Skip to main content
SpringerLink
Log in

SHARE-ABE: an efficient and secure data sharing framework based on ciphertext-policy attribute-based encryption and Fog computing

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

Attribute-based encryption (ABE) is an access control mechanism that ensures efficient data sharing among dynamic groups of users by setting up access structures indicating who can access what. However, ABE suffers from expensive computation and privacy issues in resource-constrained environments such as IoT devices. In this paper, we present SHARE-ABE, a novel collaborative approach for preserving privacy that is built on top of Ciphertext-Policy Attribute-Based Encryption (CP-ABE). Our approach uses Fog computing to outsource the most laborious decryption operations to Fog nodes. The latter collaborate to partially decrypt the data using an original and efficient chained architecture. Additionally, our approach preserves the privacy of the access policy by introducing false attributes. Furthermore, we introduce a new construction of a collaboration attribute that allows users within the same group to combine their attributes while satisfying the access policy. Experiments and analyses of the security properties demonstrate that the proposed scheme is secure and efficient especially for resource-constrained IoT devices.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

References

  1. Sehgal, N., Bhatt, P., Acken, J.: Cloud Computing with Security: Concepts and Practices, vol. 01. Springer, Berlin (2020)

    Book  Google Scholar 

  2. Osanaiye, O., Chen, S., Yan, Z., Lu, R., Choo, K.R., Dlodlo, M.: From cloud to Fog computing: a review and a conceptual live VM migration framework. IEEE Access 5, 8284–8300 (2017)

    Article  Google Scholar 

  3. Zahmatkesh, H., Al-Turjman, F.: Fog computing for sustainable smart cities in the IoT era: caching techniques and enabling technologies—an overview. Sustain. Cities Soc. 59, 102139 (2020)

    Article  Google Scholar 

  4. Alli, A.A., Alam, M.M.: The Fog cloud of things: a survey on concepts, architecture, standards, tools, and applications. Internet Things 9, 100177 (2020)

    Article  Google Scholar 

  5. Jalali, F., Hinton, K., Ayre, R., Alpcan, T., Tucker, R.S.: Fog computing may help to save energy in cloud computing. IEEE J. Sel. Areas Commun. 34(5), 1728–1739 (2016)

    Article  Google Scholar 

  6. Bany, M.M., Taha, S.C., Ko, R.K.L.: Trusted tamper-evident data provenance. 2015 IEEE Trustcom/BigDataSE/ISPA 1, 646–653 (2015)

    Article  Google Scholar 

  7. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) Advances in Cryptology—EUROCRYPT 2005, pp. 457–473. Springer, Berlin (2005)

  8. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS ’06, pp. 89–98. Association for Computing Machinery, New York, NY, USA (2006)

  9. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. 2007 IEEE Symposium on Security and Privacy (SP ’07), pp. 321–334 (2007)

  10. Ning, J., Cao, Z., Dong, X., Liang, K., Ma, H., Wei, L.: Auditable \(\sigma \)-time outsourced attribute-based encryption for access control in cloud computing. IEEE Trans. Inf. Forens. Secur. 13, 94–105 (2018)

    Article  Google Scholar 

  11. Li, R., Shen, C., He, H., Xiwu, G., Zhiyong, X., Cheng-Zhong, X.: A lightweight secure data sharing scheme for mobile cloud computing. IEEE Trans. Cloud Comput. 6, 344–357 (2018)

    Article  Google Scholar 

  12. Yang, K., Jia, X.: Expressive, efficient, and revocable data access control for multi-authority cloud storage. IEEE Trans. Parallel Distrib. Syst. 25, 1735–1744 (2014)

    Article  Google Scholar 

  13. Li, J., Huang, X., Li, J., Chen, X., Xiang, Y.: Securely outsourcing attribute-based encryption with checkability. IEEE Trans. Parallel Distrib. Syst. 25, 2201–2210 (2014)

    Article  Google Scholar 

  14. Mao, X., Lai, J., Mei, Q., Chen, K., Weng, J.: Generic and efficient constructions of attribute-based encryption with verifiable outsourced decryption. IEEE Trans. Dependable Secure Comput. 13, 533–546 (2016)

    Article  Google Scholar 

  15. Fan, K., Wang, J., Wang, X., Li, H., Yang, Y.: A secure and verifiable outsourced access control scheme in Fog-cloud computing. Sensors 17, 1695 (2017)

    Article  Google Scholar 

  16. Saidi, A., Nouali, O., Amira, A.: Collaborative and fast decryption using Fog computing and a hidden access policy, vol. 11, pp. 57–71 (2019)

  17. Zuo, C., Shao, J., Wei, G., Xie, M., Ji, M.: CCA-secure ABE with outsourced decryption for Fog computing. Future Gener. Comput. Syst. 78, 730–738 (2018)

    Article  Google Scholar 

  18. Yeh, L., Chiang, P., Tsai, Y., Huang, J.: Cloud-based fine-grained health information access control framework for lightweightiot devices with dynamic auditing andattribute revocation. IEEE Trans. Cloud Comput. 6(2), 532–544 (2018)

    Article  Google Scholar 

  19. Li, Z., Li, W., Jin, Z., Zhang, H., Wen, Q.: An efficient ABE scheme with verifiable outsourced encryption and decryption. IEEE Access 7, 29023–29037 (2019)

    Article  Google Scholar 

  20. Fan, K., Liu, T., Zhang, K., Li, H., Yang, Y.: A secure and efficient outsourced computation on data sharing scheme for privacy computing. J. Parallel Distrib. Comput. 135, 169–176 (2020)

    Article  Google Scholar 

  21. Feng, C., Keping, Yu., Aloqaily, M., Alazab, M., Lv, Z., Mumtaz, S.: Attribute-based encryption with parallel outsourced decryption for edge intelligent IoV. IEEE Trans. Veh. Technol. 69, 13784–13795 (2020)

