Towards leakage-resilient fine-grained access control in fog computing

Future Generation Computer Systems

Volumn 78, Issue , 2018, Pages 763-777

  Yu, Zuoxia ^a   Au, Man Ho ^a   Xu, Qiuliang ^b   Yang, Rupeng ^b   Han, Jinguang ^c,d  

^a HONG KONG POLYTECHNIC UNIVERSITY   (Hong Kong)

^b SHANDONG UNIVERSITY   (China)

^c NANJING UNIVERSITY OF FINANCE AND ECONOMICS   (China)

^d University of Chinese Academy of Sciences   (China)

Author keywords

Dual system methodology; Fog computing; Functional encryption; Leakage Resilient Cryptography; Pair encoding

Indexed keywords

CRYPTOGRAPHY; ENCODING (SYMBOLS); FOG; SIDE CHANNEL ATTACK; SMART CITY;

ATTRIBUTE-BASED ENCRYPTIONS; COMMUNICATION COST; CRYPTOGRAPHIC PRIMITIVES; DESIGN AND ANALYSIS; DUAL SYSTEM; FUNCTIONAL ENCRYPTIONS; GENERIC FRAMEWORKS; LEAKAGE-RESILIENT CRYPTOGRAPHIES;

ACCESS CONTROL;

EID: 85011802339     PISSN: 0167739X     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.future.2017.01.025     Document Type: Article

References (83)

1. Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., et al. A view of cloud computing. Commun. ACM 53:4 (2010), 50–58.
2. Foster, I., Zhao, Y., Raicu, I., Lu, S., Cloud computing and grid computing 360-degree compared. Grid Computing Environments Workshop, 2008, GCE’08, 2008, IEEE, 1–10.
3. Zhang, Q., Cheng, L., Boutaba, R., Cloud computing: state-of-the-art and research challenges. J. Internet Serv. Appl. 1:1 (2010), 7–18.
4. Choo, K.-K.R., Domingo-Ferrer, J., Zhang, L., Cloud cryptography: Theory, practice and future research directions. Future Gener. Comput. Syst. 62 (2016), 51–53.
5. Yang, Y., Zhu, H., Lu, H., Weng, J., Zhang, Y., Choo, K.-K.R., Cloud based data sharing with fine-grained proxy re-encryption. Pervasive Mob. Comput. 28 (2016), 122–134.
6. Yang, Y., Liu, J.K., Liang, K., Choo, K.-K.R., Zhou, J., Extended proxy-assisted approach: achieving revocable fine-grained encryption of cloud data. European Symposium on Research in Computer Security, 2015, Springer, 146–166.
7. Tep, K.S., Martini, B., Hunt, R., Choo, K.-K.R., A taxonomy of cloud attack consequences and mitigation strategies: The role of access control and privileged access management. Trustcom/BigDataSE/ISPA, 2015 IEEE, Vol. 1, 2015, IEEE, 1073–1080.
8. Ren, W., Liu, R., Lei, M., Choo, K.-K.R., Segoac: A tree-based model for self-defined, proxy-enabled and group-oriented access control in mobile cloud computing. Comput. Stand. Interfaces, 2016.
9. Ashton, K., That ‘internet of things’ thing. RFiD J. 22:7 (2009), 97–114.
10. Atzori, L., Iera, A., Morabito, G., The Internet of things: A survey. Comput. Netw. 54:15 (2010), 2787–2805.
11. F. Bonomi, Connected vehicles, the Internet of things, and fog computing, in: The Eighth ACM International Workshop on Vehicular Inter-Networking (VANET), Las Vegas, USA, 2011, pp. 13–15.
12. Bonomi, F., Milito, R., Zhu, J., Addepalli, S., Fog computing and its role in the Internet of things. Proceedings of the First Edition of the MCC Workshop on Mobile Cloud Computing, 2012, ACM, 13–16.
13. Farhangi, H., The path of the smart grid. IEEE Power Energy Mag. 8:1 (2010), 18–28.
14. Amin, S.M., Wollenberg, B.F., Toward a smart grid: power delivery for the 21st century. IEEE Power Energy Mag. 3:5 (2005), 34–41.
15. Ahmad, M., Amin, M.B., Hussain, S., Kang, B.H., Cheong, T., Lee, S., Health fog: a novel framework for health and wellness applications. J. Supercomput., 2016, 1–19.
16. Rahmani, A.-M., Thanigaivelan, N.K., Gia, T.N., Granados, J., Negash, B., Liljeberg, P., Tenhunen, H., Smart e-health gateway: Bringing intelligence to Internet-of-things based ubiquitous healthcare systems. Consumer Communications and Networking Conference (CCNC), 2015 12th Annual IEEE, 2015, IEEE, 826–834.
17. Cao, Y., Hou, P., Brown, D., Wang, J., Chen, S., Distributed analytics and edge intelligence: Pervasive health monitoring at the era of fog computing. Proceedings of the 2015 Workshop on Mobile Big Data, 2015, ACM, 43–48.
18. Kandukuri, B.R., Rakshit, A., et al. Cloud security issues. IEEE International Conference on Services Computing, 2009, SCC’09, 2009, IEEE, 517–520.
19. Ramgovind, S., Eloff, M.M., Smith, E., The management of security in cloud computing. 2010 Information Security for South Africa, 2010, IEEE, 1–7.
20. Chen, D., Zhao, H., Data security and privacy protection issues in cloud computing. 2012 International Conference on Computer Science and Electronics Engineering, Vol. 1, (ICCSEE), 2012, IEEE, 647–651.
21. Rong, C., Nguyen, S.T., Jaatun, M.G., Beyond lightning: A survey on security challenges in cloud computing. Comput. Electr. Eng. 39:1 (2013), 47–54.
22. Samarati, P., di Vimercati, S.D.C., Cloud Security: Issues and Concerns. 2016, Wiley, New York.
23. Jing, Q., Vasilakos, A.V., Wan, J., Lu, J., Qiu, D., Security of the Internet of things: Perspectives and challenges. Wirel. Netw. 20:8 (2014), 2481–2501.
24. Roman, R., Zhou, J., Lopez, J., On the features and challenges of security and privacy in distributed Internet of things. Comput. Netw. 57:10 (2013), 2266–2279.
25. Da Xu, L., He, W., Li, S., Internet of things in industries: A survey. IEEE Trans. Ind. Inf. 10:4 (2014), 2233–2243.
26. Kumar, S.A., Vealey, T., Srivastava, H., Security in Internet of things: Challenges, solutions and future directions. 2016 49th Hawaii International Conference on System Sciences, (HICSS), 2016, IEEE, 5772–5781.
27. Quick, D., Martini, B., Choo, R., Cloud Storage Forensics. 2013, Syngress.
28. Ab Rahman, N.H., Cahyani, N.D.W., Choo, K.-K.R., Cloud incident handling and forensic-by-design: cloud storage as a case study. Concurr. Comput.: Pract. Exper., 2016.
