Secure Data Access Control With Ciphertext Update and Computation Outsourcing in Fog Computing for Internet of Things

Huang, Qinlong; Yang, Yixian; Wang, Licheng

doi:10.1109/access.2017.2727054

Cited by 119 publications

(80 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Lyu et al [14] proposed the PPFA privacy protection aggregation system that uses the stability of a Gauss mechanism to ensure the differential privacy of the statistical results and reduces the loss of privacy by combining a stream cipher with a public key cipher to maintain practicability. Huang et al [15] proposed an attribute-based encryption scheme that makes full use of fog servers. e collected data is encrypted by fog servers and then outsourced to cloud servers.…”

Section: Sensitive Data Protection Based On Fog Computingmentioning

confidence: 99%

Protection of Sensitive Data in Industrial Internet Based on Three-Layer Local/Fog/Cloud Storage

Liu

Yuan

Lai

et al. 2020

Security and Communication Networks

View full text Add to dashboard Cite

Industrial Internet technology has developed rapidly, and the security of industrial data has received much attention. At present, industrial enterprises lack a safe and professional data security system. Thus, industries urgently need a complete and effective data protection scheme. This study develops a three-layer framework with local/fog/cloud storage for protecting sensitive industrial data and defines a threat model. For real-time sensitive industrial data, we use the improved local differential privacy algorithm M-RAPPOR to perturb sensitive information. We encode the desensitized data using Reed–Solomon (RS) encoding and then store them in local equipment to realize low cost, high efficiency, and intelligent data protection. For non-real-time sensitive industrial data, we adopt a cloud-fog collaborative storage scheme based on AES-RS encoding to invisibly provide multilayer protection. We adopt the optimal solution of distributed storage in local equipment and the cloud-fog collaborative storage scheme in fog nodes and cloud nodes to alleviate the storage pressure on local equipment and to improve security and recoverability. According to the defined threat model, we conduct a security analysis and prove that the proposed scheme can provide stronger data protection for sensitive data. Compared with traditional methods, this approach strengthens the protection of sensitive information and ensures real-time continuity of open data sharing. Finally, the feasibility of our scheme is validated through experimental evaluation.

show abstract

Section: Sensitive Data Protection Based On Fog Computingmentioning

confidence: 99%

Protection of Sensitive Data in Industrial Internet Based on Three-Layer Local/Fog/Cloud Storage

Liu

Yuan

Lai

et al. 2020

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…Huang et al [14] proposed a CP-ABE scheme to support data security and fine-grained data access control, using features such as ciphertext updating and computation outsourcing for fog computing with IoT devices. As Zuo et al [28] also found, their scheme's main problem is that it was only suitable with an AND-gate encryption predicate.…”

Section: A Access Controlmentioning

confidence: 99%

An Encryption-Based Approach to Protect Fog Federations from Rogue Nodes

Alshehri

Panda

2019

Security, Privacy, and Anonymity in Computation, Communication, and Storage

View full text Add to dashboard Cite

People have used cloud computing approach to store their data remotely. As auspicious as this approach is, it brings forth many challenges: from data security to time latency issues with data computation as well as delivery to end users. Fog computing has emerged as an extension for cloud computing to bring data processing and storage close to end-users; however, it minimizes the time latency issue but still suffers from data security challenges. For instance, when a fog node providing services to end users is compromised, the users' data security can be violated. Thus, this paper proposes a secure and fine-grained data access control scheme by integrating the Ciphertext Policy Attribute-Based Encryption (CP-ABE) algorithm and blockchain concept to prevent fog nodes from violating end users' data security in a situation where a compromised fog node is being ousted. We also classify the fog nodes into fog federations, based on their attributes such as services and locations, to minimize the time latency and communication overhead between fog nodes and cloud server. Further, the exploitation and integration of the blockchain concept and the CP-ABE algorithm enables fog nodes in the same fog federation to perform the authorization process in a distributed manner. In addition, to solve time latency and communication overhead problems, we equip every fog node with an off-chain database to store most frequently accessed data files for specific time, and with an on-chain access control policies table (On-chain Files Tracking Table) which must be protected from being tampered by malicious (rogue) fog nodes. Therefore, blockchain plays a vital role here as it is tamper-proof by nature. We demonstrate our scheme's efficiency and feasibility by designing algorithms and conducting a security analysis. The provided analysis shows that the proposed scheme is efficient and feasible in ousting malicious (rogue) fog nodes.

show abstract

“…The literature review reveals the challenges and limitations of the existing protocols as reviewed in [1][2][3][4][5] [18][19][20]. The existing schemes are robust for the direct attacks but present day adversaries are possessing different strategies to get into the system.…”

Section: Literature Reviewmentioning

confidence: 99%

“…The existing CP-ABE techniques as given in [1][2][3] presents the insight and overview of the scheme and accountability about the CP-ABE scheme has been elaborated in [7] [14]. From the observation, it is clear that the practical possibility of using the CP-ABE is much better to secure the end point devices which are associated to Fog end points.…”

Section: Introductionmentioning

confidence: 99%

Securing Fog Storage Nodes u sing a n Attribute b ased Encryption Scheme a nd Multi Factor Authentication

Velmurugan*,

Manjula

2019

IJEAT

View full text Add to dashboard Cite

Fog computing is an extended and distributed infrastructure where the application processes are managed between the end devices and the edge of the grouped system for better and reliable services. Fog computing is a non-insignificant augmentation of cloud which comes in to the same security and production difficulties of cloud computing. Existing conventional techniques like digital certificates and signature verification schemes suffers due to the advancement of cyber criminals in revoking the certificates. To enable authentication and confidentiality among a group of gathered fog nodes, in this paper, a novel CP-ABE based scheme along with multi-factor user authentication (CP-ABE-MA) is proposed. Further, the paper uses some obfuscation technique which obscures the data to evade the illegal user access. In general, the cloud is a RAW data type which consists of any data format, hence respective on the data type the encryption conversion can be used. CP-ABE can be connected to letters in order and alphanumeric sort of information and jumbling can be connected to a numeric kind of information. Applying encryption methods on the cloud information will give more security against unapproved use. Privacy could be accomplished with a blend of encryption and confusion. In order to evaluate the efficiency, the proposed protocol is implemented and tested in AVISPA and compared with the certificate-based schemes. Further, the proposed protocol outflanks the existing certificate based schemes with 97% accuracy.

show abstract

Secure Data Access Control With Ciphertext Update and Computation Outsourcing in Fog Computing for Internet of Things

Cited by 119 publications

References 29 publications

Protection of Sensitive Data in Industrial Internet Based on Three-Layer Local/Fog/Cloud Storage

Protection of Sensitive Data in Industrial Internet Based on Three-Layer Local/Fog/Cloud Storage

An Encryption-Based Approach to Protect Fog Federations from Rogue Nodes

Securing Fog Storage Nodes u sing a n Attribute b ased Encryption Scheme a nd Multi Factor Authentication

Contact Info

Product

Resources

About