1. Introduction
The development of the Internet of Things has spawned the emergence of new informatization concepts such as smart homes, smart cities, and mobile crowd sensing. It connects people, people and things, things and things on the Internet, and realizes information exchange, collaborative operation, and resource sharing among terminal entities through wired or wireless network technologies according to different physical environments and application scenarios [
1]. It is widely used in various fields of the information society, such as remote control of intelligent terminals for remote medical treatment, unmanned vehicle driving in the in-vehicle networks and intelligent sensor data, and remote physical environment monitoring in remote areas. The development of the Internet of Things has brought great convenience to people’s lives, promoted the rise of the sharing economy, and promoted the development of society.
At the same time, the development of the Internet of Things is also facing some serious challenges: In the field of physical technology, with the improvement of people’s living standards, people’s application requirements for the Internet of Things are constantly improving, such as the real-time nature of Internet of Things communication, the bandwidth of the Internet of Things, and the energy consumption of the Internet of Things. Different application scenarios will also involve specific requirements regarding scope, power consumption, throughput, and network topology. These are issues that the Internet of Things needs to further improve and solve [
2]. In the field of information application, the popularization and application of the Internet of Things involves various fields of people’s life and work. The vulnerability of the Internet of Things makes the communication information, identity information, and shared information among terminal entities easily exposed to the open Internet of Things. Securing the confidentiality of IoT communication information, the concealment of identity information, and the security of shared information are another challenge facing the Internet of Things. Therefore, it is necessary to develop the innovative information technology of the Internet of Things, the privacy protection of users, and the security of interactive data and shared data [
3].
The powerful interoperability of the Internet of Things has accelerated the data aggregation and data sharing in the Internet of Things, making the Internet of Things one of the infrastructures in many fields such as medical and intelligent transportation. To protect data security in the Internet of Things, data are typically stored in encrypted form on the server, and attribute-based encryption has proven to be a powerful encryption tool. At the same time, it is crucial to propose effective access control policies to access these encrypted data and protect the security of some sensitive information. In recent years, research on access control of data has emerged in an endless stream attribute-based encryption strategies are widely used in medical, corporate, and personal areas. Privacy protection and field access for personal health information forms for medical use attribute-based encryption methods, and permission settings for access control [
4], which can protect privacy and flexible access, bringing great benefits to the medical industry. A comprehensive study of some different access control models and access control architectures provides a future direction for IoT access control research [
5]. Verifiable threshold multi-permission access control constructs a mixed multi-permission scheme [
6]; on the basis of one permission maintaining the whole attribute set encryption scheme, unified attribute setting managed by multiple departments can guarantee the security of data.
With the rapid development of big data, security in the fields of information storage, information acquisition, and information transmission has become a serious problem. The powerful interoperability and flexible access features of the Internet of Things have greatly threatened data security and personal privacy. Aiming at these problems, this paper proposes an access control scheme based on ciphertext attribute authentication and threshold policy for the Internet of Things (AC-CAATP), which uploads the data to the cloud server after encrypting the data, and uses attributes to set a threshold policy to limit the user’s access to the data. Similarly, the user authenticates the identity based on the attribute and obtains different permission grades from the certificate authority, and then accesses the data of the corresponding sensitivity grade. The protocol combines the advantages of attribute-based encryption technology and access control strategy to ensure data security and user privacy. At the same time, an access control policy is set for data access, which avoids the leakage of sensitive information.
1.1. Contributions
In this paper, an access control scheme based on ciphertext attribute authentication and threshold policy for the Internet of Things is proposed. The research contributions of this paper can be summarized as follows:
- (1)
Hidden attribute authentication: An identity authentication technology based on hidden attributes is proposed, which not only hides the user’s identity information, but also hides the user’s attribute information. In the process of identity authentication, the advantages of the traditional key agreement protocol identity authentication are preserved, and the attribute information is hidden by the algorithm to avoid revealing the user’s personal privacy.
- (2)
Lightweight and efficient access control technology: Traditional attribute-based access control mostly adopts complex access control policies, such as tree-based access control policies, which require a large number of intermediate nodes to calculate and transmit messages during data access, thus increasing a large amount of computational and communication overhead. In this paper, permission list query and threshold function are used to implement access control. A large number of nodes are not required to transmit information during the access process. Therefore, the computational amount is small and the computational time is short, which is more suitable for a mobile terminal device with limited resources and requiring fast resource access.
