Droplet: Decentralized Authorization and Access Control for Encrypted Data Streams
This addresses the need for secure data sharing in IoT environments, though it appears incremental by combining existing cryptographic and decentralized authorization ideas.
The paper tackles the problem of secure and selective sharing of encrypted data streams by introducing Droplet, a decentralized data access control service that enables fine-grained access policies and guarantees data confidentiality, as demonstrated through case studies with Fitbit, Ava, and ECOviz applications.
This paper presents Droplet, a decentralized data access control service. Droplet enables data owners to securely and selectively share their encrypted data while guaranteeing data confidentiality in the presence of unauthorized parties and compromised data servers. Droplet's contribution lies in coupling two key ideas: (i) a cryptographically-enforced access control construction for encrypted data streams which enables users to define fine-grained stream-specific access policies, and (ii) a decentralized authorization service that serves user-defined access policies. In this paper, we present Droplet's design, the reference implementation of Droplet, and the experimental results of three case-study applications deployed with Droplet: Fitbit activity tracker, Ava health tracker, and ECOviz smart meter dashboard, demonstrating Droplet's applicability for secure sharing of IoT streams.