Security and Efficiency Enhanced Revocable Access Control for Fog-Based Smart Grid System

With the popularity of smart grids, plentiful of smart devices have been put into use, such as smart meters and power assets. Due to limited computation capabilities and storage spaces of these devices, the collected data need to be "outsourced" towards the data server for processing and storage. The data owners, therefore, lose direct control over these "outsourced" data, leading to significant security issues of the users' data. In this paper, aiming at solving this problem, we propose a multi-authority Ciphertext Policy Attribute-based Encryption (CP-ABE) scheme with revocation for the fog-based smart grid system. Specifically, in order to achieve attribute revocation without requiring users to be always online, we use the DH (Diffie-Hellman) tree to distribute the group key statelessly, which also solves the problem of collusion attack initiated by revoked user and valid user. To improve security of our proposed scheme, we remove the trusted key authority (KA) by using a secure two-party computation (2PC) protocol between the KA and the cloud service provider to generate user private key. To improve efficiency of our proposed scheme, we combine user and attribute revocation, and outsource complex calculations to fog nodes. Furthermore, our proposed scheme uses attribute group key and leaf private key together to protect user proxy key, which reduces the storage overhead of the system and improves the security. Both security analysis and experimental results demonstrate that our proposed scheme can balance the security objectives with the efficiency.