Skip to main content
SpringerLink
Log in

Achieving adaptively secure data access control with privacy protection for lightweight IoT devices

  • Research Paper
  • Published:
Science China Information Sciences Aims and scope Submit manuscript

Abstract

The Internet of things (IoT) technology has been used in a wide range of fields, ranging from industrial manufacturing to daily lives. The IoT system contains numerous resource-constrained lightweight devices such as wireless sensors and radio frequency identification (RFID) tags. A massive amount of sensitive data is generated and transmitted by these devices to a variety of users. The complexity of the IoT system places a high demand on security. Therefore, it is necessary to develop an encryption scheme with access control to provide flexible and secure access to the sensitive data. The ciphertext policy attribute-based encryption (CP-ABE) scheme is a potential solution. However, the long ciphertext as well as the slow encryption and decryption operations in traditional ABE schemes make it inappropriate for most IoT systems, which require low latency and contain many devices with limited memory size and computing capability. In this paper, we propose a modified CP-ABE scheme with constant length of ciphertext and low computation overhead in the encryption and decryption phases. Additionally, our scheme is proven to be adaptively secure under the standard model. Moreover, two enhanced schemes are developed to prevent authorized users from leaking data and protect the privacy of data owners by combining chameleon hash, bloom filters and CP-ABE, respectively. Finally, the experimental evaluation and analysis prove the feasibility of our scheme.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Wan S H, Zhao Y, Wang T, et al. Multi-dimensional data indexing and range query processing via Voronoi diagram for internet of things. Future Gener Comput Syst, 2019, 91: 382–391

    Article  Google Scholar 

  2. Ammar M, Russello G, Crispo B. Internet of things: a survey on the security of IoT frameworks. J Inf Secur Appl, 2018, 38: 8–27

    Google Scholar 

  3. Wu Y K, Huang H, Wu Q, et al. A risk defense method based on microscopic state prediction with partial information observations in social networks. J Parallel Distrib Comput, 2019, 131: 189–199

    Article  Google Scholar 

  4. Guan Z T, Liu X Y, Wu L F, et al. Cross-lingual multi-keyword rank search with semantic extension over encrypted data. Inf Sci, 2020, 514: 523–540

    Article  Google Scholar 

  5. Xu S M, Li Y J, Deng R H, et al. Lightweight and expressive fine-grained access control for healthcare Internet-of-things. IEEE Trans Cloud Comput, 2019. doi: https://doi.org/10.1109/tcc.2019.2936481

  6. Xu S M, Yang G M, Mu Y, et al. A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance. Future Gener Comput Syst, 2019, 97: 284–294

    Article  Google Scholar 

  7. Jiang Y H, Susilo W, Mu Y, et al. Flexible ciphertext-policy attribute-based encryption supporting AND-gate and threshold with short ciphertexts. Int J Inf Secur, 2018, 17: 463–475

    Article  Google Scholar 

  8. Odelu V, Das A K. Design of a new CP-ABE with constant-size secret keys for lightweight devices using elliptic curve cryptography. Secur Commun Netw, 2016, 9: 4048–4059

    Article  Google Scholar 

  9. Susilo W, Yang G M, Guo F C, et al. Constant-size ciphertexts in threshold attribute-based encryption without dummy attributes. Inf Sci, 2018, 429: 349–360

    Article  MathSciNet  Google Scholar 

  10. Lewko A, Okamoto T, Sahai A, et al. Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2010. 62–91

  11. Doshi N, Jinwala D C. Fully secure ciphertext policy attribute-based encryption with constant length ciphertext and faster decryption. Secur Commun Netw, 2014, 7: 1988–2002

    Article  Google Scholar 

  12. Odelu V, Das A K, Khan M K, et al. Expressive CP-ABE scheme for mobile devices in IoT satisfying constant-size keys and ciphertexts. IEEE Access, 2017, 5: 3273–3283

    Article  Google Scholar 

  13. Banerjee S, Roy S, Odelu V, et al. Multi-authority CP-ABE-based user access control scheme with constant-size key and ciphertext for IoT deployment. J Inf Secur Appl, 2020, 53: 102503

    Google Scholar 

  14. Cui H, Deng R H, Liu J K, et al. Server-aided attribute-based signature with revocation for resource-constrained industrial-Internet-of-things devices. IEEE Trans Ind Inf, 2018, 14: 3724–3732

    Article  Google Scholar 

  15. Guan Z T, Li J, Wu L F, et al. Achieving efficient and secure data acquisition for cloud-supported Internet of things in smart grid. IEEE Int Things J, 2017, 4: 1934–1944

    Article  Google Scholar 

  16. Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption. In: Proceedings of IEEE Symposium on Security and Privacy, 2007. 321–334

