Secure and trusted sharing mechanism of private data for Internet of Things☆

Mengyuan Li; Shaoyong Guo; Wenjing Li; Ao Xiong; Xiaoming Zhou; Jun Qi; Feng Qi; Dong Wang; Da Li

doi:10.1016/j.hcc.2024.100273

High-Confidence Computing ›› 2025, Vol. 5 ›› Issue (2) : 100273 DOI: 10.1016/j.hcc.2024.100273

Research article

Secure and trusted sharing mechanism of private data for Internet of Things^☆

Mengyuan Li ^a^,^*
, Shaoyong Guo ^a^,^*
, Wenjing Li ^a^,^*
, Ao Xiong ^a^,^*
, Xiaoming Zhou ^b^,^*
, Jun Qi ^c^,^*
, Feng Qi ^a^,^*
, Dong Wang ^d
, Da Li ^d

Author information +

History +

PDF (855KB)

Abstract

In recent years, the rapid development of Internet of Things (IoT) technology has led to a significant increase in the amount of data stored in the cloud. However, traditional IoT systems rely primarily on cloud data centers for information storage and user access control services. This practice creates the risk of privacy breaches on IoT data sharing platforms, including issues such as data tampering and data breaches. To address these concerns, blockchain technology, with its inherent properties such as tamper-proof and decentralization, has emerged as a promising solution that enables trusted sharing of IoT data. Still, there are challenges to implementing encrypted data search in this context. This paper proposes a novel searchable attribute cryptographic access control mechanism that facilitates trusted cloud data sharing. Users can use keywords To efficiently search for specific data and decrypt content keys when their properties are consistent with access policies. In this way, cloud service providers will not be able to access any data privacy-related information, ensuring the security and trustworthiness of data sharing, as well as the protection of user data privacy. Our simulation results show that our approach outperforms existing studies in terms of time overhead. Compared to traditional access control schemes,our approach reduces data encryption time by 33%, decryption time by 5%, and search time by 75%.

Keywords

Searchable encryption / Attribute access control / Privacy protection / Data sharing / search

Cite this article

Download citation ▾

Mengyuan Li, Shaoyong Guo, Wenjing Li, Ao Xiong, Xiaoming Zhou, Jun Qi, Feng Qi, Dong Wang, Da Li. Secure and trusted sharing mechanism of private data for Internet of Things^☆. High-Confidence Computing, 2025, 5(2): 100273 DOI:10.1016/j.hcc.2024.100273

登录浏览全文

4963

注册一个新账户忘记密码

CRediT authorship contribution statement

Mengyuan Li: Writing - review & editing, Writing - original draft, Visualization, Validation, Supervision, Software, Resources, Project administration, Methodology, Investigation, Formal analysis, Data curation, Conceptualization. Shaoyong Guo: Writing - original draft, Methodology, Investigation, Funding acquisition. Wenjing Li: Investigation, Funding acquisition. Ao Xiong: Project administration, Funding acquisition. Xiaoming Zhou: Project administration. Jun Qi: Funding acquisition. Feng Qi: Methodology, Investigation, Funding acquisition. Dong Wang: Funding acquisition. Da Li: Funding acquisition.

Declaration of competing interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgment

This work is supported by the Science and Technology Project of State Grid Corporation of China (5700-202328293A-1-1-ZN).

References

Publishing order | Descend order by publishing year | Descend order by cited within

[1]	Y. Ren, S. Guo, B. Cao, X. Qiu, End-to-end network SLA quality assurance for C-RAN: A closed-loop management method based on digital twin network, IEEE Trans. Mob. Comput. (2023) 1-18, http://dx.doi.org/10.1109/TMC.2023.3291012.

[2]	D. Yang, W. Zhang, Q. Ye, C. Zhang, N. Zhang, C. Huang, H. Zhang, X. Shen, DetFed: Dynamic resource scheduling for deterministic federated learning over time-sensitive networks, IEEE Trans. Mob. Comput. (2023) 1-17, http://dx.doi.org/10.1109/TMC.2023.3303017.

