Skip to main content
SpringerLink
Log in

An Encryption-Based Approach to Protect Fog Federations from Rogue Nodes

  • Conference paper
  • First Online:
Security, Privacy, and Anonymity in Computation, Communication, and Storage (SpaCCS 2019)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 11611))

Abstract

The cloud computing paradigm has revolutionized the concept of computing and has gained a huge attention since it provides computing resources as a service over the internet. As auspicious as this model is, it brings forth many challenges: everything from data security to time latency issues with data computation and delivery to end users. To manage these challenges with the cloud, a fog computing paradigm has emerged. In the context of the computing, fog computing involves placing mini clouds close to end users to solve time latency problems. However, as fog computing is an extension of cloud computing, it inherits the same security and privacy challenges encountered by traditional cloud computing. These challenges have accelerated the research community’s efforts to find effective solutions. In this paper, we propose a secure and fine-grained data access control scheme based on the ciphertext-policy attribute-based encryption (CP-ABE) algorithm to prevent fog nodes from violating end users’ confidentiality in situations where a compromised fog node has been ousted. In addition, to provide decreased time latency and low communication overhead between the Cloud Service Provider (CSP) and the fog nodes (FNs), our scheme classifies the fog nodes into fog federations (FF), by location and services provided, and each fog node divides the plaintext to be encrypted into multiple blocks to accelerate the time when retrieving ciphertext from the CSP. We demonstrate our scheme’s efficiency by carrying on a simulation and analyzing its security and performance.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Beimel, A.: Secure schemes for secret sharing and key distribution. Technion-Israel Institute of Technology, Faculty of Computer Science (1996)

    Google Scholar 

  2. Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-policy attribute-based encryption. In: 2007 IEEE Symposium on Security and Privacy, SP 2007, pp. 321–334. IEEE (2007)

    Google Scholar 

  3. Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_13

    Chapter  Google Scholar 

  4. Bonomi, F., Milito, R., Zhu, J., Addepalli, S.: Fog computing and its role in the Internet of Things. In: Proceedings of the First Edition of the MCC Workshop on Mobile Cloud Computing, pp. 13–16. ACM (2012)

    Google Scholar 

  5. Caro, A., Iovino, V.: Java pairing-based cryptography library (2013)

    Google Scholar 

  6. Deng, R., Lu, R., Lai, C., Luan, T.H.: Towards power consumption-delay tradeoff by workload allocation in cloud-fog computing. In: 2015 IEEE International Conference on Communications (ICC), pp. 3909–3914. IEEE (2015)

    Google Scholar 

  7. Fox, A., et al.: Above the clouds: a Berkeley view of cloud computing. Department Electrical Engineering and Computer Sciences, University of California, Berkeley, Rep. UCB/EECS 28(13) (2009)

    Google Scholar 

  8. Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp. 89–98. ACM (2006)

    Google Scholar 

  9. Green, M., Hohenberger, S., Waters, B., et al.: Outsourcing the decryption of ABE ciphertexts. In: USENIX Security Symposium, vol. 2011 (2011)

    Google Scholar 

  10. Hu, C., Li, H., Huo, Y., Xiang, T., Liao, X.: Secure and efficient data communication protocol for wireless body area networks. IEEE Trans. Multi-Scale Comput. Syst. 2, 94–107 (2016)

    Article  Google Scholar 

  11. Huang, Q., Yang, Y., Wang, L.: Secure data access control with ciphertext update and computation outsourcing in fog computing for Internet of Things. IEEE Access 5, 12941–12950 (2017)

    Article  Google Scholar 

  12. Jiang, Y., Susilo, W., Mu, Y., Guo, F.: Ciphertext-policy attribute-based encryption against key-delegation abuse in fog computing. Futur. Gener. Comput. Syst. 78, 720–729 (2018)

    Article  Google Scholar 

  13. Li, J., Jin, J., Yuan, D., Palaniswami, M., Moessner, K.: Ehopes: data-centered fog platform for smart living. In: 2015 International Telecommunication Networks and Applications Conference (ITNAC), pp. 308–313. IEEE (2015)

    Google Scholar 

  14. Li, J., Yao, W., Zhang, Y., Qian, H., Han, J.: Flexible and fine-grained attribute-based data storage in cloud computing. IEEE Trans. Serv. Comput. 10(5), 785–796 (2017)

    Article  Google Scholar 

  15. Li, J., Zhang, Y., Chen, X., Xiang, Y.: Secure attribute-based data sharing for resource-limited users in cloud computing. Comput. Secur. 72, 1–12 (2018)

    Article  Google Scholar 

  16. Lynn, B.: The pairing-based cryptography (PBC) library (2010)

    Google Scholar 

  17. Mao, X., Lai, J., Mei, Q., Chen, K., Weng, J.: Generic and efficient constructions of attribute-based encryption with verifiable outsourced decryption. IEEE Trans. Dependable Secur. Comput. 13, 533–546 (2016)

