Research On Attribute-based Signcryption Scheme For Edge Data Access Control

With the rapid development of the Internet of Things,the blooming of advanced applications and the ever-increasing demands for service qualities,existing technologies can no longer efficiently process such a huge amount of data generated by Io T devices.Therefore,edge computing is proposed to provide computing and storage capabilities near the data source,which effectively reduces the response time and saves the transmission bandwidth.However,facing the high inter-connection requirements of Io T devices,it is a huge challenge to protect user privacy and data security in the edge environment,especially for the diverse and personal related edge data.Attribute-based signature(ABS)/encryption(ABE),as the emerging cryptographic hot topic in publickey cryptography,are the key to solving the above problems.However,the existing attribute-based schemes cannot be directly applied to the distributed edge computing environment because of their centralized structure,insufficient dynamicity,high policy update overhead.Therefore,focusing on the multi-authority attribute-based access control approach,the main research contents of the thesis are as follows:(1)To guarantee that the communication between edge devices is anonymous and reliable,we propose a static-dynamic attribute-based signature scheme that supports multi-authority(SDABS).The scheme defines dynamic attributes to describe the characteristics that change frequently.Aiming at the distributed edge environment,SDABS effectively supports the multi-authority system.In addition,an efficient lowcost static attribute revocation method is also proposed to ensure the reliability of authorized users who have not revoked the corresponding attribute.Finally,the security proof confirms that SDABS has unforgeability and anonymity under the random oracle model.(2)In order to ensure the secure access and confidentiality of data in the edge environment,we propose a time-domain outsourcing attribute-based encryption scheme(TMO).Since time is a key factor affecting the validity of data,the scheme embeds the time domain information into the attribute-based encryption.In addition,based on structural advantages of edge computing,TMO is not only built on multiauthority,but also provides the capability of outsourcing decryption to improve the access efficiency of Io T devices.Moreover,an efficient ciphertext update method is designed to manage temporal attributes and modify the access policy of data online,it greatly enhances the flexibility of the encryption scheme.The security proof shows that TMO can effectively enhance the confidentiality of edge data and support the requirement of one-to-many fine-grained access control.(3)Based on the proposed edge data signature and encryption scheme,we construct and evaluate the multi-authority attribute-based signcryption scheme(MAABSC).Firstly,the storage and computing overhead of SDABS and TMO are analyzed respectively from the theoretical aspect,and the efficiency of these schemes is evaluated through simulation experiments.Then,the whole access process of the edge data is simulated.The experimental results show that MA-ABSC can implement flexible access control constraints with low computational overheads to enhance the reliability and confidentiality of edge data.