy network and cloud servers. However, how to efficiently identify and retrieve useful data from a large number of ciphertexts without a costly decryption mechanism remains a challenging problem. In this paper, we introduce a cloud fog-device data sharing system (CFDS) with data confidentiality and data source identification simultaneously based on a new cryptographic primitive named matchmaking attribute-based encryption (MABE) by extending matchmaking encryption in CRYPTO’19. Our solution offers a secure fine-grained bilateral access control that includes (1) fine-grained sender access control; (2) fine-grained receiver access control; (3) sender privacy; and (4) performance optimization via outsourcing data source identification to fog nodes. We give the formal definition and security models of MABE, and present a concrete construction with formal security proofs. We also offer a detailed security analysis of our proposed CFDS against real-world security threats. The extensive comparison and experimental simulation demonstrate that, by immigrating heavy workload to fog nodes, our scheme has better functionalities and performances than the most related solutions. 2022-03-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/5176 info:doi/10.1109/TDSC.2020.3001557 https://ink.library.smu.edu.sg/context/sis_research/article/6179/viewcontent/09115214__1_.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Cloud computing fog computing bilateral access control fine-grained access control Information Security Software Engineering |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Cloud computing fog computing bilateral access control fine-grained access control Information Security Software Engineering |
| spellingShingle |
Cloud computing fog computing bilateral access control fine-grained access control Information Security Software Engineering XU, Shengmin NING, Jianting LI, Yingjiu ZHANG, Yinghui XU, Guowen HUANG, Xinyi DENG, Robert H. Match in my way: Fine-grained bilateral access control for secure cloud-fog computing |
| description |
Cloud-fog computing is a novel paradigm to extend the functionality of cloud computing to provide a variety of on demand data services via the edge network. Many cryptographic tools have been introduced to preserve data confidentiality against the untrustworthy network and cloud servers. However, how to efficiently identify and retrieve useful data from a large number of ciphertexts without a costly decryption mechanism remains a challenging problem. In this paper, we introduce a cloud fog-device data sharing system (CFDS) with data confidentiality and data source identification simultaneously based on a new cryptographic primitive named matchmaking attribute-based encryption (MABE) by extending matchmaking encryption in CRYPTO’19. Our solution offers a secure fine-grained bilateral access control that includes (1) fine-grained sender access control; (2) fine-grained receiver access control; (3) sender privacy; and (4) performance optimization via outsourcing data source identification to fog nodes. We give the formal definition and security models of MABE, and present a concrete construction with formal security proofs. We also offer a detailed security analysis of our proposed CFDS against real-world security threats. The extensive comparison and experimental simulation demonstrate that, by immigrating heavy workload to fog nodes, our scheme has better functionalities and performances than the most related solutions. |
| format |
text |
| author |
XU, Shengmin NING, Jianting LI, Yingjiu ZHANG, Yinghui XU, Guowen HUANG, Xinyi DENG, Robert H. |
| author_facet |
XU, Shengmin NING, Jianting LI, Yingjiu ZHANG, Yinghui XU, Guowen HUANG, Xinyi DENG, Robert H. |
| author_sort |
XU, Shengmin |
| title |
Match in my way: Fine-grained bilateral access control for secure cloud-fog computing |
| title_short |
Match in my way: Fine-grained bilateral access control for secure cloud-fog computing |
| title_full |
Match in my way: Fine-grained bilateral access control for secure cloud-fog computing |
| title_fullStr |
Match in my way: Fine-grained bilateral access control for secure cloud-fog computing |
| title_full_unstemmed |
Match in my way: Fine-grained bilateral access control for secure cloud-fog computing |
| title_sort |
match in my way: fine-grained bilateral access control for secure cloud-fog computing |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2022 |
| url |
https://ink.library.smu.edu.sg/sis_research/5176 https://ink.library.smu.edu.sg/context/sis_research/article/6179/viewcontent/09115214__1_.pdf |
| _version_ |
1770575303407566848 |