A CP-ABE and IOTA-Based Lightweight Sensitive Data Access Control Scheme for IoT

Nowadays, we are living in an open network environment with varieties of smart devices, which makes individual privacy face unprecedented threats. For one thing, a plenty of sensitive information may be gathered without the owner's knowledge. For the other, the Internet of Things (IoT)-based services and various intelligent applications require a large amount of perceptual data. And in practice, these data are usually encrypted and stored in storage providers like cloud for security and cost saving. To fully harness the productivity value of data and protect privacy, ciphertext-policy attribute-based encryption (CP-ABE) is widely used. Nevertheless, most existing CP-ABE schemes cannot work well for IoT because of the heavy overhead and the open and distributed environment. To lower the cost, a lightweight CP-ABE scheme without pairing is proposed and proved in the set-selective mode. Both the theoretical analysis and experiments show its advantages in computation, communication, and storage overhead. For flexible access control in IoT, we attempt to employ the masked authenticated message (MAM) mechanism of the IOTA to manage authorization for our CP-ABE scheme. Comparisons with similar schemes show that it can overcome the low throughput and monetary cost in other distributed ledger-based access control schemes.