Efficient and Secure Access Control for IoT-based Environmental Monitoring

Authors

  • Asia Othman Aljahdali Cybersecurity Department, College of Computer Sciences and Engineering, University of Jeddah, Saudi Arabia
  • Afnan Habibullah Cybersecurity Department, College of Computer Sciences and Engineering, University of Jeddah, Saudi Arabia
  • Huda Aljohani Cybersecurity Department, College of Computer Sciences and Engineering, University of Jeddah, Saudi Arabia
Volume: 13 | Issue: 5 | Pages: 11807-11815 | October 2023 | https://doi.org/10.48084/etasr.6193

Received: 14 August 2023 | Revised: 27 August 2023 | Accepted: 30 August 2023 | Online: 13 October 2023


Corresponding author: Asia Othman Aljahdali

Abstract

Environmental monitoring devices based on IoT collect a large amount of data about the environment and our surroundings. These data are collected and processed before being uploaded to third-party servers and accessed and viewed by ordinary or specialized users. However, they may hold sensitive information that should not be exposed to unauthorized users. Therefore, accessing this sensitive information must be strictly controlled and limited in order to prevent unauthorized access. This research intends to create an access control mechanism based on distributed ledger technologies. The idea is to use a hybrid of IOTA technology and Ciphertext-Policy Attribute-Based Signcryption (CP-ABSC) technology. The permissions to access these data are written in a token, and this token will be sent to the Tangle after being signcrypted with CP-ABSC. Consequently, the data will be safeguarded, their confidentiality and integrity will be maintained, and unauthorized individuals will be unable to access the information. The proposed system was evaluated in terms of performance and the results showed that the system is straightforward, rapid, and convenient to use. Furthermore, a security assessment was conducted by running several scenarios to evaluate its feasibility and protection.

Keywords:

IOTA, access control, ciphertext-policy, attribute-based signcryption, Internet of things (IoT), user authentication, privacy

Downloads

Download data is not yet available.

References

S. Zafar, G. Miraj, R. Baloch, D. Murtaza, and K. Arshad, "An IoT Based Real-Time Environmental Monitoring System Using Arduino and Cloud Service," Engineering, Technology & Applied Science Research, vol. 8, no. 4, pp. 3238–3242, Aug. 2018.

Y. B. Zikria, R. Ali, M. K. Afzal, and S. W. Kim, "Next-Generation Internet of Things (IoT): Opportunities, Challenges, and Solutions," Sensors, vol. 21, no. 4, Jan. 2021, Art. no. 1174.

A. N. Chaudhari and G. A. Kulkarni, "IOT based environmental pollution monitoring system," International Research Journal of Engineering and Technology, vol. 4, no. 6, pp. 1823–1829, Jun. 2017.

R. Nakanishi, Y. Zhang, M. Sasabe, and S. Kasahara, "IOTA-Based Access Control Framework for the Internet of Things," in 2020 2nd Conference on Blockchain Research & Applications for Innovative Networks and Services (BRAINS), Paris, France, Sep. 2020, pp. 87–95.

Y. Zhang, R. Nakanishi, M. Sasabe, and S. Kasahara, "Combining IOTA and Attribute-Based Encryption for Access Control in the Internet of Things," Sensors, vol. 21, no. 15, Jan. 2021, Art. no. 5053.

G. Lin, Y. Xia, C. Ying, and Z. Sun, "F2P-ABS: A Fast and Secure Attribute-Based Signature for Mobile Platforms," Security and Communication Networks, vol. 2019, Dec. 2019, Art. no. e5380710.

N. A. Alsharif, S. Mishra, and M. Alshehri, "IDS in IoT using Machine ‎Learning and Blockchain," Engineering, Technology & Applied Science Research, vol. 13, no. 4, pp. 11197–11203, Aug. 2023.

J. Yu, S. Liu, S. Wang, Y. Xiao, and B. Yan, "LH-ABSC: A Lightweight Hybrid Attribute-Based Signcryption Scheme for Cloud-Fog-Assisted IoT," IEEE Internet of Things Journal, vol. 7, no. 9, pp. 7949–7966, Sep. 2020.

