Catch me if you can: A Secure Bilateral Access Control System With Anonymous Credentials
Abstract: Bilateral access control model, emerging as a novel paradigm in access control, has garnered extensive deployment within the domain of fog computing. This model offers on-demand data services, enabling the efficient identification of sensitive data without resorting to resource-intensive decryption procedures. Nonetheless, prevailing solutions exhibit impracticalities. Specifically, they fall short in supporting adaptive security, while presuming unwavering trustworthiness of the central authority. In this paper, we introduce a pioneering fine-grained and adaptively secure bilateral access control system through enhancements to the matchmaking attribute-based encryption (MABE) framework. We give a formalized definition of MABE, incorporating desirable security features such as blindness and unlinkability, aimed at capturing potential misconduct by the central authority. We propose a generic construction of MABE, drawing upon attribute-based encryption (ABE) and anonymous credential schemes (ACS), with provable security via formal security reduction in the adaptive model. We present an efficient instantiation of the MABE framework by introducing a practical ACS solution, wherein a cryptographic accumulator is employed to enhance performance. Experimental simulations substantiate that our solution not only has superior functionalities but also demonstrates performance on par with state-of-the-art solutions.
Loading