Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes
Attribute spoofing is a major security threat in information exchange solutions based on Ciphertext-Policy Attribute-Based-Encryption (CP-ABE) and distributed CP-ABE (dCP-ABE), which can compromise privacy and security. This threat occurs when an attacker forces the Attribute Authorities to generate...
| Autores: | , , , |
|---|---|
| Tipo de recurso: | artículo |
| Fecha de publicación: | 2023 |
| País: | España |
| Institución: | Universidad del País Vasco |
| Repositorio: | Addi. Archivo Digital para la Docencia y la Investigación |
| OAI Identifier: | oai:addi.ehu.eus:10810/60966 |
| Acceso en línea: | http://hdl.handle.net/10810/60966 |
| Access Level: | acceso abierto |
| Palabra clave: | CP-ABE dCP-ABE IOTA IPFS FIM value chain industry 4.0 |
| id |
ES_2a5b2e4b2fc9d8fa01a6d4e1ac0ec3a3 |
|---|---|
| oai_identifier_str |
oai:addi.ehu.eus:10810/60966 |
| network_acronym_str |
ES |
| network_name_str |
España |
| repository_id_str |
|
| spelling |
Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE SchemesMosteiro Sánchez, AintzaneBarceló, MarcAstorga Burgo, JasoneUrbieta Aizpurua, AitorCP-ABEdCP-ABEIOTAIPFSFIMvalue chainindustry 4.0Attribute spoofing is a major security threat in information exchange solutions based on Ciphertext-Policy Attribute-Based-Encryption (CP-ABE) and distributed CP-ABE (dCP-ABE), which can compromise privacy and security. This threat occurs when an attacker forces the Attribute Authorities to generate keys for attributes they do not possess. This paper analyzes the threat of attribute spoofing and identifies the primary attack vectors, including direct interference with the Attribute Authority and compromise of the shared attribute storage database. The authors propose a solution based on IOTA, a DAG-type DLT, and Interplanetary File System (IPFS) to prevent attribute spoofing. The solution requires distributed attribute storage, validation, and user authentication to counteract the two attack vectors effectively. The proposed solution mitigates the consequences of attribute spoofing, including privilege escalation and reduction, acquisition of private keys, and cutoff of data access. The authors also evaluate their proposal through a value-chain use case and conclude that it effectively mitigates the consequences of attribute spoofing.This work has been financed by The European commission through the Horizon Europe program under the ZDZW project (grant agreement number 101057404).MDPI2023202320232023info:eu-repo/semantics/articleapplication/pdfhttp://hdl.handle.net/10810/60966reponame:Addi. Archivo Digital para la Docencia y la Investigacióninstname:Universidad del País VascoInglésinfo:eu-repo/grantAgreement/EC/H/101046364https://www.mdpi.com/2624-6511/6/2/44info:eu-repo/semantics/openAccesshttp://creativecommons.org/licenses/by/4.0/© 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/ 4.0/).oai:addi.ehu.eus:10810/609662026-06-18T09:23:17Z |
| dc.title.none.fl_str_mv |
Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes |
| title |
Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes |
| spellingShingle |
Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes Mosteiro Sánchez, Aintzane CP-ABE dCP-ABE IOTA IPFS FIM value chain industry 4.0 |
| title_short |
Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes |
| title_full |
Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes |
| title_fullStr |
Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes |
| title_full_unstemmed |
Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes |
| title_sort |
Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes |
| dc.creator.none.fl_str_mv |
Mosteiro Sánchez, Aintzane Barceló, Marc Astorga Burgo, Jasone Urbieta Aizpurua, Aitor |
| author |
Mosteiro Sánchez, Aintzane |
| author_facet |
Mosteiro Sánchez, Aintzane Barceló, Marc Astorga Burgo, Jasone Urbieta Aizpurua, Aitor |
| author_role |
author |
| author2 |
Barceló, Marc Astorga Burgo, Jasone Urbieta Aizpurua, Aitor |
| author2_role |
author author author |
| dc.subject.none.fl_str_mv |
CP-ABE dCP-ABE IOTA IPFS FIM value chain industry 4.0 |
| topic |
CP-ABE dCP-ABE IOTA IPFS FIM value chain industry 4.0 |
| description |
Attribute spoofing is a major security threat in information exchange solutions based on Ciphertext-Policy Attribute-Based-Encryption (CP-ABE) and distributed CP-ABE (dCP-ABE), which can compromise privacy and security. This threat occurs when an attacker forces the Attribute Authorities to generate keys for attributes they do not possess. This paper analyzes the threat of attribute spoofing and identifies the primary attack vectors, including direct interference with the Attribute Authority and compromise of the shared attribute storage database. The authors propose a solution based on IOTA, a DAG-type DLT, and Interplanetary File System (IPFS) to prevent attribute spoofing. The solution requires distributed attribute storage, validation, and user authentication to counteract the two attack vectors effectively. The proposed solution mitigates the consequences of attribute spoofing, including privilege escalation and reduction, acquisition of private keys, and cutoff of data access. The authors also evaluate their proposal through a value-chain use case and conclude that it effectively mitigates the consequences of attribute spoofing. |
| publishDate |
2023 |
| dc.date.none.fl_str_mv |
2023 2023 2023 2023 |
| dc.type.none.fl_str_mv |
info:eu-repo/semantics/article |
| format |
article |
| dc.identifier.none.fl_str_mv |
http://hdl.handle.net/10810/60966 |
| url |
http://hdl.handle.net/10810/60966 |
| dc.language.none.fl_str_mv |
Inglés |
| language_invalid_str_mv |
Inglés |
| dc.relation.none.fl_str_mv |
info:eu-repo/grantAgreement/EC/H/101046364 https://www.mdpi.com/2624-6511/6/2/44 |
| dc.rights.none.fl_str_mv |
info:eu-repo/semantics/openAccess http://creativecommons.org/licenses/by/4.0/ |
| eu_rights_str_mv |
openAccess |
| rights_invalid_str_mv |
http://creativecommons.org/licenses/by/4.0/ |
| dc.format.none.fl_str_mv |
application/pdf |
| dc.publisher.none.fl_str_mv |
MDPI |
| publisher.none.fl_str_mv |
MDPI |
| dc.source.none.fl_str_mv |
reponame:Addi. Archivo Digital para la Docencia y la Investigación instname:Universidad del País Vasco |
| instname_str |
Universidad del País Vasco |
| reponame_str |
Addi. Archivo Digital para la Docencia y la Investigación |
| collection |
Addi. Archivo Digital para la Docencia y la Investigación |
| repository.name.fl_str_mv |
|
| repository.mail.fl_str_mv |
|
| _version_ |
1869405063754022912 |
| score |
15,300719 |