29. Cahyani, N.D.W., Martini, B., Choo, K.-K.R., Al-Azhar, A., Forensic data acquisition from cloud-of-things devices: windows smartphones as a case study. Concurr. Comput.: Pract. Exper., 2016.
30. Leom, M.D., Choo, K.-K.R., Hunt, R., Remote wiping and secure deletion on mobile devices: a review. J. Forensic Sci., 2016.
31. Do, Q., Martini, B., Choo, K.-K.R., A cloud-focused mobile forensics methodology. IEEE Cloud Comput. 2:4 (2015), 60–65.
32. Martini, B., Choo, K.-K.R., Distributed filesystem forensics: Xtreemfs as a case study. Digit. Investig. 11:4 (2014), 295–313.
33. Martini, B., Choo, K.-K.R., Remote programmatic vcloud forensics: a six-step collection process and a proof of concept. 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications, 2014, IEEE, 935–942.
34. C.J. DOrazio, K.-K.R. Choo, L.T. Yang, Data exfiltration from Internet of things devices: ios devices as case studies.
35. Martini, B., Choo, K.-K.R., Cloud storage forensics: owncloud as a case study. Digit. Investig. 10:4 (2013), 287–299.
36. Martini, B., Choo, K.-K.R., An integrated conceptual digital forensic framework for cloud computing. Digit. Investig. 9:2 (2012), 71–80.
37. Quick, D., Choo, K.-K.R., Impacts of increasing volume of digital forensic data: A survey and future research challenges. Digit. Investig. 11:4 (2014), 273–294.
38. Quick, D., Choo, K.-K.R., Google drive: forensic analysis of data remnants. J. Netw. Comput. Appl. 40 (2014), 179–193.
39. Quick, D., Choo, K.-K.R., Dropbox analysis: Data remnants on user machines. Digit. Investig. 10:1 (2013), 3–18.
40. Quick, D., Choo, K.-K.R., Forensic collection of cloud storage data: Does the act of collection result in changes to the data or its metadata?. Digit. Investig. 10:3 (2013), 266–277.
41. Quick, D., Choo, K.-K.R., Digital droplets: Microsoft skydrive forensic data remnants. Future Gener. Comput. Syst. 29:6 (2013), 1378–1394.
42. Yi, S., Qin, Z., Li, Q., Security and privacy issues of fog computing: A survey. Wireless Algorithms, Systems, and Applications, 2015, Springer, 685–695.
43. Gia, T.N., Jiang, M., Rahmani, A.-M., Westerlund, T., Liljeberg, P., Tenhunen, H., Fog computing in healthcare Internet of things: A case study on ecg feature extraction. 2015 IEEE International Conference on Computer and Information Technology; Ubiquitous Computing and Communications; Dependable, Autonomic and Secure Computing; Pervasive Intelligence and Computing, (CIT/IUCC/DASC/PICOM), 2015, IEEE, 356–363.
44. Li, M., Yu, S., Zheng, Y., Ren, K., Lou, W., Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24:1 (2013), 131–143.
45. Yu, S., Wang, C., Ren, K., Lou, W., Achieving secure, scalable, and fine-grained data access control in cloud computing. Infocom, 2010 proceedings IEEE, 2010, IEEE, 1–9.
46. Yuen, T.H., Zhang, Y., Yiu, S.M., Liu, J.K., Identity-based encryption with post-challenge auxiliary inputs for secure cloud applications and sensor networks. European Symposium on Research in Computer Security, 2014, Springer, 130–147.
47. Yuen, T.H., Liu, J.K., Au, M.H., Huang, X., Susilo, W., Zhou, J., -times attribute-based anonymous access control for cloud computing. IEEE Trans. Comput. 64:9 (2015), 2595–2608.
48. Kocher, P.C., Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. Annual International Cryptology Conference, 1996, Springer, 104–113.
49. Kocher, P., Jaffe, J., Jun, B., Differential power analysis. Annual International Cryptology Conference, 1999, Springer, 388–397.
50. Halderman, J.A., Schoen, S.D., Heninger, N., Clarkson, W., Paul, W., Calandrino, J.A., Feldman, A.J., Appelbaum, J., Felten, E.W., Lest we remember: cold-boot attacks on encryption keys. Commun. ACM 52:5 (2009), 91–98.
51. Brakerski, Z., Kalai, Y.T., Katz, J., Vaikuntanathan, V., Overcoming the hole in the bucket: Public-key cryptography resilient to continual memory leakage. 2010 51st Annual IEEE Symposium on Foundations of Computer Science, (FOCS), 2010, IEEE, 501–510.
52. Dodis, Y., Haralambiev, K., López-Alt, A., Wichs, D., Cryptography against continuous memory attacks. 2010 51st Annual IEEE Symposium on Foundations of Computer Science, (FOCS), 2010, IEEE, 511–520.
53. Malkin, T., Teranishi, I., Vahlis, Y., Yung, M., Signatures resilient to continual leakage on memory and computation. Theory of Cryptography, 2011, Springer, 89–106.
54. Dodis, Y., Lewko, A., Waters, B., Wichs, D., Storing secrets on continually leaky devices. 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science, (FOCS), 2011, IEEE, 688–697.
55. Yang, R., Xu, Q., Zhou, Y., Zhang, R., Hu, C., Yu, Z., Updatable hash proof system and its applications. Computer Security–ESORICS 2015, 2015, Springer, 266–285.