    Article  Google Scholar 

  18. Ning, J., Cao, Z., Dong, X., Wei, L., Lin, X.: Large universe ciphertext-policy attribute-based encryption with white-box traceability. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8713, pp. 55–72. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11212-1_4

    Chapter  Google Scholar 

  19. Ning, J., Dong, X., Cao, Z., Wei, L., Lin, X.: White-box traceable ciphertext-policy attribute-based encryption supporting flexible attributes. IEEE Trans. Inf. Forensics Secur. 10(6), 1274–1288 (2015)

    Article  Google Scholar 

  20. Ruj, S., Nayak, A., Stojmenovic, I.: DACC: distributed access control in clouds. In: 2011 International Joint Conference of IEEE TrustCom-11/IEEE ICESS-11/FCST-11 (TrustCom 2011), pp. 91–98. IEEE (2011)

    Google Scholar 

  21. Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27

    Chapter  Google Scholar 

  22. Sookhak, M., Yu, F.R., Khan, M.K., Xiang, Y., Buyya, R.: Attribute-based data access control in mobile cloud computing. Future Gener. Comput. Syst. 72(C), 273–287 (2017)

    Article  Google Scholar 

  23. Stojmenovic, I., Wen, S., Huang, X., Luan, H.: An overview of fog computing and its security issues. Concurr. Comput.: Pract. Exp. 28(10), 2991–3005 (2016)

    Article  Google Scholar 

  24. Tysowski, P., Hasan, M.: Hybrid attribute-based encryption and re-encryption for scalable mobile applications in clouds. IEEE Trans. Cloud Comput. 1, 172–186 (2013)

    Article  Google Scholar 

  25. Wang, H.: Identity-based distributed provable data possession in multicloud storage. IEEE Trans. Serv. Comput. 2, 328–340 (2015)

    Article  Google Scholar 

  26. Wang, H., Wu, Q., Qin, B., Domingo-Ferrer, J.: Identity-based remote data possession checking in public clouds. IET Inf. Secur. 8(2), 114–121 (2014)

    Article  Google Scholar 

  27. Xiao, M., Zhou, J., Liu, X., Jiang, M.: A hybrid scheme for fine-grained search and access authorization in fog computing environment. Sensors 17(6), 1423 (2017)

    Article  Google Scholar 

  28. Yi, S., Li, C., Li, Q.: A survey of fog computing: concepts, applications and issues. In: Proceedings of the 2015 Workshop on Mobile Big Data, pp. 37–42. ACM (2015)

    Google Scholar 

  29. Yi, S., Qin, Z., Li, Q.: Security and privacy issues of fog computing: a survey. In: Xu, K., Zhu, H. (eds.) WASA 2015. LNCS, vol. 9204, pp. 685–695. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21837-3_67

    Chapter  Google Scholar 

  30. Yu, S., Ren, K., Lou, W.: FDAC: toward fine-grained distributed data access control in wireless sensor networks. IEEE Trans. Parallel Distrib. Syst. 22(4), 673–686 (2011)

    Article  Google Scholar 

  31. Yu, S., Wang, C., Ren, K., Lou, W.: Achieving secure, scalable, and fine-grained data access control in cloud computing. In: 2010 IEEE Proceedings of Infocom, pp. 1–9. IEEE (2010)

    Google Scholar 

  32. Yu, S., Wang, C., Ren, K., Lou, W.: Attribute based data sharing with attribute revocation. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security, pp. 261–270. ACM (2010)

    Google Scholar 

  33. Zuo, C., Shao, J., Wei, G., Xie, M., Ji, M.: CCA-secure ABE with outsourced decryption for fog computing. Futur. Gener. Comput. Syst. 78, 730–738 (2018)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Arkansas, Fayetteville, AR, 72701, USA

    Mohammed Alshehri & Brajendra Panda

Authors
  1. Mohammed Alshehri
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Brajendra Panda
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Mohammed Alshehri or Brajendra Panda .

Editor information

Editors and Affiliations

  1. Guangzhou University, Guangzhou, China

    Guojun Wang

  2. Huazhong University of Science and Technology, Wuhan, China

    Jun Feng

  3. Fordham University, New York City, NY, USA

    Md Zakirul Alam Bhuiyan

  4. University of New Brunswick, Fredericton, NB, Canada

    Rongxing Lu

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Alshehri, M., Panda, B. (2019). An Encryption-Based Approach to Protect Fog Federations from Rogue Nodes. In: Wang, G., Feng, J., Bhuiyan, M., Lu, R. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2019. Lecture Notes in Computer Science(), vol 11611. Springer, Cham. https://doi.org/10.1007/978-3-030-24907-6_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-24907-6_18

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-24906-9

  • Online ISBN: 978-3-030-24907-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation