计算机科学
云计算
大方坯过滤器
计算机安全
信息泄露
加密
私人信息检索
访问控制
密码学
计算机网络
操作系统
作者
Leyou Zhang,Jun Wang,Yi Mu
出处
期刊:IEEE Internet of Things Journal
[Institute of Electrical and Electronics Engineers]
日期:2021-10-01
卷期号:8 (19): 14731-14745
被引量:9
标识
DOI:10.1109/jiot.2021.3071553
摘要
Along with the development of edge computing and the cloud, the Internet of Things (IoT) is affecting and changing people’s lives. Data sharing has played an important role in the IoT, but the leakage of private user information poses a new security threat to the users. Thus, flexible fine-grained access control for such shared data is proposed in this article as an effective and secure method of eliminating vulnerabilities. However, the disclosure of access policies will also expose users’ private information. Recently, Yang et al. attempted to solve this problem and proposed a framework based on attribute-based encryption for shared data onto IEEE IoT-J(DOI: 10.1109/JIOT.2016.2571718). They hide the access policies by using a bloom filter (BF) and attempt to address privacy preservation in IoT. However, we demonstrate several security weaknesses of their framework and point out its vulnerability to dictionary attacks and access policy guessing attacks. Then, an improved IoT solution is proposed. Under this proposal, the attribute values are stored in BF while the attribute names are embedded in the access policy. The proposed scheme can resist dictionary attacks and access policy guessing attacks. In addition, it simultaneously realizes large attribute sets, an efficient decryption algorithm, and adaptive security. Security analysis and performance evaluations show that the presented scheme achieves higher security and implementation simplicity in the IoT than other currently available schemes.
科研通智能强力驱动
Strongly Powered by AbleSci AI