[3]	C.J. D’Orazio, K.-K.R. Choo, Circumventing iOS security mechanisms for APT forensic investigations: A security taxonomy for cloud apps, Future Gener. Comput. Syst. 79 (2018) 247-261.

[4]	A.J. Brown, W.B. Glisson, T.R. Andel, K.-K.R. Choo, Cloud forecasting: Legal visibility issues in saturated environments, Comput. Law Secur. Rev. 34 (6)(2018) 1278-1290.

[5]	H. Li, T. Jing, et al., A lightweight fine-grained searchable encryption scheme in fog-based healthcare iot networks, Wirel. Commun. Mob. Comput. 2019 (2019).

[6]	M.M. Ahsan, I. Ali, M. Imran, M.Y.I.B. Idris, S. Khan, A. Khan, A fog-centric secure cloud storage scheme, IEEE Trans. Sustain. Comput. 7 (2) (2019) 250-262.

[7]	H. Yin, J. Zhang, Y. Xiong, L. Ou, F. Li, S. Liao, K. Li, CP-ABSE: A ciphertext-policy attribute-based searchable encryption scheme, IEEE Access 7 (2019) 5682-5694.

[8]	H. Wang, Y. Li, W. Susilo, D.H. Duong, F. Luo, A fast and flexible attribute-based searchable encryption scheme supporting multi-search mechanism in cloud computing, Comput. Stand. Interfaces 82 (2022) 103635.

[9]	B.B. Gupta, K.-C. Li, V.C. Leung, K.E. Psannis, S. Yamaguchi, et al., Blockchain-assisted secure fine-grained searchable encryption for a cloud-based healthcare cyber-physical system, IEEE/CAA J. Autom. Sin. 8 (12)(2021) 1877-1890.

[10]	H.D. Zubaydi, P. Varga, S. Molnár, Leveraging blockchain technology for ensuring security and privacy aspects in internet of things: A systematic literature review, Sensors 23 (2) (2023) 788.

[11]	D. Yang, Z. Cheng, W. Zhang, H. Zhang, X. Shen, Burst-aware time-triggered flow scheduling with enhanced multi-CQF in time-sensitive networks, IEEE/ACM Trans. Netw. (2023) 1-16, http://dx.doi.org/10.1109/TNET.2023.3264583.

[12]	L. Yang, V. Varadarajan, T. Boongoen, N. Naik, Special issue on emerging trends, challenges and applications in cloud computing, Wirel. Netw. 29(3) (2023) 985-987.

[13]	D.D. Downs, J.R. Rub, K.C. Kung, C.S. Jordan, Issues in discretionary access control, in: 1985 IEEE Symposium on Security and Privacy, IEEE, 1985, p. 208.

[14]	E. Bertino, S. Jajodiat, P. Samarati, Enforcing mandatory access control in object bases, in: Security for Object-Oriented Systems: Proceedings of the OOPSLA-93 Conference Workshop on Security for Object-Oriented Systems, Washington DC, USA, 26 September 1993, Springer, 1994, pp. 96-116.

[15]	D.F. Ferraiolo, R. Sandhu, S. Gavrila, D.R. Kuhn, R. Chandramouli, Proposed NIST standard for role-based access control, ACM Trans. Inf. Syst. Secur. 4 (3) (2001) 224-274.

[16]	V.C. Hu, D. Ferraiolo, R. Kuhn, A.R. Friedman, A.J. Lang, M.M. Cogdell, A. Schnitzer, K. Sandlin, R. Miller, K. Scarfone, et al., Guide to attribute based access control (abac) definition and considerations (draft), NIST Special Publ. 800 (162) (2013) 1-54.

