The information-centric Internet of things (IC-IoT) is different from the traditional Internet of things (IoT) in that the device-to-device pattern is generalized to a device-to-network pattern. Furthermore, in an IC-IoT environment, there is a demand for protecting the security of all data generated from IC-IoT devices. A cryptography scheme named attribute-based encryption (ABE) represents a smart method of providing the fine-grained access control that can sufficiently protect data security. The most attractive advantage of ABE is its expressive access policy, which makes the access control of data flexible and manageable. However, there is a serious problem caused by such an access policy; it incurs a greater ciphertext redundancy and computational overhead. This implies that the current ABE scheme is hard to implement in the thin client devices of IC-IoT. In this paper, we propose a universalized policy-compacting method via sharing public parts of the policy. Compared with the original policy, the compacted policy applies a more compact ciphertext and requires less computation, communication, and storage cost. However, the policy-compacting problem is proved to be a non-deterministic polynomial complete (NPC) problem. Thus, a greedy algorithm is provided to obtain an approximate minimum compacted policy scale. Finally, we propose a compact ciphertext-policy attribute-based encryption (CCP-ABE) scheme with the policy-compacting method. A security proof and performance evaluation show that the proposed CCP-ABE scheme provides a comprehensive performance improvement.

• 出版日期2018
• 单位佛山科学技术学院; 桂林电子科技大学; 中山大学; 清华大学