BS-ADS: A Blockchain-based Secure Anonymous Data Sharing Framework for Security & Privacy in Cloud-IoT Environments

The integration of Cloud computing with the Internet of Things (IoT) has greatly increased the scale and complexity of sharing data in Cloud-based Internet of Things (CIoT) environments. However, this growth brings challenges with regard to security of sensitive data, privacy, access control management, and accountability. In this paper, we propose Block-chain Enabled Secure and Anonymous Data Sharing (BS-ADS), which is a framework that tries to overcome these challenges by combining Aggregate Key Searchable Encryption (AKSE) and blockchain-based auditing, edge-assisted revocation and accountable anonymity. BS-ADS eliminates the need for centralized trust by using blockchain to store encrypted metadata such as ciphertext hash and revocation identifier. This provides trust and transparency which are decentralized without revealing plaintext data. The frame-work includes the support of linkable ring signatures and zero-knowledge proofs to maintain user privacy while allowing for traceability and therefore allowing for the detection of malicious behavior to take place without the need of the loss of anonymity. Furthermore, edge nodes are responsible for the encryption up-dates in case of revocation, and they remove the computational load from the resource-constrained IoT devices. The performance of BS-ADS was evaluated in terms of encryption overhead, ciphertext size, and the communication cost. Experimental results demonstrate the effectiveness of BS-ADS in terms of encryption overhead, which reduces the encryption overhead by 30–40%, while guaranteeing efficient keyword-based search and data retrieval. Additionally, it offers a 20–30% reduction in communication overhead in multi-user scenarios, maintaining constant communication cost per operation (O(1)). The system is also proven secure against selective chosen-ciphertext attacks (SIND-CCA), replay attacks, Sybil attacks, and man-in-the-middle attacks. This work introduces a novel architecture for secure, scalable, and accountable data sharing in CIoT, incorporating efficient revocation mechanisms and privacy-preserving search. BS-ADS provides significant improvements in efficiency, security, and privacy, offering a promising solution for large-scale CIoT applications.