- (3)
High security: Traditional attribute-based access control is difficult for resisting collusion attacks. For example, when a user does not have enough attribute sets to access a resource, he can get enough attributes in conjunction with other users who do not have access to the resource to gain access to the resource. In this paper, the identity and permission joint authentication method is adopted in resource acquisition. When each user registers, the same attribute of different users obtains different permission parameters. Therefore, users cannot jointly access resources by using other members’ attributes. At the same time, this paper also adopts permission authentication when accessing resources. Users who do not reach the access level cannot access and download ciphertext resources, making resource access more secure.
1.2. Organization
In
Section 2, the related work of this paper is described; in
Section 3, the basic knowledge is described; in
Section 4, the details of AC-CAATP scheme are described; in
Section 5, the correctness and security analysis of AC-CAATP is described, and we further analyze the efficiency of AC-CAATP in
Section 6; the conclusions of the paper are in
Section 7.
2. Related Work
While the Internet of Things is widely used, the vulnerability of its network is subject to severe security challenges. In recent years, IoT security has become a personal issue for scholars at home and abroad, especially IoT data security exchange, IoT intrusion detection, and IoT access control. Intrusion detection research based on the Internet of Things was proposed in [
7,
8,
9]; three methods are proposed in the literature to detect intrusion events in the network, which can prevent and resolve malicious attacks and improve the security of IoT applications. An overview of secure communication among vehicles is presented in [
10], which describes cases in which multiple connected entities interact with appropriate communication protocols, analyzing, researching, and evaluating the most relevant systems, applications, and communication protocols, further improving road safety and predicting the potential danger of road traffic. In [
11], a data exchange scheme based on wireless devices in a physical Internet of Things is proposed. It is based on two core elements with interchangeable roles, entities and trackers, using a blockchain-based distributed paradigm, existing infrastructure, and equipment to ensure anonymization and immutability of the data involved. This section focuses on the introduction and analysis of research work related to IoT access control.
In this era of information explosion and network sharing, safeguarding data and information security is a serious challenge for us. Some access to sensitive information requires some permission. More and more scholars have analyzed and studied this situation. In [
12], a novel attribute based access control scheme for IoT systems is proposed, which simplifies greatly the access management. It uses block-chain technology to record the distribution of attributes in order to avoid single point failure and data tampering. The access control process has also been optimized to meet the need for high efficiency and lightweight calculation for IoT devices. In [
13], the authors comprehensively expound the existing access control mechanisms used in the cloud computing environment, analyze the advantages and disadvantages of these models and application requirements, and evaluate the existing access control mechanisms based on these requirements.
In [
14,
15], in view of the limitation of medical resources in the Internet of Things, an access control system is proposed. The system provides authorized users with fine-grained access to services while protecting valuable resources from unauthorized access. In addition, the application attribute assigns a role to the member and authorizes the member to access the IoT device to provide a specific service. A secure and efficient multi-authority access control system for IoT-enabled mHealth is proposed in [
16], there are multiple independent attribute authorities in the system, and a new entity can attribute authority without rebuilding the system. In addition, most of the decryption is performed in the cloud server, only returning part of the decrypted ciphertext, greatly reducing the user’s decryption overhead.
In [
17], a scalable enhanced key aggregation cryptosystem is proposed to implement security level management. This method uses the improved Diffie–Hellman key exchange algorithm (IDHKE) to achieve secure data sharing and key security sharing of data receivers. For security and consistent access control restrictions, attribute-based encryption is used to ensure the accuracy and reliability of protected data transmission. In [
18,
19], the medical big data security utilization encryption and access control process was analyzed. The classification method is used to classify and encrypt sensitive data and non-sensitive data in cloud computing, and triple DES (TDES) is encrypted and stored in the cloud, and a feasible optimization technique is proposed, Finally, the attribute-based access control authentication phase is used to authenticate the data in the cloud sim. The clustering, classification and encryption results of the method are compared with existing methods.
In order to protect the confidentiality of data and solve the problem of leaking data or leaking user keys for different reasons based on attribute conditions, an attribute-based batch cloud access control system is proposed in [
20] that introduces an efficient, revocable, attribute-based encryption scheme that enables data owners to efficiently manage the credentials of data users. In [
21], a new security and privacy-based Connected Vehicle Network Access Control (SPBAC) model is proposed, which allows security officials to access information through permissions and roles, rather than just accessing the same fleet of officials through roles. The model sets up multiple security layer maintenance, and each security layer coordinates and communicates with each other to avoid leakage of sensitive information.
