An efficient access control scheme with outsourcing capability and attribute update for fog computing

Peng Zhang, Zehong Chen, Joseph K. Liu, Kaitai Alexander Liang, Hongwei Liu

    Research output: Contribution to journalArticleResearchpeer-review

    57 Citations (Scopus)

    Abstract

    Fog computing as an extension of cloud computing provides computation, storage and application services to end users. Ciphertext-policy attribute-based encryption (CP-ABE) is a well-known cryptographic technology for guaranteeing data confidentiality and fine-grained data access control. It enables data owners to define flexible access policy for data sharing. However, in CP-ABE systems, the problems of the time required to encrypt, decrypt and attribute update are long-standing unsolved in the literature. In this paper, we propose the first access control (CP-ABE) scheme supporting outsourcing capability and attribute update for fog computing. Specifically, the heavy computation operations of encryption and decryption are outsourced to fog nodes, thus the computation operations for data owners to encrypt and users to decrypt are irrelevant to the number of attributes in the access structure and secret keys, respectively. The cost brought by attribute update is efficient in the sense that we only concentrate on the update of the ciphertext associated with the corresponding updated attribute. The security analysis shows that the proposed scheme is secure under the decisional bilinear Diffie-Hellman assumption. The proposed scheme is efficient, and the time of encryption for data owners and decryption for users are small and constant. The computational ability of fog nodes are fully utilizing during the access control, so the tiny computing cost is left to end users with resource-constrained devices.

    Original languageEnglish
    Pages (from-to)753-762
    Number of pages10
    JournalFuture Generation Computer Systems
    Volume78
    Issue numberPart 2
    DOIs
    Publication statusPublished - Jan 2018

    Keywords

    • Access control
    • Attribute update
    • Attribute-based encryption
    • Fog computing
    • Outsourcing capability

    Cite this