BackTrustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes
| dc.contributor.author | Mosteiro Sánchez, Aintzane | |
| dc.contributor.author | Barceló, Marc | |
| dc.contributor.author | Astorga Burgo, Jasone  | |
| dc.contributor.author | Urbieta Aizpurua, Aitor | |
| dc.date.accessioned | 2023-04-28T12:32:27Z | |
| dc.date.available | 2023-04-28T12:32:27Z | |
| dc.date.issued | 2023-03-10 | |
| dc.identifier.citation | Smart Cities 6(2) : 913-928 (2023) | es_ES |
| dc.identifier.issn | 2624-6511 | |
| dc.identifier.uri | http://hdl.handle.net/10810/60966 | |
| dc.description.abstract | Attribute spoofing is a major security threat in information exchange solutions based on Ciphertext-Policy Attribute-Based-Encryption (CP-ABE) and distributed CP-ABE (dCP-ABE), which can compromise privacy and security. This threat occurs when an attacker forces the Attribute Authorities to generate keys for attributes they do not possess. This paper analyzes the threat of attribute spoofing and identifies the primary attack vectors, including direct interference with the Attribute Authority and compromise of the shared attribute storage database. The authors propose a solution based on IOTA, a DAG-type DLT, and Interplanetary File System (IPFS) to prevent attribute spoofing. The solution requires distributed attribute storage, validation, and user authentication to counteract the two attack vectors effectively. The proposed solution mitigates the consequences of attribute spoofing, including privilege escalation and reduction, acquisition of private keys, and cutoff of data access. The authors also evaluate their proposal through a value-chain use case and conclude that it effectively mitigates the consequences of attribute spoofing. | es_ES |
| dc.description.sponsorship | This work has been financed by The European commission through the Horizon Europe program under the ZDZW project (grant agreement number 101057404). | es_ES |
| dc.language.iso | eng | es_ES |
| dc.publisher | MDPI | es_ES |
| dc.relation | info:eu-repo/grantAgreement/EC/H/101046364 | es_ES |
| dc.rights | info:eu-repo/semantics/openAccess | es_ES |
| dc.rights.uri | http://creativecommons.org/licenses/by/4.0/ | |
| dc.subject | CP-ABE | es_ES |
| dc.subject | dCP-ABE | es_ES |
| dc.subject | IOTA | es_ES |
| dc.subject | IPFS | es_ES |
| dc.subject | FIM | es_ES |
| dc.subject | value chain | es_ES |
| dc.subject | industry 4.0 | es_ES |
| dc.title | Trustworthy Users: Using IOTA and IPFS for Attribute Validation in CP-ABE and dCP-ABE Schemes | es_ES |
| dc.type | info:eu-repo/semantics/article | es_ES |
| dc.date.updated | 2023-04-27T13:50:50Z | |
| dc.rights.holder | © 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/ 4.0/). | es_ES |
| dc.relation.publisherversion | https://www.mdpi.com/2624-6511/6/2/44 | es_ES |
| dc.identifier.doi | 10.3390/smartcities6020044 | |
| dc.departamentoes | Ingeniería de comunicaciones | |
| dc.departamentoeu | Komunikazioen ingeniaritza |
Files in this item
This item appears in the following Collection(s)
Except where otherwise noted, this item's license is described as © 2023 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/ 4.0/).