A security solution based on RFID card-based physical biometric access control is proposed in [
22]. This scheme combines RFID technology and dual watermark technology to provide a biometric control access framework. The wavelet packet decomposition watermark algorithm is used to insert fingerprint (detail) features. Into the face image of the authorized person, the same watermark algorithm is then used to insert the fingerprint watermark into the face feature extracted by the Gabor filter in the previously watermarked face image, and, finally, the obtained secure watermark biometric data are integrated into the RFID card, efficiently preventing information theft and illegal access to sensitive data. In [
23], the paper analyzes the key indicators affecting the privacy disclosure of big data in health management, and establishes a risk-based access control model based on fuzzy theory for intelligent medical big data management, which solves the problem that the experimental results are inaccurate due to the lack of real data when the actual problem is processed. Protecting information security issues in smart medical management largely avoids patient privacy issues.
A security model based on IoT and fog cooperation is proposed in [
24]. The model integrates an efficient access control process associated with the monitoring solution to ensure secure cooperation between different resources and different operational parts. Introduce a distributed access control based on the secure resource management framework for the fog-IoT network, and an active security scheme under super-trusted and low latency constraints. The solution not only has low latency, high security and confidentiality, but also reduces the management and management complexity of security and resource mechanisms. A distributed access control with outsourced encryption and decryption for electronic health records is introduced in [
25]. The device combines the advantages of the fog device, which provides calculation, transmission, and storage services for the user, so the communication and calculation costs are lower. This scheme is a practical and novel solution.
In [
26,
27], in order to implement a secure service composition, a privacy-protected access control model and framework is proposed. In the model, an access request for a service is permitted if the requester’s attribute certificates and contextual conditions are in compliance with the access control policies specified by the service provider and simultaneously the privacy preferences of the requester are compatible with the privacy policies of the service provider. In the framework, the possible combined service chains are sorted according to the user’s preference and the sensitivity of the data, and the security policy of the combined service is established by the selected service chain. A sensor platform for controlling an obstacle at the entrance of a vehicle is proposed in [
28]. The platform enables automatic identification of the vehicle by image-based license plate recognition of the vehicle. First, an approaching vehicle is detected by an ultrasonic sensor, and, at the same time, an image is captured by a camera mounted on an obstacle, and then the license plate is automatically extracted from the image, and the license plate character is further divided. Finally, these characters are identified using standard optical character recognition (OCR) pipelines.
An access control system defined by blockchain technology is proposed in [
29]. The system encodes the attribute-based access control policy into a smart contract and deploys it on the blockchain, thus transforming the policy evaluation process into a fully distributed intelligent contract execution, while the invariance and transparency of blockchain technology ensure the auditability of access control strategy evaluation. A new verifiable outsourcing ciphertext-policy attribute-based encryption scheme for big data privacy and access control in the cloud is proposed in [
30,
31], The solution reduces the computational overhead of encryption and decryption by outsourcing heavy computing to a proxy server, and verifies the correctness of the data through outsourced computation. In addition, the solution protects data security by limiting the data access of a group of users rather than providing unlimited data access.
In [
32], cloud-based e-learning is implemented using an access control mechanism to prevent cloud resources from being accessed by unauthorized users. The system uses a key management scheme of access control technology to achieve secure content sharing and protection of the e-learning environment, and is more flexible and scalable in accessing e-learning content. A cloud computing data protection model is proposed in [
33], which uses cryptography and access control to ensure the confidentiality, integrity, and proper control of sensitive data access. The model uses an enhanced RSA encryption algorithm combined with a role-based access control model and Extensible Access Control Markup Language (XACML) to improve security and allow data access. An edge-based encryption-based access control method (eri-ac) is proposed in [
34]. This method encrypts the content using a symmetric key. The content key is secondarily encrypted by the producer and the edge router using edge re-encryption. Only authorized users can decrypt the re-encrypted content key with their private key to obtain the plaintext of the content. This method allows the user to obtain the content key from the producer, which can shorten the retrieval time and there is no copy redundancy.
