Access Control Based on Ciphertext Attribute Authentication and Threshold Policy for the Internet of Things

摘要

The development of the Internet of Things has led to great development of data sharing and data interaction, which has made security and privacy more and more a concern for users. How to ensure the safe sharing of data, avoid the leakage of sensitive information, and protect the privacy of users is a serious challenge. Access control is an important issue to ensure the trust of the Internet of Things. This paper proposes an access control scheme based on ciphertext attribute authentication and threshold policy, which uses the identity authentication of hidden attributes and divides the user’s permission grade by setting the threshold function with the user’s attributes. Users obtain different permission grades according to attribute authentication and access data of different sensitivity grades to achieve fine-grained, flexible and secure access to data in the cloud server while protecting personal privacy issues. In addition, when the resource is acquired, the identity and permission joint authentication method is adopted to avoid the collusion attack of the illegal member, which makes the resource access control more secure.