    Article  Google Scholar 

  22. Sabitha, S., Rajasree, M.S.: Multi-level on-demand access control for flexible data sharing in cloud. Clust. Comput. (2020)

  23. Yuanfei, T., Yang, G., Wang, J., Qingjian, S.: A secure, efficient and verifiable multimedia data sharing scheme in Fog networking system. Clust. Comput. 24(1), 225–247 (2021)

    Article  Google Scholar 

  24. Sethi, K., Pradhan, A., Bera, P.: PMTER-ABE: a practical multi-authority CP-ABE with traceability, revocation and outsourcing decryption for secure access control in cloud systems. Clust. Comput. (2021)

  25. Phuong, T.V.X., Yang, G., Susilo, W.: Hidden ciphertext policy attribute-based encryption under standard assumptions. IEEE Trans. Inf. Forens. Secur. 11, 35–45 (2016)

    Article  Google Scholar 

  26. Sun, L., Xu, C.: Hidden policy ciphertext-policy attribute based encryption with conjunctive keyword search. In: 2017 3rd IEEE International Conference on Computer and Communications (ICCC), pp. 1439–1443 (2017)

  27. Zhang, Y., Zheng, D., Deng, R.H.: Security and privacy in smart health: efficient policy-hiding attribute-based access control. IEEE Internet Things J. 5, 2130–2145 (2018)

    Article  Google Scholar 

  28. Belguith, S., Kaaniche, N., Laurent-Maknavicius, M., Jemai, A., Attia, R.: Phoabe: securely outsourcing multi-authority attribute based encryption with policy hidden for cloud assisted IoT. Comput. Netw. 133, 141–156 (2018)

    Article  Google Scholar 

  29. Wang, J., Lang, B.: An efficient and privacy preserving CP-ABE scheme for internet-based collaboration. CollaborateCom (2017)

  30. Abd El-Aziz, A.A.: An extended data protection model based on cipher-text-policy attribute based encryption model and an XACML framework in cloud computing. Int. J. Adv. Sci. Technol. 28(16), 1021–1033 (2019)

    Google Scholar 

  31. Zhao, Y., Zhang, X., Xie, X., Ding, Y., Kumar, S.: A verifiable hidden policy CP-ABE with decryption testing scheme and its application in vanet. Trans. Emerg. Telecommun. Technol. (2019)

  32. Li, M., Huang, X., Liu, J.K., Li, X.: GO-ABE: group-oriented attribute-based encryption. In: Man Ho, A., Carminati, B., Jay Kuo, C.-C. (eds.) Netw. Syst. Secur., pp. 260–270. Springer, Cham (2014)

    Chapter  Google Scholar 

  33. Xue, Y., Xue, K., Gai, N., Hong, J., Wei, D.S.L., Hong, P.: An attribute-based controlled collaborative access control scheme for public cloud storage. IEEE Trans. Inf. Forens. Secur. 14, 2927–2942 (2019)

    Article  Google Scholar 

  34. Chen, N., Li, J., Zhang, Y., Guo, Y.: Efficient CP-ABE scheme with shared decryption in cloud storage. IEEE Trans. Comput. https://doi.org/10.1109/TC.2020.3043950 (2020)

    Article  Google Scholar 

  35. Yang, K., Jia, X.: Attributed-based access control for multi-authority systems in cloud storage. In: 2012 IEEE 32nd International Conference on Distributed Computing Systems, 2012, pp. 536–545. https://doi.org/10.1109/ICDCS.2012.42

  36. Nishide, T., Yoneyama, K., Ohta, K.: Attribute-based encryption with partially hidden encryptor-specified access structures. In Bellovin, S.M., Gennaro, R., Keromytis, A., Yung, M. (eds.) Applied Cryptography and Network Security, pp. 111–129. Springer, Berlin (2008)

  37. Lai, J., Deng, R.H., Li, Y.: Fully secure cipertext-policy hiding CP-ABE. In Bao, F., Weng, J. (eds.) Information Security Practice and Experience, pp. 24–39. Springer, Berlin (2011)

  38. Lee, J., Oh, S., Jang, J.W.: A work in progress: context based encryption scheme for internet of things. Procedia Comput. Sci. 56:271–275 (2015). The 10th International Conference on Future Networks and Communications (FNC 2015)/The 12th International Conference on Mobile Systems and Pervasive Computing (MobiSPC 2015) Affiliated Workshops

  39. Bloom, B.H.: Space/time trade-offs in hash coding with allowable errors. Commun. ACM 13, 422–426 (1970)

    Article  Google Scholar 

  40. Akinyele, J.A., Garman, C., Miers, I., Pagano, M.W., Rushanan, M., Green, M., Rubin, A.D.: Charm: a framework for rapidly prototyping cryptosystems. J. Cryptogr. Eng. 3, 111–128 (2013)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Research Center for Scientific and Technical Information (CERIST), 16000, Algiers, Algeria

    Ahmed Saidi, Omar Nouali & Abdelouahab Amira

  2. Departement Informatique, Faculte des Sciences Exactes, Universite de Bejaia, 06000, Bejaia, Algeria

    Ahmed Saidi & Abdelouahab Amira

Authors
  1. Ahmed Saidi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Omar Nouali
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Abdelouahab Amira
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ahmed Saidi.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Saidi, A., Nouali, O. & Amira, A. SHARE-ABE: an efficient and secure data sharing framework based on ciphertext-policy attribute-based encryption and Fog computing. Cluster Comput 25, 167–185 (2022). https://doi.org/10.1007/s10586-021-03382-5

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-021-03382-5

Keywords

Search

Navigation