An attribute-based access control scheme using blockchain technology for IoT data protection

Zenghui Yang , Xiubo Chen , Yunfeng He , Luxi Liu , Yinmei Che , Xiao Wang , Ke Xiao , Gang Xu

High-Confidence Computing ›› 2024, Vol. 4 ›› Issue (3) : 100199

PDF (942KB)
High-Confidence Computing ›› 2024, Vol. 4 ›› Issue (3) : 100199 DOI: 10.1016/j.hcc.2024.100199
Research Articles
research-article

An attribute-based access control scheme using blockchain technology for IoT data protection

Author information +
History +
PDF (942KB)

Abstract

With the wide application of the Internet of Things (IoT), storing large amounts of IoT data and protecting data privacy has become a meaningful issue. In general, the access control mechanism is used to prevent illegal users from accessing private data. However, traditional data access control schemes face some non-ignorable problems, such as only supporting coarse-grained access control, the risk of centralization, and high trust issues. In this paper, an attribute-based data access control scheme using blockchain technology is proposed. To address these problems, attribute-based encryption (ABE) has become a promising solution for encrypted data access control. Firstly, we utilize blockchain technology to construct a decentralized access control scheme, which can grant data access with transparency and traceability. Furthermore, our scheme also guarantees the privacy of policies and attributes on the blockchain network. Secondly, we optimize an ABE scheme, which makes the size of system parameters smaller and improves the efficiency of algorithms. These optimizations enable our proposed scheme supports large attribute universe requirements in IoT environments. Thirdly, to prohibit attribute impersonation and attribute replay attacks, we design a challenge-response mechanism to verify the ownership of attributes. Finally, we evaluate the security and performance of the scheme. And comparisons with other related schemes show the advantages of our proposed scheme. Compared to existing schemes, our scheme has more comprehensive advantages, such as supporting a large universe, full security, expressive policy, and policy hiding.

Keywords

Attribute-based encryption / Access control / Blockchain / IoT data protection

Cite this article

Download citation ▾
Zenghui Yang, Xiubo Chen, Yunfeng He, Luxi Liu, Yinmei Che, Xiao Wang, Ke Xiao, Gang Xu. An attribute-based access control scheme using blockchain technology for IoT data protection. High-Confidence Computing, 2024, 4(3): 100199 DOI:10.1016/j.hcc.2024.100199

登录浏览全文

4963

注册一个新账户 忘记密码

Declaration of competing interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgment

This work was supported by the Defense Industrial Technology Development Program, China (JCKY2021208B036).

References

Publishing order | Descend order by publishing year | Descend order by cited within
[1]

L. Atzori, A. Iera, G. Morabito, The internet of things: A survey, Comput. Netw. 54 (15) (2010) 2787-2805.
[2]

P. Mell, T. Grance, et al., The NIST Definition of Cloud Computing, Computer Security Division, Information Technology Laboratory, National ..., 2011.
[3]

R. Lu, H. Zhu, X. Liu, J.K. Liu, J. Shao, Toward efficient and privacy-preserving computing in big data era, IEEE Netw. 28 (4) (2014) 46-50.
[4]

A. Sahai, B. Waters, Fuzzy identity-based encryption, in: Advances in Cryptology-EUROCRYPT 2005: 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005. Proceedings 24, Springer, 2005, pp. 457-473.
[5]

V. Goyal, O. Pandey, A. Sahai, B. Waters, Attribute-based encryption for fine-grained access control of encrypted data, in:Proceedings of the 13th ACM Conference on Computer and Communications Security, 2006, pp. 89-98.
[6]

J. Bethencourt, A. Sahai, B. Waters, Ciphertext-policy attribute-based encryption, in: 2007 IEEE Symposium on Security and Privacy, SP’07, IEEE, 2007, pp. 321-334.
[7]

S. Nakamoto, A. Bitcoin, A peer-to-peer electronic cash system, 2008, p. 15, 4 (2), Bitcoin.-URL: https://bitcoin.org/bitcoin.pdf.
[8]

L. Cheung, C. Newport, Provably secure ciphertext policy ABE, in:Proceedings of the 14th ACM Conference on Computer and Communications Security, 2007, pp. 456-465.
[9]

B. Waters, Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization, in: International Workshop on Public Key Cryptography, Springer, 2011, pp. 53-70.
[10]

Z. Liu, Z. Cao, D.S. Wong, Efficient generation of linear secret sharing scheme matrices from threshold access trees, Cryptol. ePrint Arch. (2010).
[11]

A. Lewko, B. Waters, Decentralizing attribute-based encryption, in: Annual International Conference on the Theory and Applications of Cryptographic Techniques, Springer, 2011, pp. 568-588.
[12]

T. Nishide, K. Yoneyama, K. Ohta, Attribute-based encryption with partially hidden encryptor-specified access structures, in: Applied Cryptography and Network Security: 6th International Conference, ACNS 2008, New York, NY, USA, June 3-6, 2008. Proceedings 6, Springer, 2008, pp. 111-129.
[13]

