Skip to main content
SpringerLink
Log in

A fine-grained and lightweight data access control scheme for WSN-integrated cloud computing

  • Published:
Cluster Computing Aims and scope Submit manuscript

Abstract

WSN-integrated cloud computing (WCC) has become a promising cloud service architecture, in which sensors and mobile devices are utilized as the data collecting and processing nodes for the cloud service model, while cloud servers can provide computing services and storage services with high performance and reliability. However, since cloud servers are not fully trusted, and sensors and mobile devices have very limited computing capability and storage capacity, WCC brings forth new challenges for data confidentiality, data integrity and access control when sensors store important data for sharing in the WCC environment. Moreover, there are still no proper solutions for fine-grained, efficient and secure data access control in WCC. To solve this issue, we propose a fine-grained and lightweight data access control scheme for WCC, namely FLAC, which includes a ciphertext-policy attribute-based encryption algorithm for data confidentiality and fine-grained data access control, and an attribute-based signature algorithm for data integrity and the many-read-many-write case of data access. By delegating most computation intensive tasks to cloud services, FLAC enables resource constrained sensors and mobile devices to perform security operations rapidly. The security assessment and performance evaluation demonstrate that FLAC is secure, highly efficient and well suited for WSN applications.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Le, X.H., Lee, S., Truc, P.T.H., Vinh, L.T.: Secured WSN-integrated cloud computing for u-life care. In: Proceedings of the 7th IEEE Conference on Consumer Communications and Networking Conference (CCNC’10), pp. 702-703. Las Vegas, Nevada, USA, 9–12 January 2010

  2. Sanjit, K.D., Jyoti, P.S., Subasish, M., Sarada, P.P.: Sensor-cloud: assimilation of wireless sensor network and the cloud. In: Proceedings of International Conference on Computer Science and Information Technology (CCSIT’12), pp. 455–464. Bangalore, India, 2–4 January 2012

  3. Lounis, A., Hadjidj, A., Bouabdallah, A., Challal, Y.: Secure and scalable cloud-based architecture for e-health wireless sensor networks. In: Proceedings of the 21st International Conference on Computer Communications and Networks (ICCCN’12), pp. 1–7. Munich, Germany, July 30–August 2, 2012

  4. Zhu, H., Gao, L., Li, H.: Secure and privacy-preserving body sensor data collection and query scheme. Sensors 16, 179 (2016)

    Article  Google Scholar 

  5. Chen, D., Zhao, H.: Data security and privacy protection issues in cloud computing. In: Proceedings of International Conference on Computer Science and Electronics Engineering (ICCSEE’12), pp. 647–651. Hangzhou, China, 23–25 March 2012

  6. Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: Proceedings of the 29th IEEE International Conference on Computer Communications (INFOCOM’10), pp. 534–542. San Diego, CA, USA, 14–19 March 2010

  7. di Vimercati, S.D.C., Foresti, S., Jajodia, S., Paraboschi, S., Samarati, P.: Over-encryption: management of access control evolution on outsourced data. In: Proceedings of the 33rd International Conference on Very Large Data Bases (VLDB’07), pp. 123–134. Vienna, Austria, 23–28 September 2007

  8. Kallahalla, M., Riedel, E., Swaminathan, R., Wang, Q., Fu, K.: Scalable secure file sharing on untrusted storage. In: Proceedings of the 2nd USENIX Conference on File and Storage Technologies (FAST’03), pp. 29–42. San Francisco, CA, USA, 31–31 March 2003

  9. Ateniese, G., Fu, K., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur. 9, 1–30 (2006)

    Article  MATH  Google Scholar 

  10. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Proceedings of the 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT’05), pp. 457–473. Aarhus, Denmark, 22–26 May 2005

  11. Yu, S., Wang, C., Ren, K., Lou, W.: Attribute based data sharing with attribute revocation. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security (ASIACCS’10), pp. 261–270. Beijing, China, 13–16 April 2010

  12. Ye, J., Xu, Z., Ding, Y.: Secure outsourcing of modular exponentiations in cloud and cluster computing. Clust. Comput. 19(2), 811–820 (2016)

    Article  Google Scholar 

  13. He, H., Li, R., Dong, X., Zhang, Z.: Secure, efficient and fine-grained data access control mechanism for P2P storage cloud. IEEE Trans. Cloud Comput. 2, 471–484 (2014)

