| Summary: | To increase the usage of renewable energy, it is vital to maximize local energy production by properly combining various renewable-energy sources by collecting their data and storing it on the cloud. The energy optimization utility, which is used for making decisions to optimize renewable-energy resources, is hosted on the cloud to benefit from cloud capabilities in data storage. Hosting such sensitive data and utilities on the cloud has created some cybersecurity challenges. This paper presents a new token-revocation access control (TR-AC) which revokes the authorization of malicious users before authorizing them to access cloud-hosted energy optimization utilities. TR-AC employs a set of multi-authorities to measure the authentic level for each authenticated user. Although the user is authenticated to access the online system, this authentication can be revoked to utilize the energy optimization utility based on the user’s level of authentication. The cloud storage servers are not fully trusted and, therefore, have no control over access controls. Finally, the proposed TR-AC has been proven to be secure against any attacker that is not authentic according to Diffie-Hellman assumptions. In addition, performance analysis has proven that the time elapsed for both encryption and decryption in TR-AC is very small compared with previously introduced schemes. Therefore, it will not affect the performance of the cloud-hosted system.
|
|---|