Abstract
Access control and authentication are two aspects of cyber-physical systems that improve their usability, security and accessibility. Along with these aspects, data privacy and security are also considered when designing highly efficient and secure data and control sharing models for cloud-based deployments. Existing methods that combine these models are highly complex or do not provide comprehensive security when tested under real-time attack scenarios. Most of these models are also non-reconfigurable, limiting their scalability when used for large-scale deployments. Hence, a novel Bioinspired Fully Homomorphic Encryption Model with Recursive Revokable Selective Access Control for Attribute-Based Privacy Preservation is discussed in this text. The proposed Model initially uses a GWO Model for continuous performance tuning of Fully Homomorphic Encryption (FHE) blocks, which assists in scaling it for different cloud deployments. The GWO Method models a fitness function that considers encryption strength and speed and maximizes them to generate highly secure and optimized FHE configurations. Due to the use of optimized FHE (oFHE), the deployment can share unprocessed data with trusted and non-trusted third parties for processing and visualization purposes. The oFHE Model is cascaded with a recursive and revokable access control model that assists in incorporating fine-grained control over different ownership-based cloud entities. This Model allows users to send ownership requests for multiple entities, which entity owners can actuate on a per-entity basis. Furthermore, requesting users cannot preview entity-level contents without owners’ consent, making the Model highly secure under real-time attack scenarios. The Model also uses header-level checks to mitigate flooding, masquerading, and Sybil attacks, making it secure under internal and attack scenarios. The header-level checking is done based on the user’s previous access patterns, which allows the Model to pre-empt any outlier requests that might be sent by the user and mitigates them based on access pattern types.
Similar content being viewed by others
Data Availability
The dataset can be provided on request.
References
Saini A, Zhu Q, Singh N, Xiang Y, Gao L, Zhang Y (2021) A smart-contract-based access control framework for cloud smart healthcare system. IEEE Internet Things J 8(7):5914–5925. https://doi.org/10.1109/JIOT.2020.3032997
Zhang W, Lin Y, Wu J, Zhou T (2021) Inference attack-resistant e-healthcare cloud system with fine-grained access control. IEEE Trans Serv Comput 14(1):167–178. https://doi.org/10.1109/TSC.2018.2790943
Xu S, Ning J, Huang X, Zhou J, Deng RH (2021) Server-aided bilateral access control for secure data sharing with dynamic user groups. IEEE Trans Inf Forensics Secur 16:4746–4761. https://doi.org/10.1109/TIFS.2021.3113516
Susilo W, Jiang P, Lai J, Guo F, Yang G, Deng RH (2022) Sanitizable access control system for secure cloud storage against malicious data publishers. IEEE Trans Depend Secure Comput 19(3):2138–2148. https://doi.org/10.1109/TDSC.2021.3058132
Yang R, Lu J, Shao X, Tang Ghorbani AA (2022) Achieving Efficient Secure Deduplication With User-Defined Access Control in Cloud. IEEE Trans Depend Secure Comput 19(1):591–606. https://doi.org/10.1109/TDSC.2020.2987793
Son S, Lee J, Kim M, Yu S, Das AK, Park Y (2020) Design of secure authentication protocol for cloud-assisted telecare medical information system using blockchain. IEEE Access 8:192177–192191. https://doi.org/10.1109/ACCESS.2020.3032680
Hou Y, Garg S, Hui L, Jayakody DNK, Jin R, Hossain MS (2020) A data security enhanced access control mechanism in mobile edge computing. IEEE Access 8:136119–136130. https://doi.org/10.1109/ACCESS.2020.3011477
Li P, Zhao Y-B, Kang Y (2022) Integrated channel-aware scheduling and packet-based predictive control for wireless cloud control systems. IEEE Trans Cybern 52(5):2735–2749. https://doi.org/10.1109/TCYB.2020.3019179
Ghazal R, Malik AK, Qadeer N, Raza B, Shahid AR, Alquhayz H (2020) Intelligent role-based access control model and framework using semantic business roles in multi-domain environments. IEEE Access 8:12253–12267. https://doi.org/10.1109/ACCESS.2020.2965333
Liu L, Wang H, Zhang Y (2020) Secure IoT data outsourcing with aggregate statistics and fine-grained access control. IEEE Access 8:95057–95067. https://doi.org/10.1109/ACCESS.2019.2961413
