Study on Stream Data Authorization Revocation Scheme Based on Smart Contracts
IoT devices and services encrypt real-time generated stream data for outsourced storage,and authorize users through access control.When the user's identity or permissions change,authorization to the user needs to be revoked.Existing revocation schemes have problems of frequent key updates and re-encrypted ciphertext,resulting in low revocation efficiency,insufficient flexibility,difficulty in achieving real-time revocation,and the risk of data leakage.In order to solve the real-time authorization revocation in the outsourcing storage scenario of streaming data,a decentralized authorization revocation scheme based on smart contracts is proposed.Under the IoT architecture combined with edge computing and blockchain,the streaming data is divided in-to blocks according to time intervals,and a large number of unique keys corresponding to the blocks are generated using the HASH tree,and the partitioned data is symmetrically encrypted.The tree nodes create access tokens and share them through proxy re-encryption technology,to implement modifiable access policies and efficient dynamic data sharing.By utilizing smart con-tract technology to create access control lists and misconduct lists,users are subjected to scheduled and immediate revocation operations,achieving decentralized real-time authorization revocation.Through security analysis and simulation experiments,it has been proven that this scheme provides better security,functionality,communication,and computing costs compared to other rela-ted research schemes,and is more effective.
NETL
NSTL
万方数据
