Research Area: Internet of Things
With the ever-increasing rate of adoption of internet-enabled smart devices, the allure of greater integration of technologies, such as smart home, smart city, and smart grid into everyday life is undeniable. However, this trend inevitably leaves a massive amount of information and infrastructure connected to the public Internet, which exposes the data to many security threats and challenges. In this paper, we discuss the need for fine-grained user access control for IoT smart devices. The inherently distributed nature of IoT environment necessitates the support of multi-authority attribute-based encryption (ABE) for the implementation of fine-grained access control. Therefore, we present a secure fine-grained user access control scheme for data usage in the IoT environment. The proposed scheme is a three-factor user access control scheme, which supports multi-authority ABE and it is highly scalable as both the ABE key size stored in the user’s smart card and ciphertext size needed for authentication request are constant with respect to the number of attributes. Through the formal and informal security analysis, we show that the proposed scheme is secure and robust against several potential attacks required in an IoT environment. Moreover, we demonstrate that the proposed scheme performs at par or better than existing schemes while providing greater functionality features.
Keywords:
Author(s) Name: Soumya Banerjee,Sandip Roy, Vanga Odelu, Ashok Kumar Das, Samiran Chattopadhyay, Youngho Park
Journal name: Journal of Information Security and Applications
Conferrence name:
Publisher name: ELSEVIER
DOI: 10.1016/j.jisa.2020.102503
Volume Information: Volume 53, August 2020, 102503