In [
35], the priority of the sensor is set according to the importance level of the sensor, the sampling rate, the timeout condition, and the remaining energy. Then, based on the priority of the node and the channel factor, a utility function is introduced to characterize the value of the node transmitting the data frame during a certain period of time. The time slot allocation problem is modeled. The goal is to maximize the total data transmission utility of all nodes in a specified time period by adjusting the transmission time and transmission duration of each node. According to the problem model, a time slot allocation scheme based on greedy strategy is proposed, which effectively reduces the time complexity of direct problem solving. In this scheme, nodes with higher priority are arranged to transmit data frames in time slots with better channel conditions. A transportation system boarding scheme for automatically controlling the number of passengers in the transport warehouse is proposed in [
36]. The scheme uses the queuing theory to derive random numbers of passenger queue length, waiting time, and cabin capacity for determining the number of passengers arriving and the number of cabins arriving at Poisson. The expression of the nature deduces the cabin capacity and stability threshold of each station in the case of general passenger arrival distribution to control the number of passengers in the transport warehouse.
A crowdsourcing method for location-aware secure access (LaSa) control is proposed in [
37], in which LaSa detects whether a user enters or leaves a room by discovering and identifying unique signal patterns. Combined with received signal strength (RSS), channel state information (CSI) and coarse angle of arrival (AoA) data, the accuracy of wireless network user classification is improved. In [
38], a model is designed and presented in this study in order to enable the privileged accounts to be controlled, managed, and followed at minimum cost. The model can set a strong password based on basic IT security principles and refine the scope of IT staff to reduce their workload, and improve managers’ awareness of IT security to determine the password for a privileged user account. A function-based identity-based encryption-based IoT access control scheme is proposed in [
39]. The program provides fine-grained access control to prevent applications from accessing unauthorized functions. At the same time, the cost of each access operation is a constant. In addition, the solution is secure, and prevents excessive privileged access.
At the same time, there are some studies on the analysis and evaluation of IoT security. A network and physical security vulnerability assessment based on the Internet of Things is proposed in [
40], which outlines the application of the Internet of Things in the smart home sector, brings convenience and presents security and privacy challenges. Detect and identify possible security risks and vulnerabilities, fully understand the security status of smart homes, and propose ways to reduce risk. A survey of potential security issues with network protocols was proposed in [
41]. The investigation raised the security and privacy issues in network protocols, analyzed vulnerabilities and security threats that are prone to networks, and agreed on new defense benchmarks.
It can be seen from the analysis of the above research results that the above research has a certain degree of deficiencies in terms of personal privacy protection, lightweight quality, and security. The rapid development of the Internet of Things has gradually changed people’s way of life, flooding all aspects of life, and people’s security requirements for the Internet of Things are getting higher and higher. According to the characteristics of the Internet of Things, such as limited mobile resources and easy disclosure of personal privacy, we propose an access control scheme based on ciphertext attribute authentication and threshold policy, in which further optimizations have been made in terms of personal privacy protection, lightweight and security. Through comparative analysis, the effect of this scheme is better.
4. The Proposed Access Control Scheme
4.1. System Model
The system model we designed is shown in
Figure 1, which consists of four entities: a certificate authority (CA), many data sharer, many data acquires, and a cloud server (CS). In addition, a user can be either a data acquirer or a data sharer.
The certificate authority (CA) is equivalent to the administrator of the system, who sets system parameters for access control and distributes secret key and privilege level information for the user.
The data sharer uploads his or her own data to the cloud server to share the data with other users. The data content is encrypted before being uploaded to the cloud server.
The data acquirer is an entity that is interested in the data stored in the cloud server, and can view and download related data in the cloud server according to its own access rights.
The cloud server (CS) is a public storage platform that provides data sharers with storage and shared encrypted data. Data requesters can freely access and download data stored in the cloud server according to their own permissions.
4.2. Initialization
In this section, we initialize an access control scheme based on ciphertext attribute authentication and threshold policy for Internet of Things. This access control system consists of a certification authority (CA), a cloud server (CS), and network terminal users. CA is a trusted entity used primarily for identity authentication, user registration, and attribute key distribution, and it also generates system public parameters and master keys. CS is an important entity, mainly used for the division of access rights of user encrypted information and the classification and storage of different access rights information. The system model is shown in
Figure 1.
In this work, it is supposed that the protocol has n network terminals. Let be the set of network terminals. In addition, the corresponding identity set is . CA defines an ordered network attribute set , where and denotes the number of the network attribute. In addition, is the ordered attribute set of network terminal , where , , and . i denotes the terminal and r denotes the attribute of .
