Limits...
Preserving Smart Objects Privacy through Anonymous and Accountable Access Control for a M2M-Enabled Internet of Things.

Hernández-Ramos JL, Bernabe JB, Moreno MV, Skarmeta AF - Sensors (Basel) (2015)

Bottom Line: This work proposes different privacy-preserving mechanisms through the application of anonymous credential systems and certificateless public key cryptography.The resulting alternatives are intended to enable an anonymous and accountable access control approach to be deployed on large-scale scenarios, such as Smart Cities.Furthermore, the proposed mechanisms have been deployed on constrained devices, in order to assess their suitability for a secure and privacy-preserving M2M-enabled Internet of Things.

View Article: PubMed Central - PubMed

Affiliation: Department of Information and Communications Engineering, Computer Science Faculty, University of Murcia, Murcia 30100, Spain. jluis.hernandez@um.es.

ABSTRACT
As we get into the Internet of Things era, security and privacy concerns remain as the main obstacles in the development of innovative and valuable services to be exploited by society. Given the Machine-to-Machine (M2M) nature of these emerging scenarios, the application of current privacy-friendly technologies needs to be reconsidered and adapted to be deployed in such global ecosystem. This work proposes different privacy-preserving mechanisms through the application of anonymous credential systems and certificateless public key cryptography. The resulting alternatives are intended to enable an anonymous and accountable access control approach to be deployed on large-scale scenarios, such as Smart Cities. Furthermore, the proposed mechanisms have been deployed on constrained devices, in order to assess their suitability for a secure and privacy-preserving M2M-enabled Internet of Things.

No MeSH data available.


CP-ABE based Anonymous DCapBAC. Challenge resolution performance.
© Copyright Policy
Related In: Results  -  Collection

License
getmorefigures.php?uid=PMC4541847&req=5

f9-sensors-15-15611: CP-ABE based Anonymous DCapBAC. Challenge resolution performance.

Mentions: Figure 8 shows the performance results for the challenge generation process (step EncryptCPABE of message 13), while the values of the resolution process are shown in Figure 9 (step DecryptCPABE of message 14). These results were obtained by modifying the number of attributes defined in the access policy from 1–10, since we consider this range expressive enough for most scenarios and use cases. Furthermore, at this point, it should be pointed out two aspects of this evaluation. On the one hand, these values were achieved by considering an 80-bits security level (i.e., /p/ = 512 and /q/ = 160), which is suitable for scenarios with medium security requirements. On the other hand, the policies defined for this evaluation only consider AND connectives for one level of attributes. Therefore, the CP-ABE key used by the subject device to resolve the challenge, should be associated to (at least) all the attributes that were used to define the access policy in the encryption process.


Preserving Smart Objects Privacy through Anonymous and Accountable Access Control for a M2M-Enabled Internet of Things.

Hernández-Ramos JL, Bernabe JB, Moreno MV, Skarmeta AF - Sensors (Basel) (2015)

CP-ABE based Anonymous DCapBAC. Challenge resolution performance.
© Copyright Policy
Related In: Results  -  Collection

License
Show All Figures
getmorefigures.php?uid=PMC4541847&req=5

f9-sensors-15-15611: CP-ABE based Anonymous DCapBAC. Challenge resolution performance.
Mentions: Figure 8 shows the performance results for the challenge generation process (step EncryptCPABE of message 13), while the values of the resolution process are shown in Figure 9 (step DecryptCPABE of message 14). These results were obtained by modifying the number of attributes defined in the access policy from 1–10, since we consider this range expressive enough for most scenarios and use cases. Furthermore, at this point, it should be pointed out two aspects of this evaluation. On the one hand, these values were achieved by considering an 80-bits security level (i.e., /p/ = 512 and /q/ = 160), which is suitable for scenarios with medium security requirements. On the other hand, the policies defined for this evaluation only consider AND connectives for one level of attributes. Therefore, the CP-ABE key used by the subject device to resolve the challenge, should be associated to (at least) all the attributes that were used to define the access policy in the encryption process.

Bottom Line: This work proposes different privacy-preserving mechanisms through the application of anonymous credential systems and certificateless public key cryptography.The resulting alternatives are intended to enable an anonymous and accountable access control approach to be deployed on large-scale scenarios, such as Smart Cities.Furthermore, the proposed mechanisms have been deployed on constrained devices, in order to assess their suitability for a secure and privacy-preserving M2M-enabled Internet of Things.

View Article: PubMed Central - PubMed

Affiliation: Department of Information and Communications Engineering, Computer Science Faculty, University of Murcia, Murcia 30100, Spain. jluis.hernandez@um.es.

ABSTRACT
As we get into the Internet of Things era, security and privacy concerns remain as the main obstacles in the development of innovative and valuable services to be exploited by society. Given the Machine-to-Machine (M2M) nature of these emerging scenarios, the application of current privacy-friendly technologies needs to be reconsidered and adapted to be deployed in such global ecosystem. This work proposes different privacy-preserving mechanisms through the application of anonymous credential systems and certificateless public key cryptography. The resulting alternatives are intended to enable an anonymous and accountable access control approach to be deployed on large-scale scenarios, such as Smart Cities. Furthermore, the proposed mechanisms have been deployed on constrained devices, in order to assess their suitability for a secure and privacy-preserving M2M-enabled Internet of Things.

No MeSH data available.