Footsteps in the fog: Certificateless fog-based access control

Research output: Contribution to journalArticleScientificpeer-review

4 Downloads (Pure)


The proliferating adoption of the Internet of Things (IoT) paradigm has fuelled the need for more efficient and resilient access control solutions that aim to prevent unauthorized resource access. The majority of existing works in this field follow either a centralized approach (i.e. cloud-based) or an architecture where the IoT devices are responsible for all decision-making functions. Furthermore, the resource-constrained nature of most IoT devices make securing the communication between these devices and the cloud using standard cryptographic solutions difficult. In this paper, we propose a distributed access control architecture where the core components are distributed between fog nodes and the cloud. To facilitate secure communication, our architecture utilizes a Certificateless Hybrid Signcryption scheme without pairing. We prove the effectiveness of our approach by providing a comparative analysis of its performance in comparison to the commonly used cloud-based centralized architectures. Our implementation uses Azure – an existing commercial platform, and Keycloak – an open-source platform, to demonstrate the real-world applicability. Additionally, we measure the performance of the adopted encryption scheme on two types of resource-constrained devices to further emphasize the applicability of the proposed architecture. Finally, the experimental results are coupled with a theoretical analysis that proves the security of our approach.

Original languageEnglish
Article number102866
JournalComputers and Security
Publication statusPublished - Oct 2022
Publication typeA1 Journal article-refereed


  • Access control
  • Attribute-based access control
  • Certificateless cryptography
  • Fog computing
  • Internet of things

Publication forum classification

  • Publication forum level 2

ASJC Scopus subject areas

  • Computer Science(all)
  • Law


Dive into the research topics of 'Footsteps in the fog: Certificateless fog-based access control'. Together they form a unique fingerprint.

Cite this