The number of IoT devices is continuously increasing. Secure data sharing governed by appropriate access control is required to safely utilize data generated by IoT devices. Storing data in a public cloud is suitable for deploying services with distributed data sharing on a large scale. However, this raises security concerns since even when the data are encrypted, an adverse third party may access them if a decryption key is stored within the same environment (key escrow problem). Conventional methods are not supposed to be used in the IoT environment or have issues with security, key distribution, and changing access authority. We propose a novel approach to securely share the data generated by IoT devices within a public cloud. Our method enables 1) addressing the key escrow problem; 2) providing forward secrecy; 3) ensuring indistinguishability under Adaptive Chosen Ciphertext Attack (safety equivalent to IND-CCA2); 4) changing access authority easily; and 5) saving computational resources of IoT devices. We implemented this method and evaluated its performance. The experimental results show that it has comparable or better performance compared with conventional methods. Furthermore, we confirm that resource consumption in our method is more practical even in the large-scale IoT environment.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.