Efficient Data Sharing Scheme With Fine-Grained Access Control and Integrity Auditing in Terminal–Edge–Cloud Network

In recent years, terminal-edge-cloud frame-work is very popular since it combines the storage ability of cloud servers with the advantages of timely response of edge nodes. How to realize the secure and fast data transmission from the terminal device to the edge node under the premise of weak computational ability and limited storage space for terminal devices, how to ensure that the original data can be securely obtained by authorized users, and how to efficiently audit the integrity of data in the cloud storage are still challenging issues. Although Zhang et al. designed a data sharing scheme, which is based on blockchain and hybrid encryption model, and simultaneously considers these issues, the security and performance of this scheme can be greatly improved. The reason lies in that the storage of symmetric key on blockchain will result in its potential leakage once one entity among the Chain becomes dishonest. Therefore, this article proposes a new data sharing protocol. In our protocol, lightweight symmetric encryption is first used to securely transmit data between terminal devices and edge nodes. Secondly, the edge node uses CPABE technology to encrypt the original data collected by the terminal device. Only authorized users who meet the access policy can correctly recover the data, thus ensuring the fine-grained access control. In addition, in the integrity audit process of stored data, authentication based on homomorphic signatures is adopted to achieve efficient auditing based on third-party auditors. Finally, simulation of the entire data sharing system reveals that our proposed protocol is relatively efficient and competitive in future IoT applications.