RoFa: A Robust and Flexible Fine-Grained Access Control Scheme for Mobile Cloud and IoT based Medical Monitoring
Issue title: Special Issue on Advanced Cryptographic Techniques for Cloud and Big Data Computation
Guest editors: Fatos Xhafa and Zhenfu Cao
Article type: Research Article
Authors: Chen, Yulinga | Lei, Minb; * | Ren, Weic; † | Ren, Yid | Qu, Zhiguoe
Affiliations: [a] Guizhou Provincial Key Laboratory of Public Big Data, GuiZhou University, Guizhou Guiyang, P. R. China. 61997525@qq.com | [b] Information Security Center, Beijing University of Post and Telecommunications, Beijing, P. R. China. leimin@bupt.edu.cn | [c] School of Computer Science, China University of Geosciences, Wuhan, P. R. China. weirencs@cug.edu.cn | [d] School of Computing Science, University of East Anglia, Norwich, UK. E.Ren@uea.ac.uk | [e] Jiangsu Engineering Center of Network Monitoring, School of Computer and Software, Nanjing University of Information Science and Technology, Nanjing, P. R. China. qzghhh@126.com
Correspondence: [†] Address for correspondence: School of Computer Science, China University of Geosciences, Wuhan, Guizhou Provincial Key Laboratory of Public Big Data, GuiZhou University, Guizhou Guiyang, P. R. China. The preliminary result is presented in A Robust and Flexible Access Control Scheme for Cloud-IoT Paradigm with Application to Remote Mobile Medical Monitoring, Proc. of 2015 Third International Conference on Robot, Vision and Signal Processing, Kaohsiung, 2015, pp. 130-133.
Note: [*] Also works: Guizhou Provincial Key Laboratory of Public Big Data, GuiZhou University, Jiangsu Engineering Center of Network Monitoring, Nanjing University of Information Science & Technology.
Abstract: Cloud computing paradigm is becoming very popular these days. However, it does not include wireless sensors and mobile phones which are needed to enable new emerging applications such as remote home medical monitoring. Therefore, a combined Cloud-Internet of Things (IoT) paradigm provides scalable on-demand data storage and resilient computation power at the cloud side as well as anytime, anywhere health data monitoring at the IoT side. As both the privacy of personal medical data and flexible data access should be provided,attackers exploit diverse social engineering and technology attacks ways, access to personal privacy information stored in the home medical monitoring cloud, with more and more social engineering attacks.Therefore, the data in the Cloud are always encrypted and access control must be operated upon encrypted data together with being fine-grained to support diverse accessibility. Since a plain combination of encryption before access control is not robust and flexible, we propose a scheme referred to as RoFa, with tailored design. The scheme is introduced in a step-by-step manner. The basic scheme (BaS) makes use of cipher-policy attributes based encryption to empower robustness and flexibility. We further propose an advanced scheme (AdS) to improve the computation efficiency by taking the advantages of proxy-reencryption. AdS can greatly decrease the computation overhead on hospital servers due to operation migration. We finally propose an enhanced scheme (EnS) to protect integrity by using aggregate signature. RoFa describes a general framework to solve the secure requirements, and leaves the flexibility of concrete constructions intentionally. We finally compare the robustness and the flexibility of the proposed schemes by performance analysis.
Keywords: Access Control, Cloud Computing, Internet of Things, Fine Grained, Robust and Flexible Security
DOI: 10.3233/FI-2018-1624
Journal: Fundamenta Informaticae, vol. 157, no. 1-2, pp. 167-184, 2018
