Match in my way: Fine-grained bilateral access control for secure cloud-fog computing

Author

Shengmin XU, Singapore Management UniversityFollow
Jianting NING, Fujian Normal University
Yingjiu LI, University of Oregon
Yinghui ZHANG, Xi'an Institute of Posts and Telecommunications
Guowen XU, University of Electronic Science and Technology of China
Xinyi HUANG, Fujian Normal University
Robert H. DENG, Singapore Management UniversityFollow

Publication Type

Journal Article

Version

acceptedVersion

Publication Date

3-2022

Abstract

Cloud-fog computing is a novel paradigm to extend the functionality of cloud computing to provide a variety of on demand data services via the edge network. Many cryptographic tools have been introduced to preserve data confidentiality against the untrustworthy network and cloud servers. However, how to efficiently identify and retrieve useful data from a large number of ciphertexts without a costly decryption mechanism remains a challenging problem. In this paper, we introduce a cloud fog-device data sharing system (CFDS) with data confidentiality and data source identification simultaneously based on a new cryptographic primitive named matchmaking attribute-based encryption (MABE) by extending matchmaking encryption in CRYPTO’19. Our solution offers a secure fine-grained bilateral access control that includes (1) fine-grained sender access control; (2) fine-grained receiver access control; (3) sender privacy; and (4) performance optimization via outsourcing data source identification to fog nodes. We give the formal definition and security models of MABE, and present a concrete construction with formal security proofs. We also offer a detailed security analysis of our proposed CFDS against real-world security threats. The extensive comparison and experimental simulation demonstrate that, by immigrating heavy workload to fog nodes, our scheme has better functionalities and performances than the most related solutions.

Keywords

Cloud computing, fog computing, bilateral access control, fine-grained access control

Discipline

Information Security | Software Engineering

Research Areas

Cybersecurity

Publication

IEEE Transactions on Dependable and Secure Computing

Volume

19

Issue

2

First Page

1064

Last Page

1077

ISSN

1545-5971

Identifier

10.1109/TDSC.2020.3001557

Publisher

Institute of Electrical and Electronics Engineers (IEEE)

Citation

XU, Shengmin; NING, Jianting; LI, Yingjiu; ZHANG, Yinghui; XU, Guowen; HUANG, Xinyi; and DENG, Robert H.. Match in my way: Fine-grained bilateral access control for secure cloud-fog computing. (2022). IEEE Transactions on Dependable and Secure Computing. 19, (2), 1064-1077.
Available at: https://ink.library.smu.edu.sg/sis_research/5176

Copyright Owner and License

Authors

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

https://doi.org/10.1109/TDSC.2020.3001557