可信用户:在CP-ABE和dCP-ABE方案中使用IOTA和IPFS进行属性验证

IF 7 Q1 ENGINEERING, ELECTRICAL & ELECTRONIC

Smart Cities Pub Date : 2023-03-10 DOI:10.3390/smartcities6020044

Aintzane Mosteiro-Sanchez, Marc Barcelo, Jasone Astorga, A. Urbieta

{"title":"可信用户:在CP-ABE和dCP-ABE方案中使用IOTA和IPFS进行属性验证","authors":"Aintzane Mosteiro-Sanchez, Marc Barcelo, Jasone Astorga, A. Urbieta","doi":"10.3390/smartcities6020044","DOIUrl":null,"url":null,"abstract":"Attribute spoofing is a major security threat in information exchange solutions based on Ciphertext-Policy Attribute-Based-Encryption (CP-ABE) and distributed CP-ABE (dCP-ABE), which can compromise privacy and security. This threat occurs when an attacker forces the Attribute Authorities to generate keys for attributes they do not possess. This paper analyzes the threat of attribute spoofing and identifies the primary attack vectors, including direct interference with the Attribute Authority and compromise of the shared attribute storage database. The authors propose a solution based on IOTA, a DAG-type DLT, and Interplanetary File System (IPFS) to prevent attribute spoofing. The solution requires distributed attribute storage, validation, and user authentication to counteract the two attack vectors effectively. The proposed solution mitigates the consequences of attribute spoofing, including privilege escalation and reduction, acquisition of private keys, and cutoff of data access. The authors also evaluate their proposal through a value-chain use case and conclude that it effectively mitigates the consequences of attribute spoofing.","PeriodicalId":34482,"journal":{"name":"Smart Cities","volume":" ","pages":""},"PeriodicalIF":7.0000,"publicationDate":"2023-03-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes\",\"authors\":\"Aintzane Mosteiro-Sanchez, Marc Barcelo, Jasone Astorga, A. Urbieta\",\"doi\":\"10.3390/smartcities6020044\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Attribute spoofing is a major security threat in information exchange solutions based on Ciphertext-Policy Attribute-Based-Encryption (CP-ABE) and distributed CP-ABE (dCP-ABE), which can compromise privacy and security. This threat occurs when an attacker forces the Attribute Authorities to generate keys for attributes they do not possess. This paper analyzes the threat of attribute spoofing and identifies the primary attack vectors, including direct interference with the Attribute Authority and compromise of the shared attribute storage database. The authors propose a solution based on IOTA, a DAG-type DLT, and Interplanetary File System (IPFS) to prevent attribute spoofing. The solution requires distributed attribute storage, validation, and user authentication to counteract the two attack vectors effectively. The proposed solution mitigates the consequences of attribute spoofing, including privilege escalation and reduction, acquisition of private keys, and cutoff of data access. The authors also evaluate their proposal through a value-chain use case and conclude that it effectively mitigates the consequences of attribute spoofing.\",\"PeriodicalId\":34482,\"journal\":{\"name\":\"Smart Cities\",\"volume\":\" \",\"pages\":\"\"},\"PeriodicalIF\":7.0000,\"publicationDate\":\"2023-03-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Smart Cities\",\"FirstCategoryId\":\"1089\",\"ListUrlMain\":\"https://doi.org/10.3390/smartcities6020044\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"ENGINEERING, ELECTRICAL & ELECTRONIC\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Smart Cities","FirstCategoryId":"1089","ListUrlMain":"https://doi.org/10.3390/smartcities6020044","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}

引用次数: 0

摘要

在基于密文策略属性加密（CP-ABE）和分布式CP-ABE（dCP-ABE）的信息交换解决方案中，属性欺骗是一个主要的安全威胁，它可能会危及隐私和安全。当攻击者强制属性授权机构为其不拥有的属性生成密钥时，就会发生这种威胁。本文分析了属性欺骗的威胁，并确定了主要的攻击向量，包括对属性权威的直接干扰和对共享属性存储数据库的破坏。作者提出了一种基于IOTA、DAG类型的DLT和星际文件系统（IPFS）的解决方案，以防止属性欺骗。该解决方案需要分布式属性存储、验证和用户身份验证，以有效对抗这两种攻击向量。所提出的解决方案减轻了属性欺骗的后果，包括权限提升和减少、私钥获取和数据访问中断。作者还通过价值链用例评估了他们的提案，并得出结论，它有效地减轻了属性欺骗的后果。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes

Attribute spoofing is a major security threat in information exchange solutions based on Ciphertext-Policy Attribute-Based-Encryption (CP-ABE) and distributed CP-ABE (dCP-ABE), which can compromise privacy and security. This threat occurs when an attacker forces the Attribute Authorities to generate keys for attributes they do not possess. This paper analyzes the threat of attribute spoofing and identifies the primary attack vectors, including direct interference with the Attribute Authority and compromise of the shared attribute storage database. The authors propose a solution based on IOTA, a DAG-type DLT, and Interplanetary File System (IPFS) to prevent attribute spoofing. The solution requires distributed attribute storage, validation, and user authentication to counteract the two attack vectors effectively. The proposed solution mitigates the consequences of attribute spoofing, including privilege escalation and reduction, acquisition of private keys, and cutoff of data access. The authors also evaluate their proposal through a value-chain use case and conclude that it effectively mitigates the consequences of attribute spoofing.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Smart Cities Multiple-

CiteScore

11.20

自引率

6.20%

发文量

审稿时长

11 weeks

期刊介绍： Smart Cities (ISSN 2624-6511) provides an advanced forum for the dissemination of information on the science and technology of smart cities, publishing reviews, regular research papers (articles) and communications in all areas of research concerning smart cities. Our aim is to encourage scientists to publish their experimental and theoretical results in as much detail as possible, with no restriction on the maximum length of the papers published so that all experimental results can be reproduced.