TY - JOUR
T1 - Towards Efficient Fine-Grained Access Control and Trustworthy Data Processing for Remote Monitoring Services in IoT
AU - Chen, Yaxing
AU - Sun, Wenhai
AU - Zhang, Ning
AU - Zheng, Qinghua
AU - Lou, Wenjing
AU - Hou, Y. Thomas
N1 - Publisher Copyright:
© 2018 IEEE.
PY - 2019/7
Y1 - 2019/7
N2 - As an important application of the Internet of Things, many remote monitoring systems adopt a device-to-cloud network paradigm. In a remote patient monitoring case, various resource-constrained devices are used to measure the health conditions of a target patient in a distant non-clinical environment and the collected data are sent to the cloud backend of an authorized health care service for processing and decision making. As the measurements involve private patient information, access control and trustworthy processing of the confidential data become very important. Software-based solutions that adopt advanced cryptographic tools, such as attribute-based encryption and fully homomorphic encryption, can address the problem, but they also impose substantial computation overhead on both client and server sides. In this paper, we deviate from the conventional software-based solutions and propose a secure and efficient remote monitoring framework, called SRM, using the latest hardware-based trustworthy computing technology, such as Intel SGX. In addition, we present a robust and lightweight 'heartbeat' protocol to handle notoriously difficult key revocation problem. We implemented a prototype of the framework for SRM and show that SRM can protect user data privacy against unauthorized parties, with minimum performance cost compared to existing software-based solutions.
AB - As an important application of the Internet of Things, many remote monitoring systems adopt a device-to-cloud network paradigm. In a remote patient monitoring case, various resource-constrained devices are used to measure the health conditions of a target patient in a distant non-clinical environment and the collected data are sent to the cloud backend of an authorized health care service for processing and decision making. As the measurements involve private patient information, access control and trustworthy processing of the confidential data become very important. Software-based solutions that adopt advanced cryptographic tools, such as attribute-based encryption and fully homomorphic encryption, can address the problem, but they also impose substantial computation overhead on both client and server sides. In this paper, we deviate from the conventional software-based solutions and propose a secure and efficient remote monitoring framework, called SRM, using the latest hardware-based trustworthy computing technology, such as Intel SGX. In addition, we present a robust and lightweight 'heartbeat' protocol to handle notoriously difficult key revocation problem. We implemented a prototype of the framework for SRM and show that SRM can protect user data privacy against unauthorized parties, with minimum performance cost compared to existing software-based solutions.
KW - fine-grained access control
KW - Internet-of-Things (IoT)
KW - Remote patient monitoring
KW - secure hardware
KW - trusted computing
UR - https://www.scopus.com/pages/publications/85058105990
U2 - 10.1109/TIFS.2018.2885287
DO - 10.1109/TIFS.2018.2885287
M3 - Article
AN - SCOPUS:85058105990
SN - 1556-6013
VL - 14
SP - 1830
EP - 1842
JO - IEEE Transactions on Information Forensics and Security
JF - IEEE Transactions on Information Forensics and Security
IS - 7
M1 - 8566004
ER -