A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance

Internet of Things (IoT) cloud provides a practical and scalable solution to accommodate the data management in large-scale IoT systems by migrating the data storage and management tasks to cloud service providers (CSPs). However, there also exist many data security and privacy issues that must be well addressed in order to allow the wide adoption of the approach. To protect data confidentiality, attribute-based cryptosystems have been proposed to provide fine-grained access control over encrypted data in IoT cloud. Unfortunately, the existing attributed-based solutions are still insufficient in addressing some challenging security problems, especially when dealing with compromised or leaked user secret keys due to different reasons. In this paper, we present a practical attribute-based access control system for IoT cloud by introducing an efficient revocable attribute-based encryption scheme that permits the data owner to efficiently manage the credentials of data users. Our proposed system can efficiently deal with both secret key revocation for corrupted users and accidental decryption key exposure for honest users. We analyze the security of our scheme with formal proofs, and demonstrate the high performance of the proposed system via experiments

A COMPREHENSIVE STUDY OF CRYPTOGRAPHY AND KEY MANAGEMENT BASED SECURITY IN CLOUD COMPUTING

Cloud computing is a cost effective flexible and proven delivery platform for providing consumer IT services or business services over internet. It has an ability to provide many services over internet. It not only provides computing services but additional computing resources. To interact with various services in the cloud and to store retrieve data from cloud several security mechanism is required. Cryptography and key management mechanism are one of the import services in the cloud to secure data. In this context, this paper investigates the basic problem of cloud computing with cryptography and key management system for enabling support of interoperability between cloud cryptography client and key management services

IoT Security Evolution: Challenges and Countermeasures Review

Internet of Things (IoT) architecture, technologies, applications and security have been recently addressed by a number of researchers. Basically, IoT adds internet connectivity to a system of intelligent devices, machines, objects and/or people. Devices are allowed to automatically collect and transmit data over the Internet, which exposes them to serious attacks and threats. This paper provides an intensive review of IoT evolution with primary focusing on security issues together with the proposed countermeasures. Thus, it outlines the IoT security challenges as a future roadmap of research for new researchers in this domain

Revocable Attribute-based Encryption Scheme with Arithmetic Span Program for Cloud-Assisted IoT

Efficient user revocation and description of the access policy are essential to enhance the practicality of attribute-based encryption (ABE) in real-life scenarios, such as cloud-assisted IoT. Nevertheless, existing ABE works fail to balance the two vital indicators. Motivated by this, in this paper, we present a revocable ciphertext-policy attribute-based encryption with arithmetic span programs (R-CPABE-ASP) for cloud-assisted IoT. For the first time, the presented R-CPABE-ASP achieves efficient user revocation and expressive description of access policy simultaneously. In R-CPABE-ASP, each attribute involved in access policy is merely used once to check whether a user owns access to shared data. Hence, the R-CPABE-ASP work enables efficient data encryption compared with existing revocable ABE works by reducing unnecessary cost for defining access policy. Meanwhile, the forward security of sensitive data is ensured by periodical update of encrypted data such that the capability of revocable storage is also assured in R-CPABE-ASP. As shown in the outsourced version of R-CPABE-ASP, The costly part for users to decrypt the data is outsourced to powerful cloud servers. There- fore, users in our R-CPABE-ASP can access their data in a more efficient way by merely one exponential operation. Finally, we carry out detailed theoretical analysis and experimental simulations to evaluate the performance of our work. The results fairly show that our proposed work is efficient and feasible in cloud-assisted IoT

A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance

Internet of Things (IoT) cloud provides a practical and scalable solution to accommodate the data management in large-scale IoT systems by migrating the data storage and management tasks to cloud service providers (CSPs). However, there also exist many data security and privacy issues that must be well addressed in order to allow the wide adoption of the approach. To protect data confidentiality, attribute-based cryptosystems have been proposed to provide fine-grained access control over encrypted data in IoT cloud. Unfortunately, the existing attributed-based solutions are still insufficient in addressing some challenging security problems, especially when dealing with compromised or leaked user secret keys due to different reasons. In this paper, we present a practical attribute-based access control system for IoT cloud by introducing an efficient revocable attribute-based encryption scheme that permits the data owner to efficiently manage the credentials of data users. Our proposed system can efficiently deal with both secret key revocation for corrupted users and accidental decryption key exposure for honest users. We analyze the security of our scheme with formal proofs, and demonstrate the high performance of the proposed system via experiments

Strategies for Integrating the Internet of Things in Educational Institutions

The introduction of the Internet of Things (IoT) into educational institutions has necessitated the integration of IoT devices in the information technology (IT) infrastructural environment of educational institutions. Many IT leaders at educational institutions, however, lack strategies for integrating and deploying IoT devices in their institutions, which has resulted in numerous security breaches. The purpose of this study was to explore security strategies adopted by IT administrators to prevent data breaches resulting from the integration of IoT devices in their educational institutions. The diffusion of innovations theory served as the conceptual framework for this qualitative multiple case study. Eleven IT leaders in 11 public K–12 educational institutions, who had successfully integrated IoT in their educational institutions in the United States Midwest region, were interviewed. Thematic analysis was the data analysis strategy. The 3 major themes that emerged were (a) organizational breach prevention, (b) infrastructure management—external to IT, and (c) policy management—internal to IT. A key recommendation is for IT leaders to develop strategies to harness the efficiencies and stabilities that exist during the integration of IoT devices in their educational institutions. The implications for social change include the potential for securely transforming the delivery of education to students and ensuring the safety of academic personnel by identifying strategies that IT leaders can use to securely integrate IoT devices in educational settings