Revocation in attribute-based encryption for fog-enabled internet of things: A systematic survey

Attribute-based encryption (ABE) is a powerful cryptographic approach for providing fine-grained access control and confidentiality security services. ABE is well suited for cloud-based applications where one-to-many encryption is a must. Revocation in ABE, the ability to revoke or cancel the access privileges of attribute possessors, has been a critical problem for the practical usage of ABE-based security schemes. This work presents a systematic literature review of ABE schemes that provide revocation mechanisms published until December 2022. As a distinctive, we focus on the fog-enabled internet of things (IoT) application domain, which is more commonly found in cloud-based scenarios (honest-but-curious) such as health and industrial domains. Although revocation has already been addressed in cloud-based IoT, it has yet to be widely studied in fog-enabled IoT, where systems exhibit constraints and features that impose specific revocation requirements. We survey, discuss, and provide a taxonomy of existing revocation approaches in the abovementioned context, including attribute and user revocation. Furthermore, we explore how the fog is exploited in the reviewed schemes, provide a qualitative comparison of the surveyed works, and present a quantitative comparison of the associated costs of different revocation approaches. Finally, we present some areas of opportunity for improving revocable ABE schemes for fog-enabled IoT and discuss some of the challenges currently faced by these systems.