Available online at www.sciencedirect.

com
Available online at www.sciencedirect.com
Available online at www.sciencedirect.com

ScienceDirect
Procedia Computer Science 00 (2019) 000–000
Procedia
Procedia Computer
Computer Science
Science 15500 (2019)
(2019) 000–000
441–448 www.elsevier.com/locate/procedia
www.elsevier.com/locate/procedia

The 14th International Conference on Future Networks and Communications (FNC)

The 14th International Conference on Future
August 19-21, Networks
2019, Halifax, and Communications (FNC)
Canada
August 19-21, 2019, Halifax, Canada
A
A Cluster
Cluster of
of CP-ABE
CP-ABE Microservices
Microservices for
for VANET
VANET
Mohammad Bany Taha∗∗, Chamseddine Talhi, Hakima Ould-Slimanec
Mohammad Bany Taha , Chamseddine Talhi, Hakima Ould-Slimanec
a Department of Software Engineering and IT, École de Technologie Supérieure, Montréal, QC H3C 1K3, Canada
a Department of Software Engineering and IT, École de Technologie Supérieure, Montréal, QC H3C 1K3, Canada

Abstract
Abstract
The promising high data rate of a 5G network enables the reality of Vehicular Ad Hoc Networks (VANET). VANETS are ad-hoc
The promising
networks highhave
and they datalimited
rate of resources.
a 5G network enablesthe
Providing theconfidentiality
reality of Vehicular
of dataAd byHoc Networks
an access (VANET).
control system VANETS
in a highlyaredynamic
ad-hoc
networks and they have limited resources. Providing the confidentiality of data by an access control
and automated network is a major challenge. Ciphertext Policy Attribute Based Encryption (CP-ABE) enables the encryptionsystem in a highly dynamic
and automated
of the network
access control is a major
system challenge.
to provide Ciphertext Policy
the confidentiality of dataAttribute Based Encryption
in a broadcast (CP-ABE)asenables
message. However, CP-ABE theis encryption
a form of
of the access
public control system
key encryption, to provide
it consumes the confidentiality
high resources. That is aoffeasibility
data in aissue
broadcast message.
in VANET However,
networks. as CP-ABE
In this paper, weisdesigning
a form ofa
public
new algorithm that distribute the CP-ABE encryption tasks on the vehicles cluster. In our scheme, we use Kubernetes to build aa
key encryption, it consumes high resources. That is a feasibility issue in VANET networks. In this paper, we designing
new algorithm
cluster that Applying
of vehicles. distribute the CP-ABE
CP-ABE encryption to
microservices tasks on the
ensure the vehicles cluster.ofIndata
confidentiality our greatly
scheme,mitigates
we use Kubernetes to build
the computation costa
cluster of vehicles.
on vehicle Applying
resources. Our scheme CP-ABE microservices
allows to distribute to ensure the
CP-ABE confidentiality
tasks of data
between vehicles greatly
using (V2V)mitigates the computation
connection cost
without needing
on vehiclenetwork
assistant resources. Our scheme
components suchallows to distributeUnit
as a Road-Side CP-ABE
(RSU).tasks between
In our vehicles
algorithm, we using (V2V)
distribute theconnection
encryptionwithout needing
tasks based on
assistant network
the resource components
information such as
of vehicles a Road-Side
that KubernetesUnit (RSU).
collect In ourthealgorithm,
to reduce executionwe distribute
time the encryption
of CP-ABE operations.tasks based ona
We provide
the resource
numerical information
analysis for ourofalgorithm
vehicles and
thatdiscuss
Kubernetes collect to reduce the execution time of CP-ABE operations. We provide a
our results.
numerical analysis for our algorithm and discuss our results.
c 2019

© 2019 The
The Authors.
Authors. Published
Published by
by Elsevier
Elsevier B.V.
B.V.
c 2019an

This The Authors. Published by Elsevier B.V.
This is
is an open
open access
access article
article under
under the
the CC
CC BY-NC-ND
BY-NC-ND license
license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
(http://creativecommons.org/licenses/by-nc-nd/4.0/)
This is an open access article
Peer-review under responsibilityunder
responsibility of the
ofthe CC BY-NC-ND
theConference license
ConferenceProgram
Program (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Chairs.
Chairs.
Peer-review under responsibility of the Conference Program Chairs.
Keywords: CP-ABE; VANET; Kubernetes, Microservice
Keywords: CP-ABE; VANET; Kubernetes, Microservice

1. Introduction
1. Introduction
The significant improvement in communication networks and the value feature of the 5G network facilitate re-
The significant
searchers improvement
of the Intelligent in communication
Transportation System (ITS)networks and the
to develop andvalue feature
improve newoffeatures
the 5G of
network
VANET facilitate
networks.re-
searchers of the Intelligent Transportation System (ITS) to develop and improve new features of
This has helped to find new VANET applications that directly impact people’s lives such as emergency and traffic VANET networks.
This has alerts
message helpedthatto find newsafety
increase VANET applications
in driving thatconnection
[1]. The directly impact people’s
in VANET lives
might besuch
amongas vehicles
emergency and or
(V2V) traffic
be-
message alerts that increase safety in driving [1]. The connection in VANET might be among vehicles
tween vehicles and it is Infrastructure (V2I) such as vehicle to RSU. A VANET network is dynamic where the network (V2V) or be-
tween vehicles and it is Infrastructure (V2I) such as vehicle to RSU. A VANET network is dynamic where
components (i.e., vehicles) frequently join or leave the network [2]. However, the new prospects of VANET bring sig- the network
components (i.e., vehicles)
nificant challenges in termsfrequently
of security,join or leave the
specifically network [2]. However,
in confidentiality. the new
For example, theprospects
dynamicalof feature
VANETofbring
VANET sig-
nificant challenges in terms of security, specifically in confidentiality. For example, the dynamical
addresses the forward and backward secret problem. Therefore, to ensure the confidentiality in VANET, a dynamic feature of VANET
addresses the forward and backward secret problem. Therefore, to ensure the confidentiality in VANET, a dynamic

