Certificateless and Revocable Bilateral Access Control for Privacy-Preserving Edge–Cloud Computing

IF 8.9 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Internet of Things Journal Pub Date : 2024-12-09 DOI:10.1109/JIOT.2024.3513326

Qi-An Huang;Yain-Whar Si

{"title":"Certificateless and Revocable Bilateral Access Control for Privacy-Preserving Edge–Cloud Computing","authors":"Qi-An Huang;Yain-Whar Si","doi":"10.1109/JIOT.2024.3513326","DOIUrl":null,"url":null,"abstract":"With the rapid advancement of intelligent devices and cloud services, a novel edge-cloud computing paradigm is emerging, finding widespread adoption in numerous advanced applications. Despite its considerable convenience and benefits, edge-cloud computing raises security and privacy concerns. Although many cryptographic solutions have been proposed for the Internet of Things and cloud services, ensuring diverse access control in an untrusted edge-cloud environment and realizing flexible revocation and efficient outsourcing remain challenging. In this article, we propose a certificateless attribute-based matchmaking encryption scheme (CRO-ABME) that supports fine-grained bilateral access control, attribute and identity revocation, and cryptographic workload outsourcing. Leveraging CRO-ABME, we design an edge-cloud data sharing system that ensures secure data uploading with privacy protection between end-users, such that only authorized matchers can access the data in edge-cloud computing. Furthermore, rigorous security proofs for CRO-ABME are provided, and experimental analyses demonstrate the efficiency and flexibility of our proposed scheme.","PeriodicalId":54347,"journal":{"name":"IEEE Internet of Things Journal","volume":"12 8","pages":"10333-10348"},"PeriodicalIF":8.9000,"publicationDate":"2024-12-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet of Things Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10786356/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

With the rapid advancement of intelligent devices and cloud services, a novel edge-cloud computing paradigm is emerging, finding widespread adoption in numerous advanced applications. Despite its considerable convenience and benefits, edge-cloud computing raises security and privacy concerns. Although many cryptographic solutions have been proposed for the Internet of Things and cloud services, ensuring diverse access control in an untrusted edge-cloud environment and realizing flexible revocation and efficient outsourcing remain challenging. In this article, we propose a certificateless attribute-based matchmaking encryption scheme (CRO-ABME) that supports fine-grained bilateral access control, attribute and identity revocation, and cryptographic workload outsourcing. Leveraging CRO-ABME, we design an edge-cloud data sharing system that ensures secure data uploading with privacy protection between end-users, such that only authorized matchers can access the data in edge-cloud computing. Furthermore, rigorous security proofs for CRO-ABME are provided, and experimental analyses demonstrate the efficiency and flexibility of our proposed scheme.

查看原文本刊更多论文

保护隐私边缘云计算的无证书和可撤销双边访问控制

随着智能设备和云服务的快速发展，一种新的边缘云计算范式正在出现，并在许多高级应用中得到广泛采用。尽管边缘云计算具有相当大的便利性和优势，但它也引起了人们对安全和隐私的担忧。尽管针对物联网和云服务提出了许多加密解决方案，但在不可信的边缘云环境中确保多样化的访问控制，实现灵活的撤销和高效的外包仍然是一个挑战。在本文中，我们提出了一种无证书的基于属性的配对加密方案（CRO-ABME），该方案支持细粒度双边访问控制、属性和身份撤销以及加密工作负载外包。利用CRO-ABME，我们设计了一个边缘云数据共享系统，确保最终用户之间的数据安全上传和隐私保护，只有经过授权的匹配器才能访问边缘云计算中的数据。此外，本文还提供了严格的安全性证明，实验分析证明了该方案的有效性和灵活性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Internet of Things Journal Computer Science-Information Systems

CiteScore

17.60

自引率

13.20%

发文量

1982

期刊介绍： The EEE Internet of Things (IoT) Journal publishes articles and review articles covering various aspects of IoT, including IoT system architecture, IoT enabling technologies, IoT communication and networking protocols such as network coding, and IoT services and applications. Topics encompass IoT's impacts on sensor technologies, big data management, and future internet design for applications like smart cities and smart homes. Fields of interest include IoT architecture such as things-centric, data-centric, service-oriented IoT architecture; IoT enabling technologies and systematic integration such as sensor technologies, big sensor data management, and future Internet design for IoT; IoT services, applications, and test-beds such as IoT service middleware, IoT application programming interface (API), IoT application design, and IoT trials/experiments; IoT standardization activities and technology development in different standard development organizations (SDO) such as IEEE, IETF, ITU, 3GPP, ETSI, etc.