Summary: | Effective emergency (such as a hurricane, a building on fire, and so on) response requires accurate, relevant, timely, and location-aware information (e.g., environmental information, health records, and so on). Acquiring information in such critical situations encounters substantial challenges, such as large volume of data processing, unstructured data, privacy, authorized data access, and so forth. Among the issues, access authorization has received little attention. Existing solutions for data authorization either do not scale well or merely consider a Break-the-Glass concept in which a master key is provided to the first responders (FRs) to decrypt the corresponding ciphertext. This may not only enable unauthorized users to access information, but it may also overwhelm FRs by the large volume of accessible data. To jointly address the aforementioned issues, this paper proposes a location-aware authorization scheme that enables FRs to access information provided that they are within a predefined distance from data owners at the time of an emergency. We innovatively integrate attribute-based encryption with broadcast encryption to incorporate dynamic attributes (i.e., location and time) into an access policy. Such attributes act as filters to eliminate data irrelevant to an ongoing emergency. As a result, our scheme provides authorized access to accurate, relevant, timely, and location-aware information. We provide extensive security analysis and performance evaluations to demonstrate the effectiveness of our scheme. The analysis shows that the scheme imposes constant communication and decryption computation overheads. Furthermore, the proposed scheme is proven chosen plain-text attack selectively secure based on m-bilinear Diffie-Hellman exponent assumption. It also addresses the key escrow problem.
|