  17. Waters B. Ciphertext-policy attribute-based encryption: an expressive, efficient, and provably secure realization. In: Proceedings of International Workshop on Public Key Cryptography, 2011. 53–70

  18. Herranz J, Laguillaumie F, Rafols C. Constant size ciphertexts in threshold attribute-based encryption. In: Proceedings of International Workshop on Public Key Cryptography, 2010. 19–34

  19. Guo F C, Mu Y, Susilo W, et al. CP-ABE with constant-size keys for lightweight devices. IEEE Trans Inf Forensic Secur, 2014, 9: 763–771

    Article  Google Scholar 

  20. Agrawal S, Chase M. FAME: fast attribute-based message encryption. In: Proceedings of ACM SIGSAC Conference on Computer and Communications Security, 2017. 665–682

  21. Teng W, Yang G, Xiang Y, et al. Attribute-based access control with constant-size ciphertext in cloud computing. IEEE Trans Cloud Comput, 2017, 5: 617–627

    Article  Google Scholar 

  22. Odelu V, Das A K, Rao Y S, et al. Pairing-based CP-ABE with constant-size ciphertexts and secret keys for cloud environment. Comput Stand Interface, 2017, 54: 3–9

    Article  Google Scholar 

  23. Xu S M, Yang G M, Mu Y, et al. Secure fine-grained access control and data sharing for dynamic groups in the cloud. IEEE Trans Inf Forensic Secur, 2018, 13: 2101–2113

    Article  Google Scholar 

  24. Chen C, Chen J, Lim H W, et al. Fully secure attribute-based systems with short ciphertexts/signatures and threshold access structures. In: Proceedings of Cryptographers’ Track at the RSA Conference, 2013. 50–67

  25. Xu S M, Yang G M, Mu Y. Revocable attribute-based encryption with decryption key exposure resistance and ciphertext delegation. Inf Sci, 2019, 479: 116–134

    Article  MathSciNet  Google Scholar 

  26. Liu Z H, Duan S H, Zhou P L, et al. Traceable-then-revocable ciphertext-policy attribute-based encryption scheme. Future Gener Comput Syst, 2019, 93: 903–913

    Article  Google Scholar 

  27. Zhang Y H, Zheng D, Deng R H. Security and privacy in smart health: efficient policy-hiding attribute-based access control. IEEE Int Things J, 2018, 5: 2130–2145

    Article  Google Scholar 

  28. Han Q, Zhang Y H, Li H. Efficient and robust attribute-based encryption supporting access policy hiding in Internet of things. Future Gener Comput Syst, 2018, 83: 269–277

    Article  Google Scholar 

  29. Menezes A J, Okamoto T, Vanstone S A. Reducing elliptic curve logarithms to logarithms in a finite field. IEEE Trans Inf Theory, 1993, 39: 1639–1646

    Article  MathSciNet  Google Scholar 

  30. Galbraith S D, Paterson K G, Smart N P. Pairings for cryptographers. Discrete Appl Math, 2008, 156: 3113–3121

    Article  MathSciNet  Google Scholar 

  31. Malluhi Q M, Shikfa A, Trinh V C. A ciphertext-policy attribute-based encryption scheme with optimized ciphertext size and fast decryption. In: Proceedings of ACM on Asia Conference on Computer and Communications Security, 2017. 230–240

  32. Zhou Z B, Huang D J. On efficient ciphertext-policy attribute based encryption and broadcast encryption. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, 2010. 753–755

  33. Akinyele J A, Garman C, Miers I, et al. Charm: a framework for rapidly prototyping cryptosystems. J Cryptogr Eng, 2013, 3: 111–128

    Article  Google Scholar 

Download references

Acknowledgements

This work was jointly supported by Beijing Natural Science Foundation (Grant No. 4182060), National Natural Science Foundation of China (Grant No. 61972148), and Fundamental Research Funds for the Central Universities (Grant No. 2019MS020).

Author information

Authors and Affiliations

  1. School of Control and Computer Engineering, North China Electric Power University, Beijing, 102206, China

    Zhitao Guan, Wenti Yang & Ruimiao Wang

  2. School of Computer, Beijing Institute of Technology, Beijing, 100081, China

    Liehuang Zhu

  3. Department of Mathematics and Computer Science, Fayetteville State University, Fayetteville, 28301, USA

    Longfei Wu

Authors
  1. Zhitao Guan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Wenti Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Liehuang Zhu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Longfei Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Ruimiao Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zhitao Guan.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Guan, Z., Yang, W., Zhu, L. et al. Achieving adaptively secure data access control with privacy protection for lightweight IoT devices. Sci. China Inf. Sci. 64, 162301 (2021). https://doi.org/10.1007/s11432-020-2957-5

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11432-020-2957-5

Keywords

Search

Navigation