[17]	S. Mudepalli, V.S. Rao, R.K. Kumar, An efficient data retrieval approach us-ing blowfish encryption on cloud ciphertext retrieval in cloud computing, in: 2017 International Conference on Intelligent Computing and Control Systems, ICICCS, IEEE, 2017, pp. 267-271.

[18]	X. Wei, Y. Yan, S. Guo, X. Qiu, F. Qi, Secure data sharing: Blockchain-enabled data access control framework for IoT, IEEE Internet Things J. 9(11) (2021) 8143-8153.

[19]	Y. Wang, S.-F. Sun, J. Wang, J.K. Liu, X. Chen, Achieving searchable encryption scheme with search pattern hidden, IEEE Trans. Serv. Comput. 15 (2) (2020) 1012-1025.

[20]	Y. Yang, R. Deng, W. Guo, H. Cheng, X. Luo, X. Zheng, C. Rong, Dual traceable distributed attribute-based searchable encryption and ownership transfer, IEEE Trans. Cloud Comput. (2021).

[21]

A. Bakas, A. Michalas, Modern family: A revocable hybrid encryp-tion scheme based on attribute-based encryption, symmetric searchable encryption and SGX,in:Security and Privacy in Communication Net-works: 15th EAI International Conference, SecureComm 2019, Orlando, FL, USA, October 23-25, 2019, Proceedings, Part II 15, Springer, 2019, pp. 472-486.

[22]	P. Chaudhari, M.L. Das, Keysea: Keyword-based search with receiver anonymity in attribute-based searchable encryption, IEEE Trans. Serv. Comput. 15 (2) (2020) 1036-1044.

[23]	I. Huso, G. Piro, G. Boggia, Distributed and privacy-preserving data dis-semination at the network edge via attribute-based searchable encryption, in: 2022 20th Mediterranean Communication and Computer Networking Conference, MedComNet, IEEE, 2022, pp. 122-130.

[24]	J. Bethencourt, A. Sahai, B. Waters, Ciphertext-policy attribute-based en-cryption, in: 2007 IEEE Symposium on Security and Privacy, SP’07, 2007, pp. 321-334, http://dx.doi.org/10.1109/SP.2007.11.

[25]	B. Waters, Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization, in: International Workshop on Public Key Cryptography, Springer, 2011, pp. 53-70.

[26]

D. Boneh, G. Di Crescenzo, R. Ostrovsky, G. Persiano, Public key en-cryption with keyword search, in: Advances in Cryptology-EUROCRYPT 2004: International Conference on the Theory and Applications of Cryp-tographic Techniques, Interlaken, Switzerland, May 2- 6, 2004. Proceedings 23, Springer, 2004, pp. 506-522.

[27]	D. Ongaro, J.K. Ousterhout, In search of an understandable consensus algorithm, 2014, draft of october.

[28]	L. Zhang, Y. Ye, Y. Mu, Multiauthority access control with anonymous authentication for personal health record, IEEE Internet Things J. 8 (1)(2021) 156-167, http://dx.doi.org/10.1109/JIOT.2020.3000775.

[29]	S.J. De, S. Ruj, Efficient decentralized attribute based access control for mobile clouds, IEEE Trans. Cloud Comput. 8 (1) (2020) 124-137, http://dx.doi.org/10.1109/TCC.2017.2754255.

[30]	Y. Rouselakis, B. Waters, Efficient statically-secure large-universe multi-authority attribute-based encryption, in: International Conference on Financial Cryptography and Data Security, Springer, 2015, pp. 315-332.

[31]	R. Chen, Y. Mu, G. Yang, F. Guo, X. Huang, X. Wang, Y. Wang, Server-aided public key encryption with keyword search, IEEE Trans. Inf. Forensics Secur. 11 (12) (2016) 2833-2842.

Funding

☆ Science and Technology Project of State Grid Corporation of China (Research on data sharing security and extended protection technology in middle platform framwork(5700-202328293A-1-1-ZN)