A Blockchain-Based Access Control Framework for Cyber-Physical-Social System Big Data

Tan, Liang; Shi, Na; Yang, Congling; Yu, Ke

doi:10.1109/access.2020.2988951

Cited by 52 publications

(25 citation statements)

References 36 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…They pointed out that this approach can protect the data from unrelated parties, but no research has been conducted on privacy and security. Tan et al have proposed a blockchain-based access control scheme for Cyber-Physical Social System (CPSS) big data [25], called BacCPSS. BacCPSS uses an address of blockchain as the user's identity and maintains a user access matrix on the Smart Contract, ensuring that only operations authorized in the access matrix can be performed.…”

Section: Related Workmentioning

confidence: 99%

BSSPD: A Blockchain-Based Security Sharing Scheme for Personal Data with Fine-Grained Access Control

Gao

et al. 2021

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Privacy protection and open sharing are the core of data governance in the AI-driven era. A common data-sharing management platform is indispensable in the existing data-sharing solutions, and users upload their data to the cloud server for storage and dissemination. However, from the moment users upload the data to the server, they will lose absolute ownership of their data, and security and privacy will become a critical issue. Although data encryption and access control are considered up-and-coming technologies in protecting personal data security on the cloud server, they alleviate this problem to a certain extent. However, it still depends too much on a third-party organization’s credibility, the Cloud Service Provider (CSP). In this paper, we combined blockchain, ciphertext-policy attribute-based encryption (CP-ABE), and InterPlanetary File System (IPFS) to address this problem to propose a blockchain-based security sharing scheme for personal data named BSSPD. In this user-centric scheme, the data owner encrypts the sharing data and stores it on IPFS, which maximizes the scheme’s decentralization. The address and the decryption key of the shared data will be encrypted with CP-ABE according to the specific access policy, and the data owner uses blockchain to publish his data-related information and distribute keys for data users. Only the data user whose attributes meet the access policy can download and decrypt the data. The data owner has fine-grained access control over his data, and BSSPD supports an attribute-level revocation of a specific data user without affecting others. To further protect the data user’s privacy, the ciphertext keyword search is used when retrieving data. We analyzed the security of the BBSPD and simulated our scheme on the EOS blockchain, which proved that our scheme is feasible. Meanwhile, we provided a thorough analysis of the storage and computing overhead, which proved that BSSPD has a good performance.

show abstract

Section: Related Workmentioning

confidence: 99%

BSSPD: A Blockchain-Based Security Sharing Scheme for Personal Data with Fine-Grained Access Control

Gao

et al. 2021

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

show abstract

“…Also, it is not suffering from certificate management issue, key escrow issue, public key replacement issue, and secure channel need problem. The new scheme ensured the security requirements, i.e., Warrant Unforgeability, Confidentiality, Integrity, Unforgeability, Forward Secrecy, and Resists Replay Attack [41,42,43,44], respectively. Our scheme is not affected by heavy computation because we used hyper elliptic curve instead of bilinear pairing and elliptic curve which need very miner time for computations [11,12].…”

Section: Ming Et Al [2014]mentioning

confidence: 96%

A Lightweight and Secured Certificate-Based Proxy Signcryption (CB-PS) Scheme for E-Prescription Systems

et al. 2020

View full text Add to dashboard Cite

Electronic prescription (E-prescription) is an emerging technology that allows health practitioners (doctors, physicians, pharmacists, or nurses) to electronically transmit prescriptions to pharmacies. E-prescription systems allow doctors to avoid traditional medical practices in which prescriptions are sent manually in handwritten form. Additionally, in cases in which a patient may not be able to collect the medication in person due to physical disabilities, the medications can be delivered to the patient's home directly. Furthermore, payments can also be made online (e.g., using credit cards or bank transfers). However, these distinctive features require a series of guidelines for the successful deployment of the E-prescription system due to stringent legal requirements and privacy regulations. Two major security requirements i.e. confidentiality and authentication need to be addressed. In general, the solution to ensuring confidentiality and authentication lies in the combination of both the encryption and digital signature functions in a single logic step called signcryption. Therefore, in this paper, we present a lightweight and provable secured certificate-based proxy signcryption (CB-PS) scheme for e-prescription systems. The formal security verification uses the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool along with informal security analysis, which authenticates that the proposed CB-PS scheme can potentially be implemented in resource-constrained low-computing electronic devices in E-prescription systems.

show abstract

“…Liu et al [38] proposed an access control system in IoT, which is based on Hyperledger Fabric blockchain framework. Tan et al [39] proposed a blockchain-based access control scheme called BacCPSS for Cyber-Physical-Social System (CPSS) big data. Sun et al [40] proposed a trusted and efficient crossdomain access control system based on blockchain and rbac model.…”

Section: F Related Workmentioning

confidence: 99%

Blockchain-Based IoT Access Control System: Towards Security, Lightweight, and Cross-Domain

Sun

Chen

et al. 2021

IEEE Access

View full text Add to dashboard Cite

Most IoT devices cannot afford to be a blockchain node due to the high computation and storage loads. Thus, the blockchain is usually deployed on one delegate node, e.g., the edge device or cloud, which may encounters three drawbacks: (1) The delegate node becomes the single failure point when the number of delegate notes are limited. (2) The delegate node replicating the blockchain data can lead to privacy information leak. (3) The delegate node is vulnerable to the Distributed Denial of Service (DDoS) attack. To tackle these drawbacks, we consider to minimize the redundant of blockchain to make the IoT devices as the specialized blockchain nodes. In this paper, we integrate a permissioned blockchain (HLF), an attribute-based access control (ABAC) and an identity-based signature (IBS) to build a security, lightweight, and cross-domain blockchain-based IoT access control system. Specifically, we divided the IoT system into different function domains, named IoT domains. Then, we establish a local blockchain ledger for each IoT domain to enable more IoT devices as blockchain nodes. The local blockchain ledger records the IoT domain entities' attributes, policy files' digests, and access decisions. Meanwhile, we use the channel technology of HLF to realize cross-domain access and use the IBS to filter the legal access requests for each IoT domain to prevent DDoS attacks. We also design a policy decision point (PDP) selection algorithm that select multiple IoT devices (blockchain nodes) to achieve the real-time distributed policy decisions (off-chain). Finally, we implement and evaluate the proposed system to demonstrate its practicality.

show abstract

A Blockchain-Based Access Control Framework for Cyber-Physical-Social System Big Data

Cited by 52 publications

References 36 publications

BSSPD: A Blockchain-Based Security Sharing Scheme for Personal Data with Fine-Grained Access Control

BSSPD: A Blockchain-Based Security Sharing Scheme for Personal Data with Fine-Grained Access Control

A Lightweight and Secured Certificate-Based Proxy Signcryption (CB-PS) Scheme for E-Prescription Systems

Blockchain-Based IoT Access Control System: Towards Security, Lightweight, and Cross-Domain

Contact Info

Product

Resources

About