基于组能力的环签名访问控制

IF 3.8 2区计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Information Security and Applications Pub Date : 2025-03-11 DOI:10.1016/j.jisa.2025.104014

Xiaoying Zhu , Shihong Zou , Guoai Xu , Jinwen Xi

{"title":"基于组能力的环签名访问控制","authors":"Xiaoying Zhu , Shihong Zou , Guoai Xu , Jinwen Xi","doi":"10.1016/j.jisa.2025.104014","DOIUrl":null,"url":null,"abstract":"<div><div>With the rapid development of Internet of Things (IoT) technology, the number of connected devices is expected to reach 75 billion worldwide by 2025. loT devices are particularly susceptible to security breaches, making robust access control mechanisms crucial for safeguarding legitimate resource access. Traditional access control systems, however, struggle to manage the scale of loT environments effectively. This paper introduces a novel access control scheme, Group-Capability-Based Access Control with Ring Signature (G-CapBAC), designed and proposed to enhance the scalability of Smart Campus IoT. G-CapBAC leverages blockchain technology as a trust anchor to enforce access policies for loT devices, without requiring these resource-constrained devices to participate directly in the blockchain network, this approach significantly reduces the computational and storage demands on loT devices. In addition, the proposed scheme manages capability tokens by group utilizing the ring signature, which not only reduces storage requirements but also facilitates access policy management. Our security analysis substantiates the robustness of the G-CapBAC scheme. Experimental results indicate superior storage efficiency and expedited access request processing when compared to traditional Capability-Based Access Control (CapBAC).</div></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"90 ","pages":"Article 104014"},"PeriodicalIF":3.8000,"publicationDate":"2025-03-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Group-Capability-Based Access Control with Ring Signature\",\"authors\":\"Xiaoying Zhu , Shihong Zou , Guoai Xu , Jinwen Xi\",\"doi\":\"10.1016/j.jisa.2025.104014\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>With the rapid development of Internet of Things (IoT) technology, the number of connected devices is expected to reach 75 billion worldwide by 2025. loT devices are particularly susceptible to security breaches, making robust access control mechanisms crucial for safeguarding legitimate resource access. Traditional access control systems, however, struggle to manage the scale of loT environments effectively. This paper introduces a novel access control scheme, Group-Capability-Based Access Control with Ring Signature (G-CapBAC), designed and proposed to enhance the scalability of Smart Campus IoT. G-CapBAC leverages blockchain technology as a trust anchor to enforce access policies for loT devices, without requiring these resource-constrained devices to participate directly in the blockchain network, this approach significantly reduces the computational and storage demands on loT devices. In addition, the proposed scheme manages capability tokens by group utilizing the ring signature, which not only reduces storage requirements but also facilitates access policy management. Our security analysis substantiates the robustness of the G-CapBAC scheme. Experimental results indicate superior storage efficiency and expedited access request processing when compared to traditional Capability-Based Access Control (CapBAC).</div></div>\",\"PeriodicalId\":48638,\"journal\":{\"name\":\"Journal of Information Security and Applications\",\"volume\":\"90 \",\"pages\":\"Article 104014\"},\"PeriodicalIF\":3.8000,\"publicationDate\":\"2025-03-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Information Security and Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2214212625000523\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212625000523","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

随着物联网（IoT）技术的快速发展，到2025年，全球连接设备的数量预计将达到750亿。loT设备特别容易受到安全漏洞的影响，因此健壮的访问控制机制对于保护合法的资源访问至关重要。然而，传统的访问控制系统难以有效地管理loT环境的规模。本文介绍了一种新的访问控制方案——基于组能力的环签名访问控制（G-CapBAC），该方案旨在增强智能校园物联网的可扩展性。G-CapBAC利用区块链技术作为信任锚来执行loT设备的访问策略，而不需要这些资源受限的设备直接参与区块链网络，这种方法显著降低了loT设备的计算和存储需求。此外，该方案利用环签名对功能令牌进行分组管理，既减少了存储需求，又便于访问策略管理。我们的安全性分析证实了G-CapBAC方案的鲁棒性。实验结果表明，与传统的基于能力的访问控制（CapBAC）相比，该方法具有更高的存储效率和更快的访问请求处理速度。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Group-Capability-Based Access Control with Ring Signature

With the rapid development of Internet of Things (IoT) technology, the number of connected devices is expected to reach 75 billion worldwide by 2025. loT devices are particularly susceptible to security breaches, making robust access control mechanisms crucial for safeguarding legitimate resource access. Traditional access control systems, however, struggle to manage the scale of loT environments effectively. This paper introduces a novel access control scheme, Group-Capability-Based Access Control with Ring Signature (G-CapBAC), designed and proposed to enhance the scalability of Smart Campus IoT. G-CapBAC leverages blockchain technology as a trust anchor to enforce access policies for loT devices, without requiring these resource-constrained devices to participate directly in the blockchain network, this approach significantly reduces the computational and storage demands on loT devices. In addition, the proposed scheme manages capability tokens by group utilizing the ring signature, which not only reduces storage requirements but also facilitates access policy management. Our security analysis substantiates the robustness of the G-CapBAC scheme. Experimental results indicate superior storage efficiency and expedited access request processing when compared to traditional Capability-Based Access Control (CapBAC).

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Information Security and Applications Computer Science-Computer Networks and Communications

CiteScore

10.90

自引率

5.40%

发文量

206

审稿时长

56 days

期刊介绍： Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.