With the support of cloud computing, large quantities of data collected from various WSN applications can be managed efficiently. However, maintaining data security and efficiency of data processing in cloud-WSN (C-WSN) are important and challenging issues. In this paper, we present an efficient data outsourcing scheme based on CP-ABE, which can not only guarantee secure data access, but also reduce overall data processing time. In our proposed scheme, a large file is divided into several data blocks by data owner (DO) firstly. Then, the data blocks are encrypted and transferred to the cloud server in parallel. For data receiver (DR), data decryption and data transmission is also processed in parallel. In addition, data integrity can be checked by DR without any master key components. The security analysis shows that the proposed scheme can meet the security requirement of C-WSN. By performance evaluation, it shows that our scheme can dramatically improve data processing efficiency compared to the traditional CP-ABE method.
In order to enhance the scalability of the WSN, some studies focus on combining cloud computing and wireless sensor networks [1]. Security in WSN has been studied in a lot of literature, e.g., [2][3][4][5].With the support of cloud computing, cloud-WSN (C-WSN) can be constructed. It can be viewed as a special kind of Heterogeneous Sensor Networks [6][7][8]. C-WSN has been used in many applications, such as smart grid. In smart grid, there are lots of WSN based applications, including power transmission line monitoring, smart metering & smart home, power consumption information gathering, etc. Mass data from different WSN applications are collected and stored in cloud servers. Then, different type of data receivers (DR) will access the data according to their own access rights.
However, there are still several problems and challenges in C-WSN. First, data processing efficiency should be considered due to large amount of data is encrypted/decrypted and transferred in C-WSN. Second, data security and data privacy must be kept in mind. To solve these problems, we propose an efficient data outsourcing scheme, which can dramatically enhance data processing efficiency in C-WSN without loss of data security and data privacy. Main contributions of this paper can be summarized as follows: 1) We propose a block-encryption method which allows a large file to be encrypted/decrypted and transmitted in blocks in parallel.
- The data receiver can check data integrity without any master key components. 3) We give the security analysis and performance evaluation, which prove that security and performance of our scheme are no weaker than that of traditional scheme.
The rest of this paper is organized as follows. Section 2 introduces the related work. In section 3, some preliminaries are given. In section 4, our scheme is stated. In section 5, security analysis is given. In Section 6, the performance of our scheme is evaluated. In Section 7, the paper is concluded.
In [9], the ciphertext’s encryption policy is associated with a set of attributes, and the data owner can be offline after data is encrypted. In [10] and [11], Key Policy Attribute-Based Encryption (KP-ABE) scheme and Ciphertext Policy Attribute-Based Encryption (CP-ABE) scheme were proposed respectively. In KP-ABE, the encryption policy is also associated with a set of attributes, which are organized into a tree structure (named access tree) by users. In CP-ABE, the data owner constructs the access tree using visitors’ identity information.
In [12], Yu et al tried to achieve secure, scalable, and finegrained access control in a cloud environment. Wang et al proposed an access control scheme based on CP-ABE, which was also secure and efficient in a cloud environment [13]. In [14], Yadav and Dave presented an access model based on CP-ABE which could provide a remote integrity check by way of augmenting secure data storage operations. In addition, there are still some researches and applications of access control in practical problems, e.g., [15,16]. Hei et al applied the access control scheme to the medical field, in order to solve the various problems in practice. They firstly discussed and studied how to detect the two attacks against insulin pump systems via wireless links in [15], and the feasibility of the scheme is proved by experiments. Then in [16], Hei et al considered the Implantable Medical Devices (IMD) security, and proposed a light-weight secure access control scheme. With the small computation overhead, the scheme can be applied to solve the security problems in emergency situations.
The similarity between the existing works and ours is that we are all based on ABE method. While, we make an innovation and improvements based on CP-ABE. In order to enhance the data processing efficiency in C-WSN, we propose a novel partition method based on CP-ABE to enable the data encryption and data transmission to be processed in parallel.
Let G 0 and G 1 be two multiplicative cyclic groups of prime order p and g be the generator of G 0 . The bilinear map e is, The DL assumption holds in G if it is computationally infeasible to solve DL problem in G.
To achieve fine-grained access control, we utilize the Ciphertext Policy Attribute-Based Encryption scheme (CP-ABE) [4], which the access structure is illustrated by an access tree. Leaves of the tree are associated with descriptive attributes, and each interior node is a relation function, such as AND (n of n), OR (1of n), and n of m (m>n).
Let be an access tree, and the root node is denoted by . At the beginning of the encryption, we will conduct a polynomial for each node from top to bottom, while the decryption order is reverse.
To retrieve the secret, we define the Lagrange coefficient , iS as follows:
A. System Model In our system, both Data Owners (denoted as DO) and Data Requester/Receivers (denoted as DR) are users, as shown in Fig. 1. The Trusted Authority (TA) is a trusted party to generate Pu
This content is AI-processed based on open access ArXiv data.