56. Yuen, T.H., Chow, S.S., Zhang, Y., Yiu, S.M., Identity-based encryption resilient to continual auxiliary leakage. Advances in Cryptology–EUROCRYPT 2012, 2012, Springer, 117–134.
57. Lewko, A., Rouselakis, Y., Waters, B., Achieving leakage resilience through dual system encryption. Theory of Cryptography, 2011, Springer, 70–88.
58. Boyle, E., Goldwasser, S., Jain, A., Kalai, Y.T., Multiparty computation secure against continual memory leakage. Proceedings of the Forty-Fourth Annual ACM Symposium on Theory of Computing, 2012, ACM, 1235–1254.
59. Attrapadung, N., Dual system encryption via doubly selective security: Framework, fully secure functional encryption for regular languages, and more. Advances in Cryptology–EUROCRYPT 2014, 2014, Springer, 557–577.
60. Shamir, A., Identity-based cryptosystems and signature schemes. Advances in Cryptology, 1984, Springer, 47–53.
61. Boneh, D., Franklin, M., Identity-based encryption from the weil pairing. Annual International Cryptology Conference, 2001, Springer, 213–229.
62. Boneh, D., Boyen, X., Efficient selective-id secure identity-based encryption without random oracles. Advances in Cryptology-EUROCRYPT 2004, 2004, Springer, 223–238.
63. Boneh, D., Boyen, X., Secure identity based encryption without random oracles. Advances in Cryptology–Crypto 2004, 2004, Springer, 443–459.
64. Boneh, D., Boyen, X., Goh, E.-J., Hierarchical identity based encryption with constant size ciphertext. Advances in Cryptology–EUROCRYPT 2005, 2005, Springer, 440–456.
65. Goyal, V., Pandey, O., Sahai, A., Waters, B., Attribute-based encryption for fine-grained access control of encrypted data. Proceedings of the 13th ACM Conference on Computer and Communications Security, 2006, ACM, 89–98.
66. Sahai, A., Waters, B., Fuzzy identity-based encryption. Advances in Cryptology–EUROCRYPT 2005, 2005, Springer, 457–473.
67. Waters, B., Dual system encryption: Realizing fully secure ibe and hibe under simple assumptions. Advances in Cryptology-CRYPTO 2009, 2009, Springer, 619–636.
68. Lewko, A., Waters, B., New techniques for dual system encryption and fully secure hibe with short ciphertexts. Theory of Cryptography, 2010, Springer, 455–479.
69. Lewko, A., Waters, B., Unbounded hibe and attribute-based encryption. Advances in Cryptology–EUROCRYPT 2011, 2011, Springer, 547–567.
70. Lewko, A., Okamoto, T., Sahai, A., Takashima, K., Waters, B., Fully secure functional encryption: Attribute-based encryption and (hierarchical) inner product encryption. Advances in Cryptology–EUROCRYPT 2010, 2010, Springer, 62–91.
71. Okamoto, T., Takashima, K., Fully secure functional encryption with general relations from the decisional linear assumption. Advances in Cryptology–CRYPTO 2010, 2010, Springer, 191–208.
72. Attrapadung, N., Libert, B., Functional encryption for inner product: Achieving constant-size ciphertexts with adaptive security or support for negation. Public Key Cryptography–PKC 2010, 2010, Springer, 384–402.
73. Okamoto, T., Takashima, K., Adaptively attribute-hiding (hierarchical) inner product encryption. Advances in Cryptology–EUROCRYPT 2012, 2012, Springer, 591–608.
74. Lewko, A., Tools for simulating features of composite order bilinear groups in the prime order setting. Advances in Cryptology–EUROCRYPT 2012, 2012, Springer, 318–335.
75. Wee, H., Dual system encryption via predicate encodings. Theory of Cryptography, 2014, Springer, 616–637.
76. N. Attrapadung, Dual system encryption framework in prime-order groups. IACR Cryptology ePrint Archive, 2015:390, 2015.
77. Chen, J., Gay, R., Wee, H., Improved dual system abe in prime-order groups via predicate encodings. Advances in Cryptology-EUROCRYPT 2015, 2015, Springer, 595–624.
78. Yu, Z., Au, M.H., Xu, Q., Yang, R., Han, J., Leakage-resilient functional encryption via pair encodings. Australasian Conference on Information Security and Privacy, 2016, Springer, 443–460.
79. Boneh, D., Goh, E.-J., Nissim, K., Evaluating 2-dnf formulas on ciphertexts. Theory of Cryptography, 2005, Springer, 325–341.
80. Waters, B., Functional encryption for regular languages. Advances in Cryptology–CRYPTO 2012, 2012, Springer, 218–235.
81. Rouselakis, Y., Waters, B., Practical constructions and new proof methods for large universe attribute-based encryption. Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, 2013, ACM, 463–474.
82. Attrapadung, N., Libert, B., De Panafieu, E., Expressive key-policy attribute-based encryption with constant-size ciphertexts. Public Key Cryptography–PKC 2011, 2011, Springer, 90–108.
83. Hamburg, M., Spatial Encryption. (Ph.D. thesis), 2011, Stanford University.