S. Y. A. Zaidi et al., "An Attribute-Based Access Control for IoT Using Blockchain and Smart Contracts," Sustainability, vol. 13, no. 19, Jan. 2021, Art. no. 10556.

N. Eltayieb, R. Elhabob, A. Hassan, and F. Li, "A blockchain-based attribute-based signcryption scheme to secure data sharing in the cloud," Journal of Systems Architecture, vol. 102, Jan. 2020, Art. no. 101653.

X. Yang, T. Li, W. Xi, A. Chen, and C. Wang, "A Blockchain-Assisted Verifiable Outsourced Attribute-Based Signcryption Scheme for EHRs Sharing in the Cloud," IEEE Access, vol. 8, pp. 170713–170731, 2020.

S. K. Pinjala and K. M. Sivalingam, "DCACI: A Decentralized Lightweight Capability Based Access Control Framework using IOTA for Internet of Things," in 2019 IEEE 5th World Forum on Internet of Things (WF-IoT), Limerick, Ireland, Apr. 2019, pp. 13–18.

O. Lamtzidis and J. Gialelis, "An IOTA Based Distributed Sensor Node System," in 2018 IEEE Globecom Workshops (GC Wkshps), Abu Dhabi, United Arab Emirates, Sep. 2018.

"What does IOTA stand for?," Quora. https://www.quora.com/What-does-IOTA-stand-for.

M. M. Akhtar, M. Z. Khan, M. A. Ahad, A. Noorwali, D. R. Rizvi, and C. Chakraborty, "Distributed ledger technology based robust access control and real-time synchronization for consumer electronics," PeerJ Computer Science, vol. 7, Jun. 2021, Art. no. e566.

P. C. Bartolomeu, E. Vieira, and J. Ferreira, "IOTA Feasibility and Perspectives for Enabling Vehicular Applications," in 2018 IEEE Globecom Workshops (GC Wkshps), Abu Dhabi, United Arab Emirates, Sep. 2018.

V. Goyal, O. Pandey, A. Sahai, and B. Waters, "Attribute-based encryption for fine-grained access control of encrypted data," in Proceedings of the 13th ACM conference on Computer and communications security, New York, NY, USA, Jul. 2006, pp. 89–98.

J. Bethencourt, A. Sahai, and B. Waters, "Ciphertext-Policy Attribute-Based Encryption," in 2007 IEEE Symposium on Security and Privacy (SP ’07), Berkeley, CA, USA, Feb. 2007, pp. 321–334.

A. Lewko, T. Okamoto, A. Sahai, K. Takashima, and B. Waters, "Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption," in Advances in Cryptology – EUROCRYPT 2010, 2010, pp. 62–91.

H. K. Maji, M. Prabhakaran, and M. Rosulek, "Attribute-Based Signatures," in Topics in Cryptology – CT-RSA 2011, 2011, pp. 376–392.

G. Lin, Y. Xia, C. Ying, and Z. Sun, "F2P-ABS: A Fast and Secure Attribute-Based Signature for Mobile Platforms," Security and Communication Networks, vol. 2019, Dec. 2019, Art. no. e5380710.

Y. Zheng, "Digital signcryption or how to achieve cost(signature & encryption) ≪ cost(signature) + cost(encryption)," in Advances in Cryptology — CRYPTO ’97, 1997, pp. 165–179.

Downloads

How to Cite

[1]
A. O. Aljahdali, A. Habibullah, and H. Aljohani, “Efficient and Secure Access Control for IoT-based Environmental Monitoring”, Eng. Technol. Appl. Sci. Res., vol. 13, no. 5, pp. 11807–11815, Oct. 2023.

Metrics

Abstract Views: 354
PDF Downloads: 256

Metrics Information

License

Copyright (c) 2023 Asia Othman Aljahdali, Afnan Habibullah, Huda Aljohani

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors who publish with this journal agree to the following terms:

- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.

Crossref
Scopus
Google Scholar
Europe PMC

Most read articles by the same author(s)