If the network terminal wants to store encrypted information on the cloud server or access encrypted information on the cloud server, it must register the attributes in the authentication center and obtain corresponding data storage and data access rights.
Assuming is an additive group, and the is a multiplicative group, they have the same large prime number order q, and discrete logarithm over and are difficult, is a generator of . Parameter is a computable bilinear mapping. and are three hash functions.
The CA runs the algorithm to obtain a public/private key pair , where and . The any member chooses a random positive integer and calculates . as its private key and the public key . The system parameters are .
4.3. Terminal Users Registration
The terminal users registration of AC-CAATP is depicted in
Table 1, and the detailed steps are performed as follows:
- (1)
CA constructs an
R degree polynomial(1) by using the elements in the network attribute set
(arranged according to the sequence of attributes specified by the network system) as the coefficients of the polynomial:
- (2)
Each terminal user with the attribute set (arranged according to the sequence of attributes specified by the network system) selects a random number and calculates and . Then, sends to CA.
- (3)
After receiving the messages
, CA calculates
and verifies the identity of
by equation
. If it holds, CA calculates the following formula (2) according to the ploynomial(1):
If Equation (
2) is equal to 0, this means that
and
. Then, CA computes
and compares whether the equation
is true. If it holds, CA can determine which attributes the user
has; according to the corresponding attribute values, CA selects the corresponding attribute parameters
. It calculates formula (3), and CA divides the permission level according to the number of their attributes and calculates formula (4) as the privilege grade:
Then, CA sends to the register terminal and secretly saves parameter . (Note that, for any two attributes and of different members of and , if , then ).
- (4)
After receiving the messages
from CA,
calculates formula (5) and verifies the identity of CA by equation
. If it holds,
computes the following formula (6) according to formula (3) and obtains the attribute permission values
and the privilege level
:
sends messages
to CA indicating that it has successfully registered.
- (5)
After receiving the messages from , CA verifies the messages and sends it to CS.
With the above steps, all the terminals
register successfully. In addition, CA can obtain the attribute information from all the registration terminals
. CA divides the permission levels of group members according to the number of attributes. Then, CA can build a terminal users registration information table (as shown in
Table 2) and share the information resource with CS, which is used for querying user rights and access control of resource permissions.
4.4. Resource Encryption Storage
Each terminal user can encrypt their shared resources and upload them to the cloud server. Any member with the attribute set and the privilege value in the network wants to share resources to the members who have the same or higher privileges than him. He can do the following steps to encrypt resources and upload them to the cloud server:
- (1)
gets the information
from the information in
Table 1 and computes formula (7) and formula (8):
- (2)
selects
randomly, then calculate formulas (9), (10), and (11), according to formulas (6), (7), and (8) and constructs a
degree polynomial(12) according to the attribute permission values
that it kept before and
; then, it computes formula (13) according to formula (11) and
.
uses
as encryption key and
as decryption key:
- (3)
encrypts its shared resources information
(
: plaintext space) with encryption key
, which is that
chooses a random number
, and calculates formulas (14), (15), and (16) according to formulas (4) and (9), the corresponding ciphertext information is
:
Then,
uploads the shared ciphertext information
. The plaintext information of the keywords of the shared resource and the related description of the resource (search for related resources primarily for resource visitors), encryption key
and related calculation parameters
to the CS. CS verifies the identity of
by the equation
. If it holds, CS publishes the information
on the public display platform as shown in
Table 2, where
is the keywords of the shared resource, and
is the related description of the resource.
4.5. Resource Access and Sharing
- (1)
Each user in the cloud system wants to access resources in the system; it can search for the corresponding ciphertext resource according to the keyword and related content description and can view the provider of the resource and access rights that should be available to access the resource.
- (2)
If
wants to access certain resources and has the access rights of the resource,
computes formula (17) according to formula (5), and sends the messages
to CS:
Then, CS verifies the identity of by the equation . If it holds, CS opens the corresponding resource link.
- (3)
downloads the corresponding ciphertext resource
from the CS. It can compute the corresponding attribute permission values
according to the right parameters
and corresponding threshold value
. It computes
.
constructs polynomial (18) according to the information
and Lagrange theorem:
In addition, it computes the constant term
as its decryption key.
can also obtain the encryption key
from
Table 2.
- (4)
Anyone in the network system can calculate from ciphertext , with a valid decryption key .