Efficient IoT Management With Resilience to Unauthorized Access to Cloud Storage

Publication Name

IEEE Transactions on Cloud Computing


Cloud-based Internet of Things (IoT) management services are a promising means of ingesting data from globally dispersed devices. In this setting, it is important to regulate access to data managed by potentially untrusted cloud servers. Attribute-based encryption (ABE) is a highly effective tool for access control. However, applying ABE to IoT environments shows limitations in the following three aspects: First, the demands for storage resources increase in proportion to the complexity of the access control policies. Second, the computation cost of ABE is onerous for resource-limited devices. Lastly, ABE alone is intractable to prevent illegal key-sharing which leads to unauthorized access to data. In this article, we propose an efficient and secure cloud-based IoT data management scheme using ABE. First, we remove the storage-side dependency on the complexity of the access control policies. Second, a substantial part of computationally intensive operations is securely outsourced to the cloud servers. Lastly, unauthorized access to data via illegal key-sharing is strictly forbidden. Our security analysis and experimental results show the security and practicability of the proposed scheme.





First Page


Last Page


Funding Sponsor

Ministry of Science, ICT and Future Planning



Link to publisher version (DOI)