Towards privacy-aware IoT communications: Delegable, revocable, and efficient

Author

Pengfei WU
Jianfei SUN
Guomin YANG, Singapore Management UniversityFollow
Robert H. DENG, Singapore Management UniversityFollow

Publication Type

Conference Proceeding Article

Version

acceptedVersion

Publication Date

12-2024

Abstract

The Internet of Things (IoT) is widely recognized for its potential to enhance efficiency and productivity across various industries. However, its increasing prevalence has also made it a more attractive target for cybercriminals. While many advanced cryptographic solutions have been developed to secure IoT, some practical security and privacy issues such as self-sovereign delegation, flexible revocation, and lightweight access remain inadequately addressed in existing solutions. In this paper, we propose PLIC, a Privacy-aware Lightweight IoT Communication scheme, which not only enables any authorized user to flexibly delegate their lightweight access privileges to other delegatees, such that they can also access the authorized IoT targets in the same lightweight way, but also supports flexible revocation of access for specific users without affecting non-revoked users. Specifically, our solution leverages wildcard-based access control and tree-based encryption technologies to enable self-sovereign delegation, dynamic membership updates, and stably efficient decryption overhead in IoT. In addition, comprehensive security proofs are rendered to validate the robustness of our approach. Finally, experimental comparisons with similar methodologies demonstrate the practicality and superior performance of our solution, which indicates its effectiveness for practical IoT applications.

Keywords

flexible revocation, IoT security, lightweight access, self-sovereign delegation

Discipline

Information Security

Research Areas

Cybersecurity

Publication

2024 IEEE 23rd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom): Sanya; December 17-21: Proceedings

First Page

481

Last Page

491

ISBN

9798331506209

Identifier

10.1109/TrustCom63139.2024.00083

Publisher

IEEE

City or Country

Pistacataway, NJ

Citation

WU, Pengfei; SUN, Jianfei; YANG, Guomin; and DENG, Robert H.. Towards privacy-aware IoT communications: Delegable, revocable, and efficient. (2024). 2024 IEEE 23rd International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom): Sanya; December 17-21: Proceedings. 481-491.
Available at: https://ink.library.smu.edu.sg/sis_research/10230

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1109/TrustCom63139.2024.00083