Fine-grained access control based on Trusted Execution Environment

Yongkai Fan, Shengle Liu, Gang Tan, Fei Qiao

Research output: Contribution to journalArticle

2 Scopus citations

Abstract

With the wide adoption of mobile devices, it becomes increasingly a reality that mobile users use a variety of apps from various sources. Since the enforcement of strict privacy is difficult, the inappropriate access by malicious apps is a major concern for mobile users, and access control becomes a challenge. In order to prevent the leakage of sensitive information (such as the contact lists, or private pictures) by inappropriate or illegal access, we propose a fine-grained access-control scheme based on Ciphertext-Policy Attribute-Based Encryption (CPABE) and Trusted Execution Environment (TEE), which can effectively protect data. In the scheme, CPABE is adopted in a novel way to solve the important security problems by supporting fine-grained access control during the access period and by supporting the critical operations running in the trusted execution environment. The scheme can be used to mitigate the sensitive information attacks and enhance confidentiality. Moreover, it can reduce the risk in the case of one single authority. Compared to the traditional access-control mechanisms, our experimental results indicate that the proposed scheme satisfies the security requirements, and is superior to other existing schemes.

Original languageEnglish (US)
Pages (from-to)551-561
Number of pages11
JournalFuture Generation Computer Systems
Volume109
DOIs
StatePublished - Aug 2020

All Science Journal Classification (ASJC) codes

  • Software
  • Hardware and Architecture
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Fine-grained access control based on Trusted Execution Environment'. Together they form a unique fingerprint.

  • Cite this