Research On Privacy Preserving Technology Of Iot Facility Sharing

Shared economy encourages the owner to rent his unoccupied facilities to other users so that the personal resources can be used efficiently.Nowadays,the owner can share his IoT(Internet of Things)facilities to other users remotely online through the middle agent.So the owner doesn't need to interact with the users directly.For example,in a housing rental environment,the owner can entrust his house to a housing rental platform.Then the housing rental platform will authorize the house to other users on behalf of the owner.The user can enter into the house with the authorization warrant.In the whole procedure,the transfer of housing permissions is carried out through a middle agent.In this scenario,the privacy protection is reflected on the sensitivity protection of the owner's permissions and the anonymous protection of the user's identity.However,the current research mainly focuses on the authority management of IoT facilities and there are no effective solutions to the privacy protection in the IoT facility sharing environment where the authority of the owner is delegated to a middle agent.Based on the above problems,a novel privacy-protection partial delegation authoriaztion scheme for IoT facility sharing is proposed in this paper.This scheme can realize the controllable transfer of owner's permissions,anonymous authentication of the user's identity and access control based on the social relationships.The main work of this paper is as follows:1.A controllable partial delegation authorization mechanism based on the trust is proposed for the protection of the sensitive permissions.This mechanism is improved on the basis of the Mambo-Usauda-Okamoto proxy signature scheme.The middle agent will authorize the loT facility to other users under the owner's approval.The private key of the proxy signature used in this mechanism is generated jointly by the owner and the middle agent.It can prevent the repudiations between the owner and middle agent existed in the Mambo-Usauda-Okamoto proxy signature.It also can protect the sensitive permissions of the owner.According to the security analysis,this mechanism satisfies the security attributes:verifiability,non-repudiation,identifiability,distinguishability and prevention of misuse.2.An access control mechanism based on the social relationships is proposed for preventing the excessive authorization of the middle agent.This mechanism uses the role-based and trust-based access control model.It determines whether to authorize the IoT facilities to the users based on the dynamical social relationships between users and the trust threshold set by the owner.This mechanism can prevent the excessive authorization of middle agents effectively.3.A trust-value quantification mechanism based on the dynamical social relationships is proposed.This mechanism can calculate the trust value timely based on the similarity of contact persons,social contact addresses and mobile application softwares between users.The trust value can adjust adaptively with the change of social relationships.4.An anonymous authentication mechanism based on the proxy signature and knowledge signature technology is proposed for the protection of user's identity.In this mechanism,firstly,the IoT facility authenticates the identity of the middle agent through the proxy signature and then verifies whether the user is authorized by the middle agent through the knowledge signature submitted by the user.And the user doesn't need to offer his identity information.The Canetti-Krawczyk model is used to prove the authentication security of the mechanism.The result of analysis shows that the mechanism could resist replay attacks and camouflage attacks.5.Based on the schemes mentioned in this paper,a housing sharing rental prototype system is designed.It can realize the controllable authority transfer and privacy protection.This system consists of the housing owner,middle agent,renter and smart lock of the house.The main function includes the delegation authorization of the owner,anonymous authentication of the user and the access control based on the social relationships.All the interactive processes are carried out through the mobile smart terminals to achieve the remote housing sharing.The program of mobile smart terminal is developed based on the Android platform,and the development of the smart lock is based on the Arduino platform.The test shows that this system can realize the remote housing rental sharing service.The average value of the authentication delay when the user open the smart lock is about 200ms.This system is very practical.