J. Lai, R.H. Deng, Y. Li,Fully secure cipertext-policy hiding CP-ABE, in:Information Security Practice and Experience: 7th International Conference, ISPEC 2011, Guangzhou, China, May 30-June 1, 2011. Proceedings 7, Springer, 2011, pp. 24-39.
[14]

J. Katz, A. Sahai, B. Waters, Predicate encryption supporting disjunctions, polynomial equations, and inner products, in: Advances in Cryptology- EUROCRYPT 2008: 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Istanbul, Turkey, April 13-17, 2008. Proceedings 27, Springer, 2008, pp. 146-162.
[15]

J. Lai, R.H. Deng, Y. Li, Expressive CP-ABE with partially hidden access structures, in:Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, 2012, pp. 18-19.
[16]

K. Yang, Q. Han, H. Li, K. Zheng, Z. Su, X. Shen, An efficient and finegrained big data access control scheme with privacy-preserving policy, IEEE Internet Things J. 4 (2) (2016) 563-571.
[17]

S. Gao, G. Piao, J. Zhu, X. Ma, J. Ma, Trustaccess: A trustworthy secure ciphertext-policy and attribute hiding access control scheme based on blockchain, IEEE Trans. Veh. Technol. 69 (6) (2020) 5784-5798.
[18]

Y. Zhang, D. Zheng, R.H. Deng, Security and privacy in smart health: Efficient policy-hiding attribute-based access control, IEEE Internet Things J. 5 (3) (2018) 2130-2145.
[19]

J.P. Cruz, Y. Kaji, N. Yanai, RBAC-SC: Role-based access control using smart contract, IEEE Access 6 (2018) 12240-12251.
[20]

O. Novo, Blockchain meets IoT: An architecture for scalable access management in IoT, IEEE Internet Things J. 5 (2) (2018) 1184-1195.
[21]

R. Li, T. Song, B. Mei, H. Li, X. Cheng, L. Sun, Blockchain for large-scale internet of things data storage and protection, IEEE Trans. Serv. Comput. 12 (5) (2018) 762-771.
[22]

G.G. Dagher, J. Mohler, M. Milojkovic, P.B. Marella, Ancile: Privacy-preserving framework for access control and interoperability of electronic health records using blockchain technology, Sustain. Cities Soc. 39 (2018) 283-297.
[23]

C. Li, M. Dong, J. Li, G. Xu, X.-B. Chen, W. Liu, K. Ota, Efficient medical big data management with keyword-searchable encryption in healthchain, IEEE Syst. J. 16 (4) (2022) 5521-5532.
[24]

P. Sharma, R. Jindal, M.D. Borah, Blockchain-based cloud storage system with CP-ABE-based access control and revocation process, J. Supercomput. (2022) 1-29.
[25]

X. Yang, A. Chen, Z. Wang, S. Li, et al., Cloud storage data access control scheme based on blockchain and attribute-based encryption, Secur. Commun. Netw. 2022 (2022).
[26]

J. Song, T. Gu, Z. Fang, X. Feng, Y. Ge, H. Fu, P. Hu, P. Mohapatra, Blockchain meets COVID-19: A framework for contact information sharing and risk notification system, in: 2021 IEEE 18th International Conference on Mobile Ad Hoc and Smart Systems, MASS, 2021, pp. 269-277, http://dx.doi.org/10.1109/MASS52906.2021.00043.
[27]

X. Xiao, Y. Zhang, Y. Zhu, P. Hu, X. Cao, FingerChain: Copyrighted multi-owner media sharing by introducing asymmetric fingerprinting into blockchain, IEEE Trans. Netw. Serv. Manag. 20 (3) (2023) 2869-2885, http://dx.doi.org/10.1109/TNSM.2023.3237685.
[28]

C. Hu, Z. Liu, R. Li, P. Hu, T. Xiang, M. Han, Smart contract assisted privacy-preserving data aggregation and management scheme for smart grid, IEEE Trans. Dependable Secure Comput. (2023) 1-17, http://dx.doi.org/10.1109/TDSC.2023.3300749.
[29]

A. Beimel, et al., Secure Schemes for Secret Sharing and Key Distribution, Technion-Israel Institute of technology, Faculty of computer science Haifa ..., 1996.
[30]

A. De Caro, V. Iovino, jPBC: Java pairing based cryptography, in: 2011 IEEE Symposium on Computers and Communications, ISCC, IEEE, 2011, pp. 850-855.
[31]

H. Wang, J. Liang, Y. Ding, S. Tang, Y. Wang, Ciphertext-policy attribute-based encryption supporting policy-hiding and cloud auditing in smart health, Comput. Stand. Interfaces 84 (2023) 103696.
[32]

J. Sun, H. Xiong, X. Liu, Y. Zhang, X. Nie, R.H. Deng, Lightweight and privacy-aware fine-grained access control for IoT-oriented smart health, IEEE Internet Things J. 7 (7) (2020) 6566-6575.
AI Summary AI Mindmap
PDF (942KB)

371

Accesses

0

Citation

Detail
Sections
Recommended

AI思维导图

/