Privacy-preserving framework for smart home using attribute based encryption

IoT is one of the emerging technologies that have already effected our daily life in various ways. Due to the nature and ease of living, people are becoming more and more dependent on the IoT devices and environments like smart phones, wearable devices, smart home and etc. IoT has influences over a various domain from a simple pre- programmed coffee machine, smart-vehicles to assisted living. These devices communicate with each other to provide services to the users as well as the service providers. But these communicated data coming from the devices contains a lot of information about personal identity information (PII). Most of the time, the users of these devices are unaware of these information or they do not have the control over the data that they are sending to the cloud. Even the cloud services are secured but they are always curious. There are few standards for IoT security, still most of the security mechanisms for IoT are only providing End-to-End secured connections like TLS, DTLS, etc. but the data itself is not secured. According to the new security regulations like GDPR, FTC and etc. the data has to be encrypted at the source and data owner have the right of the data and needs to provide consent whenever used by the service providers. One of the best way to achieve these requirements is to use Attribute-Based Encryption (ABE) which provides access control as well as data encryption. In this dissertation we are proposing two different approaches for the security, privacy and access control of user data using ABE and smart home as the case study