Fugkeaw S (2021) A fine-grained and lightweight data access control model for mobile cloud computing. IEEE Access 9:836–848. https://doi.org/10.1109/ACCESS.2020.3046869
Yang C, Tan L, Shi N, Xu B, Cao Y, Yu K (2020) AuthPrivacyChain: a blockchain-based access control framework with privacy protection in cloud. IEEE Access 8:70604–70615. https://doi.org/10.1109/ACCESS.2020.2985762
Chaudhry SA, Yahya K, Al-Turjman F, Yang M-H (2020) A secure and reliable device access control scheme for IoT based sensor cloud systems. IEEE Access 8:139244–139254. https://doi.org/10.1109/ACCESS.2020.3012121
Ahuja R, Mohanty SK (2020) A scalable attribute-based access control scheme with flexible delegation cum sharing of access privileges for cloud storage. IEEE Trans Cloud Comput 8(1):32–44. https://doi.org/10.1109/TCC.2017.2751471
Bakas A, Dang H-V, Michalas A, Zalitko A (2020) The cloud we share: access control on symmetrically encrypted data in untrusted clouds. IEEE Access 8:210462–210477. https://doi.org/10.1109/ACCESS.2020.3038838
Ra G, Kim D, Seo D, Lee I (2021) A federated framework for fine-grained cloud access control for intelligent big data analytic by service providers. IEEE Access 9:47084–47095. https://doi.org/10.1109/ACCESS.2021.3067958
Gao L, Yan Z, Yang LT (2020) Game theoretical analysis on acceptance of a cloud data access control system based on reputation. IEEE Trans Cloud Comput 8(4):1003–1017. https://doi.org/10.1109/TCC.2016.2632110
Guan S, Niu S (2021) Stability-based controller design of cloud control system with uncertainties. IEEE Access 9:29056–29070. https://doi.org/10.1109/ACCESS.2021.3059766
Celiktas B, Celikbilek I, Ozdemir E (2021) A higher-level security scheme for key access on cloud computing. IEEE Access 9:107347–107359. https://doi.org/10.1109/ACCESS.2021.3101048
Zhang Z, Yang Z, Du X, Li W, Chen X, Sun L (2021) Tenant-led ciphertext information flow control for cloud virtual machines. IEEE Access 9:15156–15169. https://doi.org/10.1109/ACCESS.2021.3051061
Zhao J, Zeng P, Choo K-KR (2021) An efficient access control scheme with outsourcing and attribute revocation for fog-enabled e-health. IEEE Access 9:13789–13799. https://doi.org/10.1109/ACCESS.2021.3052247
Verginadis Y et al (2022) Context-aware policy enforcement for paas-enabled access control. IEEE Trans Cloud Comput 10(1):276–291. https://doi.org/10.1109/TCC.2019.2927341
Xiong S, Ni Q, Wang L, Wang Q (2020) SEM-ACSIT: secure and efficient multiauthority access control for IoT cloud storage. IEEE Internet Things J 7(4):2914–2927. https://doi.org/10.1109/JIOT.2020.2963899
Cui J, Li B, Zhong H, Min G, Xu Y, Liu L (2022) A practical and efficient bidirectional access control scheme for cloud-edge data sharing. IEEE Trans Parallel Distrib Syst 33(2):476–488. https://doi.org/10.1109/TPDS.2021.3094126
Ning J, Cao Z, Dong X, Liang K, Wei L, Choo K-KR (2021) CryptCloud\(^+\)+: secure and expressive data access control for cloud storage. IEEE Trans Serv Comput 14(1):111–124. https://doi.org/10.1109/TSC.2018.2791538
Edemacu K, Jang B, Kim JW (2020) Efficient and expressive access control with revocation for privacy of PHR based on OBDD access structure. IEEE Access 8:18546–18557. https://doi.org/10.1109/ACCESS.2020.2968078
Huang K (2021) Secure efficient revocable large universe multi-authority attribute-based encryption for cloud-aided IoT. IEEE Access 9:53576–53588. https://doi.org/10.1109/ACCESS.2021.3070907
Qi S, Lu Y, Wei W, Chen X (2021) Efficient data access control with fine-grained data protection in cloud-assisted IIoT. IEEE Internet Things J 8(4):2886–2899. https://doi.org/10.1109/JIOT.2020.3020979
Guo L, Yang X, Yau W-C (2021) TABE-DAC: efficient traceable attribute-based encryption scheme with dynamic access control based on blockchain. IEEE Access 9:8479–8490. https://doi.org/10.1109/ACCESS.2021.3049549
Gholipoor N, Parsaeefard S, Javan MR, Mokari N, Saeedi H, Pishro-Nik H (2020) Resource management and admission control for tactile internet in next generation of radio access network. IEEE Access 8:136261–136277. https://doi.org/10.1109/ACCESS.2020.3011466
Li J, Chen N, Zhang Y (2021) Extended file hierarchy access control scheme with attribute-based encryption in cloud computing. IEEE Trans Emerg Top Comput 9(2):983–993. https://doi.org/10.1109/TETC.2019.2904637
Ma H, Zhang R, Sun S, Song Z, Tan G (2022) Server-aided fine-grained access control mechanism with robust revocation in cloud computing. IEEE Trans Serv Comput 15(1):164–173. https://doi.org/10.1109/TSC.2019.2925028
