End to End secure data exchange in value chains with dynamic policy updates
Data exchange among value chain partners offers a competitive advantage, but it also exposes sensitive data to increasing risks of compromise. To protect this data, securing it during storage and transmission is essential, allowing only the data producer and final consumer to access or modify it. Th...
| Autores: | , , , |
|---|---|
| Tipo de recurso: | artículo |
| Fecha de publicación: | 2024 |
| País: | España |
| Institución: | Universidad del País Vasco |
| Repositorio: | Addi. Archivo Digital para la Docencia y la Investigación |
| OAI Identifier: | oai:addi.ehu.eus:10810/76521 |
| Acceso en línea: | http://hdl.handle.net/10810/76521 |
| Access Level: | acceso abierto |
| Palabra clave: | CP-ABE data exchange end-to-end (E2E) security IIoT policy update value chain |
| id |
ES_a08a5bfcd9d56aa93a3fd535df4b7e01 |
|---|---|
| oai_identifier_str |
oai:addi.ehu.eus:10810/76521 |
| network_acronym_str |
ES |
| network_name_str |
España |
| repository_id_str |
|
| spelling |
End to End secure data exchange in value chains with dynamic policy updatesMosteiro Sánchez, AintzaneBarceló, MarcAstorga Burgo, JasoneUrbieta Aizpurua, AitorCP-ABEdata exchangeend-to-end (E2E) securityIIoTpolicy updatevalue chainData exchange among value chain partners offers a competitive advantage, but it also exposes sensitive data to increasing risks of compromise. To protect this data, securing it during storage and transmission is essential, allowing only the data producer and final consumer to access or modify it. This can be particularly challenging for Industrial Internet of Things (IIoT) devices, which often have limited processing and memory capabilities. To address these challenges, End-to-End (E2E) security mechanisms are needed to prevent data breaches resulting from value chain attacks. Additionally, value chain environments are dynamic and involve multiple data generation and consumption entities, requiring the ability to update access policies as needed. This paper presents a Ciphertext-Policy Attribute-Based Encryption (CP-ABE) data exchange system that provides E2E security for value chains, considering the most relevant security and industrial requirements. The proposed solution can protect data according to access policies while also allowing those policies to be updated without breaking E2E security or overloading field devices. The experimental evaluation demonstrates the feasibility of the proposed solution for IIoT platforms.The European commission financially supported this work through Horizon Europe program under the ZDZW project (grant agreement N°101057404). It was also partially supported by the Department of Economic Development, Sustainability and Environment of the Basque Government under the ELKARTEK 2023 program , project BEACON (with grant agreement N°KK-2023/00085).Elsevier2026202520252024info:eu-repo/semantics/articlehttp://hdl.handle.net/10810/76521reponame:Addi. Archivo Digital para la Docencia y la Investigacióninstname:Universidad del País VascoIngléshttps://doi.org/10.1016/j.future.2024.04.053info:eu-repo/semantics/openAccesshttp://creativecommons.org/licenses/by-nc-nd/3.0/es/© 2024 Elsevier under CC BY-NC-ND licenseoai:addi.ehu.eus:10810/765212026-06-18T09:23:17Z |
| dc.title.none.fl_str_mv |
End to End secure data exchange in value chains with dynamic policy updates |
| title |
End to End secure data exchange in value chains with dynamic policy updates |
| spellingShingle |
End to End secure data exchange in value chains with dynamic policy updates Mosteiro Sánchez, Aintzane CP-ABE data exchange end-to-end (E2E) security IIoT policy update value chain |
| title_short |
End to End secure data exchange in value chains with dynamic policy updates |
| title_full |
End to End secure data exchange in value chains with dynamic policy updates |
| title_fullStr |
End to End secure data exchange in value chains with dynamic policy updates |
| title_full_unstemmed |
End to End secure data exchange in value chains with dynamic policy updates |
| title_sort |
End to End secure data exchange in value chains with dynamic policy updates |
| dc.creator.none.fl_str_mv |
Mosteiro Sánchez, Aintzane Barceló, Marc Astorga Burgo, Jasone Urbieta Aizpurua, Aitor |
| author |
Mosteiro Sánchez, Aintzane |
| author_facet |
Mosteiro Sánchez, Aintzane Barceló, Marc Astorga Burgo, Jasone Urbieta Aizpurua, Aitor |
| author_role |
author |
| author2 |
Barceló, Marc Astorga Burgo, Jasone Urbieta Aizpurua, Aitor |
| author2_role |
author author author |
| dc.subject.none.fl_str_mv |
CP-ABE data exchange end-to-end (E2E) security IIoT policy update value chain |
| topic |
CP-ABE data exchange end-to-end (E2E) security IIoT policy update value chain |
| description |
Data exchange among value chain partners offers a competitive advantage, but it also exposes sensitive data to increasing risks of compromise. To protect this data, securing it during storage and transmission is essential, allowing only the data producer and final consumer to access or modify it. This can be particularly challenging for Industrial Internet of Things (IIoT) devices, which often have limited processing and memory capabilities. To address these challenges, End-to-End (E2E) security mechanisms are needed to prevent data breaches resulting from value chain attacks. Additionally, value chain environments are dynamic and involve multiple data generation and consumption entities, requiring the ability to update access policies as needed. This paper presents a Ciphertext-Policy Attribute-Based Encryption (CP-ABE) data exchange system that provides E2E security for value chains, considering the most relevant security and industrial requirements. The proposed solution can protect data according to access policies while also allowing those policies to be updated without breaking E2E security or overloading field devices. The experimental evaluation demonstrates the feasibility of the proposed solution for IIoT platforms. |
| publishDate |
2024 |
| dc.date.none.fl_str_mv |
2024 2025 2025 2026 |
| dc.type.none.fl_str_mv |
info:eu-repo/semantics/article |
| format |
article |
| dc.identifier.none.fl_str_mv |
http://hdl.handle.net/10810/76521 |
| url |
http://hdl.handle.net/10810/76521 |
| dc.language.none.fl_str_mv |
Inglés |
| language_invalid_str_mv |
Inglés |
| dc.relation.none.fl_str_mv |
https://doi.org/10.1016/j.future.2024.04.053 |
| dc.rights.none.fl_str_mv |
info:eu-repo/semantics/openAccess http://creativecommons.org/licenses/by-nc-nd/3.0/es/ © 2024 Elsevier under CC BY-NC-ND license |
| eu_rights_str_mv |
openAccess |
| rights_invalid_str_mv |
http://creativecommons.org/licenses/by-nc-nd/3.0/es/ © 2024 Elsevier under CC BY-NC-ND license |
| dc.publisher.none.fl_str_mv |
Elsevier |
| publisher.none.fl_str_mv |
Elsevier |
| dc.source.none.fl_str_mv |
reponame:Addi. Archivo Digital para la Docencia y la Investigación instname:Universidad del País Vasco |
| instname_str |
Universidad del País Vasco |
| reponame_str |
Addi. Archivo Digital para la Docencia y la Investigación |
| collection |
Addi. Archivo Digital para la Docencia y la Investigación |
| repository.name.fl_str_mv |
|
| repository.mail.fl_str_mv |
|
| _version_ |
1869415019404328960 |
| score |
15,811543 |