A Policy-Hiding Attribute-Based Access Control Scheme in Decentralized Trust Management

Abstract

Internet of Medical Things (IoMT) technologies significantly improve the quality of health care, especially at the time when COVID-19 is becoming a worldwide pandemic. Due to the complexity of devices and user nodes in the IoMT system, there should be some ways to ensure the security and quality of the service or information. Decentralized trust management techniques are efficient means of promoting application security and reliability in these cases. However, the majority of currently utilized access control schemes cannot be applied in decentralized trust management systems or perform poorly owing to the numerous restrictions of decentralized systems. In this article, we present a policy-hiding and multiauthority key generation CP-ABE scheme (PM-CPABE) for decentralized trust management systems, which could provide fine-grained access control capabilities. Meanwhile, the proposed scheme does not require any fully trusted entity, thus it can be well adapted to decentralized trust management systems. The scheme also implements policy hiding to protect user privacy. In addition, it supports large universe and outsourced decryption. The security analyses and performance comparisons give evidence of our scheme is secure and efficient.