    Article  Google Scholar 

  14. Zhou, Z., Huang, D.: Efficient and secure data storage operations for mobile cloud computing. In: Proceedings of the 8th International Conference on Network and Service Management (CNSM’12), pp. 37–45. Las Vegas, Nevada, USA (2012)

  15. Zhao, F., Nishide, T., Sakurai, K.: Realizing fine-grained and flexible access control to outsourced data with attribute-based cryptosystems. In: Proceedings of the 7th International Conference on Information Security Practice and Experience (ISPEC’11), pp. 83–97. Guangzhou, China, May 30–June 01 2011

  16. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: Proceedings of the 2007 IEEE Symposium on Security and Privacy (SP’07), pp. 321–334. Oakland, California, USA, 20–23 May 2007

  17. Ibraimi, L., Tang, Q., Hartel, P., Jonker, W.: Efficient and provable secure ciphertext-policy attribute-based encryption schemes. In: Proceedings of the 5th International Conference on Information Security Practice and Experience (ISPEC’09), pp. 1–12. Xi’an, China, 13–15 April 2009

  18. Yang, Y., Xu, Z., Liu, L., Sun, G.: A security carving approach for AVI video based on frame size and index. Multimedia Tools Appl. 76(3), 3293–3312 (2017)

    Article  Google Scholar 

  19. Ibraimi, L., Petkovic, M., Nikova, S., Jonker, W.: Mediated ciphertext-policy attribute-based encryption and its application. In: Information Security Applications, pp. 309–323. Springer, Berlin (2009)

  20. Xu, Z., Liu, Y., Zhang, H., Luo, X., Mei, L., Hu, C.: Building the multi-modal storytelling of urban emergency events based on crowdsensing of social media analytics. MONET 22(2), 218–227 (2017)

    Google Scholar 

  21. Guo, F., Mu, Y., Susilo, W., Wong, D.S., Varadharajan, V.: CP-ABE with constant-size keys for lightweight devices. IEEE Trans. Inf. Forensics Secur. 9, 763–771 (2014)

    Article  Google Scholar 

  22. Yang, P., Cao, Z., Dong, X.: Fuzzy identity based signature. IACR Cryptol. ePrint Arch. 2008, 19–29 (2008)

    Google Scholar 

  23. Maji, H.K., Prabhakaran, M., Rosulek, M.: Attribute-based signatures. In: Proceedings of the 11th International Conference on Topics in Cryptology: CT-RSA 2011 (CT-RSA’11), pp. 376–392. San Francisco, CA, USA, 14–18 February 2011

  24. Ma, C., Shi, L., Wang, D.: An attribute-based signature with AT. J. Univ. Electron. Sci. Technolo. China 3, 410–414 (2013)

    MATH  Google Scholar 

  25. Okamoto, T., Takashima, K.: Efficient attribute-based signatures for non-monotone predicates in the standard model. In: Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography Conference on Public Key Cryptography (PKC’11), pp. 35–52. Taormina, Italy, 6–9 March 2011

  26. Escala, A., Herranz, J., Morillo, P.: Revocable attribute-based signatures with adaptive security in the standard model. In: Proceedings of the 4th International Conference on Cryptology in Africa (AFRICACRYPT 2011), pp. 224–241. Dakar, Senegal, 5–7 July 2011

  27. Herranz, J., Laguillaumie, F., Libert, B., Ràfols, C.: Short attribute-based signatures for threshold predicates. In: Proceedings of the 12th conference on Topics in Cryptology (CT-RSA’12), pp. 51–67. San Francisco, CA, USA, February 27–March 02 2012

  28. Gagné, M., Narayan, S., Safavi-Naini, R.: Short pairing-efficient threshold-attribute-based signature. In: Proceedings of the 5th International Conference on Pairing-Based Cryptography (Pairing’12), pp. 295–313. Cologne, Germany, 16–18 May 2012

  29. Shahandashti, S.F., Safavi-Naini, R.: Threshold attribute-based signatures and their application to anonymous credential systems. In: Proceedings of the 2nd International Conference on Cryptology in Africa: Progress in Cryptology (AFRICACRYPT’09), pp. 198–216. Gammarth, Tunisia, 21–25 June 2009

  30. Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology (CRYPTO’01), pp. 213–229. Santa Barbara, California, USA, 19–23 August 2001

