End to End secure data exchange in value chains with dynamic policy updates

Data exchange among value chain partners offers a competitive advantage, but it also exposes sensitive data to increasing risks of compromise. To protect this data, securing it during storage and transmission is essential, allowing only the data producer and final consumer to access or modify it. Th...

Descripción completa

Detalles Bibliográficos
Autores: Mosteiro Sánchez, Aintzane, Barceló, Marc, Astorga Burgo, Jasone, Urbieta Aizpurua, Aitor
Tipo de recurso: artículo
Fecha de publicación:2024
País:España
Institución:Universidad del País Vasco
Repositorio:Addi. Archivo Digital para la Docencia y la Investigación
OAI Identifier:oai:addi.ehu.eus:10810/76521
Acceso en línea:http://hdl.handle.net/10810/76521
Access Level:acceso abierto
Palabra clave:CP-ABE
data exchange
end-to-end (E2E) security
IIoT
policy update
value chain
id ES_a08a5bfcd9d56aa93a3fd535df4b7e01
oai_identifier_str oai:addi.ehu.eus:10810/76521
network_acronym_str ES
network_name_str España
repository_id_str
spelling End to End secure data exchange in value chains with dynamic policy updatesMosteiro Sánchez, AintzaneBarceló, MarcAstorga Burgo, JasoneUrbieta Aizpurua, AitorCP-ABEdata exchangeend-to-end (E2E) securityIIoTpolicy updatevalue chainData exchange among value chain partners offers a competitive advantage, but it also exposes sensitive data to increasing risks of compromise. To protect this data, securing it during storage and transmission is essential, allowing only the data producer and final consumer to access or modify it. This can be particularly challenging for Industrial Internet of Things (IIoT) devices, which often have limited processing and memory capabilities. To address these challenges, End-to-End (E2E) security mechanisms are needed to prevent data breaches resulting from value chain attacks. Additionally, value chain environments are dynamic and involve multiple data generation and consumption entities, requiring the ability to update access policies as needed. This paper presents a Ciphertext-Policy Attribute-Based Encryption (CP-ABE) data exchange system that provides E2E security for value chains, considering the most relevant security and industrial requirements. The proposed solution can protect data according to access policies while also allowing those policies to be updated without breaking E2E security or overloading field devices. The experimental evaluation demonstrates the feasibility of the proposed solution for IIoT platforms.The European commission financially supported this work through Horizon Europe program under the ZDZW project (grant agreement N°101057404). It was also partially supported by the Department of Economic Development, Sustainability and Environment of the Basque Government under the ELKARTEK 2023 program , project BEACON (with grant agreement N°KK-2023/00085).Elsevier2026202520252024info:eu-repo/semantics/articlehttp://hdl.handle.net/10810/76521reponame:Addi. Archivo Digital para la Docencia y la Investigacióninstname:Universidad del País VascoIngléshttps://doi.org/10.1016/j.future.2024.04.053info:eu-repo/semantics/openAccesshttp://creativecommons.org/licenses/by-nc-nd/3.0/es/© 2024 Elsevier under CC BY-NC-ND licenseoai:addi.ehu.eus:10810/765212026-06-18T09:23:17Z
dc.title.none.fl_str_mv End to End secure data exchange in value chains with dynamic policy updates
title End to End secure data exchange in value chains with dynamic policy updates
spellingShingle End to End secure data exchange in value chains with dynamic policy updates
Mosteiro Sánchez, Aintzane
CP-ABE
data exchange
end-to-end (E2E) security
IIoT
policy update
value chain
title_short End to End secure data exchange in value chains with dynamic policy updates
title_full End to End secure data exchange in value chains with dynamic policy updates
title_fullStr End to End secure data exchange in value chains with dynamic policy updates
title_full_unstemmed End to End secure data exchange in value chains with dynamic policy updates
title_sort End to End secure data exchange in value chains with dynamic policy updates
dc.creator.none.fl_str_mv Mosteiro Sánchez, Aintzane
Barceló, Marc
Astorga Burgo, Jasone
Urbieta Aizpurua, Aitor
author Mosteiro Sánchez, Aintzane
author_facet Mosteiro Sánchez, Aintzane
Barceló, Marc
Astorga Burgo, Jasone
Urbieta Aizpurua, Aitor
author_role author
author2 Barceló, Marc
Astorga Burgo, Jasone
Urbieta Aizpurua, Aitor
author2_role author
author
author
dc.subject.none.fl_str_mv CP-ABE
data exchange
end-to-end (E2E) security
IIoT
policy update
value chain
topic CP-ABE
data exchange
end-to-end (E2E) security
IIoT
policy update
value chain
description Data exchange among value chain partners offers a competitive advantage, but it also exposes sensitive data to increasing risks of compromise. To protect this data, securing it during storage and transmission is essential, allowing only the data producer and final consumer to access or modify it. This can be particularly challenging for Industrial Internet of Things (IIoT) devices, which often have limited processing and memory capabilities. To address these challenges, End-to-End (E2E) security mechanisms are needed to prevent data breaches resulting from value chain attacks. Additionally, value chain environments are dynamic and involve multiple data generation and consumption entities, requiring the ability to update access policies as needed. This paper presents a Ciphertext-Policy Attribute-Based Encryption (CP-ABE) data exchange system that provides E2E security for value chains, considering the most relevant security and industrial requirements. The proposed solution can protect data according to access policies while also allowing those policies to be updated without breaking E2E security or overloading field devices. The experimental evaluation demonstrates the feasibility of the proposed solution for IIoT platforms.
publishDate 2024
dc.date.none.fl_str_mv 2024
2025
2025
2026
dc.type.none.fl_str_mv info:eu-repo/semantics/article
format article
dc.identifier.none.fl_str_mv http://hdl.handle.net/10810/76521
url http://hdl.handle.net/10810/76521
dc.language.none.fl_str_mv Inglés
language_invalid_str_mv Inglés
dc.relation.none.fl_str_mv https://doi.org/10.1016/j.future.2024.04.053
dc.rights.none.fl_str_mv info:eu-repo/semantics/openAccess
http://creativecommons.org/licenses/by-nc-nd/3.0/es/
© 2024 Elsevier under CC BY-NC-ND license
eu_rights_str_mv openAccess
rights_invalid_str_mv http://creativecommons.org/licenses/by-nc-nd/3.0/es/
© 2024 Elsevier under CC BY-NC-ND license
dc.publisher.none.fl_str_mv Elsevier
publisher.none.fl_str_mv Elsevier
dc.source.none.fl_str_mv reponame:Addi. Archivo Digital para la Docencia y la Investigación
instname:Universidad del País Vasco
instname_str Universidad del País Vasco
reponame_str Addi. Archivo Digital para la Docencia y la Investigación
collection Addi. Archivo Digital para la Docencia y la Investigación
repository.name.fl_str_mv
repository.mail.fl_str_mv
_version_ 1869415019404328960
score 15,811543