Lee J-B, Yoo T-H, Lee E-H, Hwang B-H, Ahn S-W, Cho C-H (2021) High-performance software load balancer for cloud-native architecture. IEEE Access 9:123704–123716. https://doi.org/10.1109/ACCESS.2021.3108801
Huang H, Tu Q, Jiang C, Pan M (2020) Nonsingular terminal sliding mode control based on sensor-cloud system for permanent magnet in-wheel motor. IEEE Access 8:140399–140410. https://doi.org/10.1109/ACCESS.2020.3011922
Alshammari ST, Alsubhi K, Aljahdali HMA, Alghamdi AM (2021) Trust management systems in cloud services environment: taxonomy of reputation attacks and defense mechanisms. IEEE Access 9:161488–161506. https://doi.org/10.1109/ACCESS.2021.3132580
Wang H, He D, Han J (2020) VOD-ADAC: anonymous distributed fine-grained access control protocol with verifiable outsourced decryption in public cloud. IEEE Trans Serv Comput 13(3):572–583. https://doi.org/10.1109/TSC.2017.2687459
De SJ, Ruj S (2020) Efficient decentralized attribute based access control for mobile clouds. IEEE Trans Cloud Comput 8(1):124–137. https://doi.org/10.1109/TCC.2017.2754255
Xue K, Gai N, Hong J, Wei DSL, Hong P, Yu N (2022) Efficient and secure attribute-based access control with identical sub-policies frequently used in cloud storage. IEEE Trans Depend Secure Comput 19(1):635–646. https://doi.org/10.1109/TDSC.2020.2987903
Hong J et al (2020) TAFC: time and attribute factors combined access control for time-sensitive data in public cloud. IEEE Trans Serv Comput 13(1):158–171. https://doi.org/10.1109/TSC.2017.2682090
Ghaffar Z, Ahmed S, Mahmood K, Islam SH, Hassan MM, Fortino G (2020) An improved authentication scheme for remote data access and sharing over cloud storage in cyber-physical-social-systems. IEEE Access 8:47144–47160. https://doi.org/10.1109/ACCESS.2020.2977264
Edemacu K, Jang B, Kim JW (2020) Collaborative Ehealth privacy and security: an access control with attribute revocation based on OBDD access structure. IEEE J Biomed Health Inform 24(10):2960–2972. https://doi.org/10.1109/JBHI.2020.2973713
Xu R, Joshi J, Krishnamurthy P (2021) An integrated privacy preserving attribute-based access control framework supporting secure deduplication. IEEE Trans Depend Secure Comput 18(2):706–721. https://doi.org/10.1109/TDSC.2019.2946073
Kaur S, Bagga P, Hans R et al (2019) Quality of service (QoS) aware workflow scheduling (WFS) in cloud computing: a systematic review. Arab J Sci Eng 44:2867–2897. https://doi.org/10.1007/s13369-018-3614-3
Shaaban K, Khan MA, Hamila R et al (2019) A strategy for emergency vehicle preemption and route selection. Arab J Sci Eng 44:8905–8913. https://doi.org/10.1007/s13369-019-03913-8
Revanna JKC, Al-Nakash NYB (2023) Metaheuristic link prediction (MLP) using AI based ACO-GA optimization model for solving vehicle routing problem. Int J Inf Technol. https://doi.org/10.1007/s41870-023-01378-5
Kumar J, Yannam VR, Prajapati H et al (2023) Improve the recommendation using hybrid tendency and user trust. Int J Inf Technol. https://doi.org/10.1007/s41870-023-01377-6
Nagarajan B, Ananth C, Mohananthini N (2023) Blockchain-based smart and secured scheme for question sharing using bee colony optimization based quantum logistic map encryption. Int J Inf Technol. https://doi.org/10.1007/s41870-023-01333-4
Wasson V, Kaur B (2023) Grey wolf optimizer based IQA of mixed and multiple distorted images. Int J Inf Technol 15:2707–2717. https://doi.org/10.1007/s41870-023-01326-3
Singh A, Tiwari V, Tentu AN (2023) Authenticated key agreement scheme for IoT networks exploiting lightweight linear algebraic computations. Int J Inf Technol 15:1803–1811. https://doi.org/10.1007/s41870-023-01202-0
Acknowledgements
Not Applicable
Funding
This research received no specific grant from any funding agency in the public, commercial, or not-for-profit sectors.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest of potential conflicts of interest
The authors declare that there is no potential conflicts of interest
Research involving human participants and/or animals
The authors declare that there is no Human/animals involvement in the development of research
Informed consent
Not applicable
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Patel, N.J., Jadhav, A. Bioinspired FHE model with recursive revokable selective access control for attribute-based privacy preservation. Int. j. inf. tecnol. 16, 1769–1781 (2024). https://doi.org/10.1007/s41870-023-01548-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s41870-023-01548-5