The emerging cloud-based IoT paradigm enables IoT devices to directly upload their collected data to the remote cloud and allows data owners to conveniently manage those data through cloud APIs, which has greatly reduced infrastructure investment and data management cost in many IoT applications. Considering that the outsourced data is out of the physical control of data owners and the cloud server cannot always be fully trusted, how to securely delete the unneeded sensitive data stored in cloud to prevent potential data leakage issues is a big challenge. Most of the existing solutions only support coarse grained deletion and rely on the participation of the cloud server, so their flexibility and practicability are seriously restricted. In this project, based on an enhanced policy based puncturable encryption (P-PUN-ENC) primitive, we propose a secure and fine grained self-controlled outsourced data deletion scheme in cloud based IoT. The main contribution of our scheme is that it enables data owners to precisely and permanently delete their outsourced IoT-driven data in a policy based way without relying on the cloud server. To achieve this, we subtly utilize the logical relationship between puncture policy and access policy, and design a policy transform method to convert the puncture process based on puncture policies into update process of access policies. Then, we utilize key delegation technique in attribute-based encryption (ABE) to complete the corresponding key update operations. Additionally, to address the issue of growing key storage and decryption cost in P-PUN-ENC, we propose the outsourced policy based puncturable encryption (OP-PUN-ENC) primitive by combining the key and decryption outsource technique with P-PUN-ENC. Comprehensive comparisons show that our proposed scheme can better meet the data deletion requirements in cloud-based IoT, and formal security proof and extensive simulation results demonstrate the reliability and efficiency of the proposed scheme.

Let's Talk