Attribute Based Encryption with Privacy Protection and Accountability for CloudIoT

• Published in: IEEE transactions on cloud computing Vol. 10; no. 2; pp. 762 - 773
• Main Authors: Li, Jiguo, Zhang, Yichen, Ning, Jianting, Huang, Xinyi, Poh, Geong Sen, Wang, Debang
• Format: Journal Article
• Language: English
• Published: Piscataway IEEE 01.04.2022; The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
• Subjects: Access control; access control over data; Accountability; Algorithms; attribute based encryption; Authorization; Cloud computing; CloudIoT; Encryption; hidden access structure; Privacy
• ISSN: 2168-7161; 2372-0018
• DOI: 10.1109/TCC.2020.2975184

The pervasive, ubiquitous, and heterogeneous properties of IoT make securing IoT systems a very challenging task. More so when access and storage are performed through a cloud-based IoT system. IoT data stored on cloud should be encrypted to ensure data privacy. It is also crucial to allow only authorized entities to access and decrypt the encrypted data. In this article, we propose a ciphertext-policy attribute-based encryption (CP-ABE) scheme that enables fine-grained access control of encrypted IoT data on cloud. CP-ABE is regarded as a highly promising approach to provide flexible and fine-grained access control, which is quite suited to secure cloud based IoT systems. We first present an access control system model of CloudIoT platform based on ABE. Based on the presented system model, we construct a ciphertext-policy hiding CP-ABE scheme, which guarantees the privacy of the users. We further construct a white-box traceable CP-ABE scheme with accountability in order to address the user key abuse and authorization center key abuse. Experiment illustrates the proposed systems are efficient.