Cloud-assisted cyber-physical systems (CCPSs) integrate the physical space with cloud computing. To do so, sensors on the field collect real-life data and forward it to clouds for further data analysis and decision-making. Since multiple services may be accessed at the same time, sensor data should be forwarded to different cloud service providers (CSPs). In this scenario, attribute-based encryption (ABE) is an appropriate technique for securing data communication between sensors and clouds. Each cloud has its own attributes and a broker can determine which cloud is authorized to access data by the requirements set at the time of encryption. In this paper, we propose a privacy-preserving broker-ABE scheme for multiple CCPSs (MCCPS). The ABE separates the policy embedding job from the ABE task. To ease the computational burden of the sensors, this scheme leaves the policy embedding task to the broker, which is generally more powerful than the sensors. Moreover, the proposed scheme provides a way for CSPs to protect data privacy from outside coercion.
Keywords: attribute-based encryption; deniable encryption; multiple cloud-assisted cyber–physical system.