Private blockchain-envisioned multi-authority CP-ABE-based user access control scheme in IIoT

Abstract Recent advances in Low Power Wide Area Network (LPWAN) are expected to augment the already prodigious proliferation of Industrial Internet of Things (IIoT). However, this unrepresented growth is tinged by the uncertainty of possible challenges in security and privacy. In this work, we propose a novel blockchain-envisioned fine grained user access control scheme for data security and scalability in IIoT environment. The proposed scheme supports multiple attribute authorities and also a constant size key and ciphertext. The data gathered by the IoT smart devices are encrypted using the cipher-policy attribute based encryption (CP-ABE) and sent to their nearby gateway nodes. Later, the gateway nodes form the transactions from the encrypted data from the smart devices which are used to form partial blocks. The partial blocks are then forwarded to the cloud server(s) in the peer-to-peer (P2P) network to convert them into full blocks, which are verified, mined and added into the blockchain using the voting-based practical Byzantine fault tolerance (PBFT) consensus algorithm. The proposed scheme also allows a user to access the secure data stored in the blocks into the blockchain using the CP-ABE mechanism. The security analysis demonstrates the robustness of the proposed scheme against various attacks, and the comparative study with related relevant schemes also highlights the advantage of the proposed scheme over existing approaches. Finally, a blockchain implementation of the presented scheme summarizes the computational costs for a varied number of transactions per block, and also for a varied number of blocks mined in the blockchain.