Research On Multi-authority Attribute-based Encryption Access Control Scheme In Industrial Internet Of Things

With the application of the Internet of Things and intelligent technologies in industrial systems,the manufacturing efficiency and product quality have been improved,leading to the development of the Industrial Internet of Thing(IIoT).The data in the IIoT is shared through cloud computing technology,which can improve the efficiency of data sharing and reduce the cost of maintenance for industrial entities.However,it also leads to new data security issues,such as data leakage caused by unauthorized access.Uploading private data to the cloud may lead to data leakage without security protection.To solve this problem,the interconnected IIoT adopts a scheme based on multi-authority attribute-based encryption(MA-ABE)for finegrained data access control.Some existing MA-ABE schemes have problems of privacy disclosure,low efficiency and weak security.First,fine-grained access control depends on the control of access policies.In the case of multi-authority centers,access policies are usually uploaded to the cloud together with ciphertext,which may expose sensitive information about data owners.Second,resourceconstrained IIoT devices cannot quickly perform encryption and decryption operations due to the high computational overhead associated with attribute encryption.Outsourcing complex operations to third-party servers can relieve computing pressure on users and terminal devices.However,in the process of data transmission,third-party servers may be "lazy",to save computation or bandwidth,only calculate part of the operation,and return incorrect results.Considering the data security problem in IIoT environment,this thesis studies the access control scheme based on multi-authority attribute-based encryption.The main work includes:(1)An anonymous multi-authority attribute-based encryption access control scheme with revocation for IIoT is proposed.This effectively realizes user privacy protection and attribute revocation by anonymizing attributes in authentication,and reduces the computing burden of IIoT devices and end users by adapting online/offline technique and outsourcing decryption technique.A formal security proof is presented that our scheme is secure.The scheme is implemented at a higher security level,and experimental results show the superiority of the scheme in efficiency and function.(2)A verifiable multi-authority attribute-based encryption access control scheme with for IIoT is proposed.In order to relieve the computing pressure of end users,part of decryption work is outsourced to edge nodes,and the verifiable outsourcing decryption technology is introduced considering the untrusty of edge nodes.In addition,a policy updating algorithm is proposed to solve the efficiency problem caused by policy updating.Finally,it is proved that the scheme can ensure the security under the given security model,and the experimental results show the feasibility of the scheme.