TY - GEN
T1 - Don't hesitate to share! A novel IoT data protection scheme based on BGN cryptosystem
AU - Halder, Subir
AU - Conti, Mauro
N1 - Publisher Copyright:
© 2019 Association for Computing Machinery.
PY - 2019
Y1 - 2019
N2 - In cloud-based Internet of Things (IoT), sharing of data with third-party services and other users, inherently incurs potential risk and leads to unique security and privacy concerns. Existing cryptographic solutions ensure the security of IoT data, but due to their significant computational overhead, most of them are not suitable for resource-constrained IoT devices. To address these concerns, we propose a data protection system to store encrypted IoT data in a cloud while still allowing query processing over the encrypted data. More importantly, our proposed system features a novel encrypted data sharing scheme based on Boneh-Goh-Nissim (BGN) cryptosystem, with revocation capabilities and in-situ key update. We perform exhaustive experiments on real datasets, primarily to assess the feasibility of the proposed system on resource-constrained IoT devices. We next measure the computation overhead, storage overhead and throughput. The experimental results show that our system is not only feasible, but also provides a high level of security. Furthermore, the results show that our system is 34% more computationally faster, requires 25% less storage and 15% more throughput than the best performed system in the state-of-the-art.
AB - In cloud-based Internet of Things (IoT), sharing of data with third-party services and other users, inherently incurs potential risk and leads to unique security and privacy concerns. Existing cryptographic solutions ensure the security of IoT data, but due to their significant computational overhead, most of them are not suitable for resource-constrained IoT devices. To address these concerns, we propose a data protection system to store encrypted IoT data in a cloud while still allowing query processing over the encrypted data. More importantly, our proposed system features a novel encrypted data sharing scheme based on Boneh-Goh-Nissim (BGN) cryptosystem, with revocation capabilities and in-situ key update. We perform exhaustive experiments on real datasets, primarily to assess the feasibility of the proposed system on resource-constrained IoT devices. We next measure the computation overhead, storage overhead and throughput. The experimental results show that our system is not only feasible, but also provides a high level of security. Furthermore, the results show that our system is 34% more computationally faster, requires 25% less storage and 15% more throughput than the best performed system in the state-of-the-art.
KW - BGN cryptosystem
KW - Cloud computing
KW - Data security
KW - Internet of Things
KW - Secure sharing
KW - Somewhat homomorphic encryption
UR - http://www.scopus.com/inward/record.url?scp=85065674849&partnerID=8YFLogxK
U2 - 10.1145/3297280.3297310
DO - 10.1145/3297280.3297310
M3 - Conference contribution
AN - SCOPUS:85065674849
SN - 9781450359337
T3 - Proceedings of the ACM Symposium on Applied Computing
SP - 284
EP - 291
BT - Proceedings of the ACM Symposium on Applied Computing
PB - Association for Computing Machinery
T2 - 34th Annual ACM Symposium on Applied Computing, SAC 2019
Y2 - 8 April 2019 through 12 April 2019
ER -