Fortifying Public Safety: A Dynamic Role-Based Access Control Paradigm for Cloud-Centric IoT
share
The evolution of communication technologies, exemplified by the Internet of Things (IoT) and cloud computing, has significantly enhanced the speed and accessibility of Public Safety (PS) services, critical to ensuring the safety and security of our environment. However, these advancements also introduce inherent security and privacy challenges. In response, this research presents a novel and adaptable access control scheme tailored to PS services in cloud-supported IoT environments. Our proposed access control protocol leverages the strengths of Key Policy Attribute Based Encryption (KP-ABE) and Identity-Based Broadcast Encryption (IDBB), combining them to establish a robust security framework for cloud-supported IoT in the context of PS services. Through the implementation of an Elliptic Curve Diffie-Hellman (ECDH) scheme between entities, we ensure entity authentication, data confidentiality, and integrity, addressing fundamental security requirements. A noteworthy aspect of our lightweight protocol is the delegation of user private key generation within the KP-ABE scheme to an untrusted cloud entity. This strategic offloading of computational and communication overhead preserves data privacy, as the cloud is precluded from accessing sensitive information. To achieve this, we employ an IDBB scheme to generate secret private keys for system users based on their roles, requiring the logical conjunction ('AND') of user attributes to access data. This architecture effectively conceals user identities from the cloud service provider. Comprehensive analysis validates the efficacy of the proposed protocol, confirming its ability to ensure system security and availability within acceptable parameters.
READ FULL TEXT