  31. Shamir, A.: How to share a secret. Commun. ACM 22, 612–613 (1979)

    Article  MathSciNet  MATH  Google Scholar 

  32. Mell, P., Grance, T.: The NIST definition of cloud computing. NIST Special Publication 800–145: 1–7 (2011)

  33. De Caro, A., Iovino, V.: jPBC: Java pairing based cryptography. In: Proceedings of the 2011 IEEE Symposium on Computers and Communications (ISCC’11), pp. 850–855. Kerkyra, Greece, June 28–July 1 2011

  34. Liu, A., Ning, P.: TinyECC: A configurable library for elliptic curve cryptography in wireless sensor networks. In: Proceedings of the 7th international conference on Information processing in sensor networks (IPSN’08), pp. 245–256. St. Louis, Missouri, USA, 22–24 April 2008

  35. Yu, S., Ren, K., Lou, W.: FDAC: Toward fine-grained distributed data access control in wireless sensor networks. IEEE Trans. Parallel Distrib. Syst. 22, 673–686 (2011)

    Article  Google Scholar 

  36. Shen, Y., Ma, J., Pei, Q.: An access control scheme in wireless sensor networks. In: Proceedings of the 2007 IFIP International Conference on Network and Parallel Computing Workshops (NPC’07), pp. 362–367. Dalian, China, 18–21 September 2007

  37. Butun, I., Sankar, R.: A brief survey of access control in wireless sensor networks. In: Proceedings of the 8th Annual IEEE Consumer Communications and Networking Conference (CCNC’11), pp. 1118-1119. 9–12 January 2011

  38. Sen, J.: A survey on wireless sensor network secu. Int. J. Commun. Netw. Inf. Secur. 1, 55–78 (2009)

    Google Scholar 

  39. Boneh, D., Gentry, C., Waters, B.: Collusion resistant broadcast encryption with short ciphertexts and private keys. In: Proceedings of the 25th annual international conference on Advances in Cryptology (CRYPTO’05), pp. 258–275. Santa Barbara, California, USA, 14–18 August 2005

  40. Ruj, S., Nayak, A., Stojmenovic, I.: Distributed fine-grained access control in wireless sensor networks. In Proceedings of 2011 IEEE International Parallel and Distributed Processing Symposium (IPDPS’11), pp. 352–362. Anchorage, AK, USA, 16–20 May 2011

  41. Chase, M., Chow, S.S.M.: Improving privacy and security in multi-authority attribute-based encryption. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 121-130. Chicago, Illinois, USA, 9–13 November 2009

  42. Chatterjee, S., Roy, S.: Cryptanalysis and enhancement of a distributed fine-grained access control in wireless sensor networks. In: Proceedings of the 2014 International Conference on Advances in Computing, Communications and Informatics (ICACCI’14), pp. 2074–2083. 24–27 September 2014

  43. Hur, J.: Fine-grained data access control for distributed sensor networks. Wirel. Netw. 17, 1235–1249 (2011)

    Article  Google Scholar 

  44. Yang, P., Zia, T.A.: EP2AC: an efficient privacy-preserving data access control scheme for data-oriented wireless sensor networks. In: Proceedings of the 2014 IEEE International Conference on High Performance Computing and Communications (HPCC’14), pp. 755–762. Paris, France, 20–22 August 2014

Download references

Acknowledgements

This work was supported by the National Natural Science Foundation of China under Grant No. 61602351, No. 61502359 and No. 61602349, the Key Projects of National Social Science Foundation of China under Grant No. 11&ZD189, the Young Scientist Foundation of Wuhan University of Science and Technology under Grant No. 2015XG005, and the Open Foundation of Hubei Province Key Laboratory of Intelligent Information Processing and Real-time Industrial System under Grant No. 2016znss10B.

Author information

Authors and Affiliations

  1. College of Computer Science and Technology, Wuhan University of Science and Technology, Wuhan, China

    Heng He, Ji Zhang, Jinguang Gu, Yan Hu & Fangfang Xu

  2. Hubei Province Key Laboratory of Intelligent Information Processing and Real-Time Industrial System, Wuhan, China

    Heng He, Ji Zhang, Jinguang Gu, Yan Hu & Fangfang Xu

Authors
  1. Heng He
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ji Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jinguang Gu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yan Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Fangfang Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Heng He.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

He, H., Zhang, J., Gu, J. et al. A fine-grained and lightweight data access control scheme for WSN-integrated cloud computing. Cluster Comput 20, 1457–1472 (2017). https://doi.org/10.1007/s10586-017-0863-y

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10586-017-0863-y

Keywords

Search

Navigation