Efficient Access-control in the IIoT through Attribute-Based Encryption with Outsourced Decryption

Dominik Ziegler, Alexander Marsalek, Bernd Prünster, Josef Sabongui


We present a new architectural design to leverage Attribute-Based Encryption (ABE) in the Industrial Internet of Things (IIoT). The general idea of our approach is to automatically issue and revoke attributes based on already established identity management systems. Our design enables organisations to rely on arbitrary identity and access management solutions across different security domain boundaries. We, furthermore, tackle privacy concerns typically associated with outsourcing sensitive data to the cloud. To demonstrate the feasibility and versatility of our approach, we evaluate our design by integrating both OAuth and the Austrian eID. Besides, we present performance data. The evaluation results clearly show that our proposed design suits the requirements imposed by the IIoT well.


Paper Citation