End to End Secure Data Exchange in Value Chains with Dynamic Policy Updates

Abstract: Data exchange among value chain partners provides them with a competitive advantage, but the risk of exposing sensitive data is ever-increasing. Information must be protected in storage and transmission to reduce this risk, so only the data producer and the final consumer can access or modify it. End-to-end (E2E) security mechanisms address this challenge, protecting companies from data breaches resulting from value chain attacks. Moreover, value chain particularities must also be considered. Multiple entities are involved in dynamic environments like these, both in data generation and consumption. Hence, a flexible generation of access policies is required to ensure that they can be updated whenever needed. This paper presents a CP-ABE-reliant data exchange system for value chains with E2E security. It considers the most relevant security and industrial requirements for value chains. The proposed solution can protect data according to access policies and update those policies without breaking E2E security or overloading field devices. In most cases, field devices are IIoT devices, limited in terms of processing and memory capabilities. The experimental evaluation has shown the proposed solution's feasibility for IIoT platforms.