∗ Corresponding author. Tel.: +1-514-396-8800 ; fax: +1-514-396-8950

∗ Corresponding
E-mail address:author. Tel.: +1-514-396-8800 ; fax: +1-514-396-8950
an35670@ens.etsmtl.ca
E-mail address: an35670@ens.etsmtl.ca
1877-0509  c 2019 The Authors. Published by Elsevier B.V.
1877-0509
This c 2019

is an open Thearticle
access Authors.
underPublished by Elsevier B.V.
the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
1877-0509 © 2019
This is an open Thearticle
access Authors.
underPublished by Elsevier B.V.
the Conference
CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Peer-review under responsibility of the Program Chairs.
This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Peer-review under responsibility of the Conference Program Chairs.
Peer-review under responsibility of the Conference Program Chairs.
10.1016/j.procs.2019.08.061
442 Mohammad Bany Taha et al. / Procedia Computer Science 155 (2019) 441–448
2 Bany Taha / Procedia Computer Science 00 (2019) 000–000

access control system that meets the mobility and dynamical features and to countermeasure the confidentiality thread
issues in VANET to prevent misuse of information by unauthorized vehicle or user.
On-Board Units (OBU) in vehicles are considered as limited resources which are a challenge added to the mobility
challenge of VANET networks [3]. Enforcing the access control policy to ensure the confidentiality of data consumes
resources (CPU, memory, battery) and this consumption depends on several factors such as the size of the data.
Therefore, a lightweight encryption access control system should use VANET that ensures the confidentiality of data.
On the other hand, the access control system should be suitable for a broadcasting message system as it is used in
VANET.
Using symmetric or asymmetric encryption is not suitable for a VANET network [4]. In symmetric encryption,
if the data owner wants to encrypt an emergency message and send it to vehicles who cross the target road, then he
needs to generate a secret key for each vehicle and know it in advance . On the other hand, in asymmetric encryption,
the data owner will encrypt the data with a different public key. Additionally, the data owner vehicle should know in
advance the decryptor vehicles. Applying symmetric and traditional asymmetric encryption is not feasible on VANET
networks.
CP-ABE is a form of public key encryption [5]. It allows the data owner vehicle to encrypt the data using policy.
The client who wants to decrypt the data should have the secret key and this key should satisfy the policy to decrypt
the CipherText (CT). However, CP-ABE is a public key encryption so it is frustrating in some cases because of the
limitation of resources in the On-Board-Unit (OBU) of vehicles. Based on the article proposed in [6], the cost of CP-
ABE depends on the complicity of the access policy and the size of data. Therefore, if the data is small (emergency or
traffic message) and the access policy length is small, then OBU can perform CP-ABE operations on the vehicle. If the
data size is big (video streaming) or the access policy is long, then it is hard to perform CP-ABE on the same OBU.
Several schemes proposed to reduce the computation cost of CP-ABE on constrained devices by delegating the task
on a device or a server that has more resources (i.e, RSU)[7]. Nevertheless, these components that might be allocated
are overloaded at rush hour. Moreover, the mobility feature of VANET adds more challenges since the components
of the network change in a short time which makes it hard to take advantage of delegating CP-ABE tasks to these
components (i.e., RSU).
In this article, we reduce the overhead of CP-ABE encryption using VANET resources by decoupling the CP-ABE
cryptography operations between vehicles. In our scheme, we use Kubernetes to set up the vehicle cluster. Vehicle
clustering promises to reduce the overhead of CP-ABE and better communication [8]. To the best of our knowledge,
this is the first paper proposing CP-ABE as a microservice using Kubernetes. We also proposed a task distribution
algorithm that allows distributing the encryption tasks between the vehicles based on the context of cluster vehicles.
Finally, the results show the impact of the factors that our algorithm is depend on.

2. Related Work

In this section, we will discuss CP-ABE schemes proposed for the VANET system. Some schemes proposed an
authenticate protocol to ensure the confidentiality of data between vehicles in VANET. We also discuss how some
VANET schemes used visualization (SDN and NFV) to build a cluster of vehicles.
The first access control scheme was proposed for VANET by Huang and Verma [9]. Huang and Verma proposed
a key management scheme to ensure the confidentiality of message dissemination in VANET. The scheme cannot
work under several network components of VANET (RSU) because if the vehicle goes in different domains (i.e, RSU
area) it needs to update the key. Ruj et al improve the previous work by allowing the secret key to work in different
domains of the network [10]. Rao and Dutta [11] and Kang et al [12] proposed the authentication access control
protocol for information dissemination on VANET based on CP-ABE. Xia et al proposed the heavy key management
scheme for VANET. The attributes of the scheme are divided into dynamic and persistent attributes. The scheme
proposed the outsourcing decryption technique. However, this scheme has to regenerate the secret key at the time that
the dynamic attribute updates which brings more overhead on the scheme. [7]. Wan and Zhang proposed the identity-
based data transmission protocol based on Lagrange interpolation to reduce the overhead on VANET networks [13].
Bouabdellah et al proposed a transmission protocol using CP-ABE to ensure the confidentiality of transmission data
in several hop in VANET [5]. Several schemes proposed reducing the overhead of CP-ABE on constraint devices [14],
 Mohammad Bany Taha et al. / Procedia Computer Science 155 (2019) 441–448 443
Bany Taha / Procedia Computer Science 00 (2019) 000–000 3

[15]. However, the proposed scheme assumes there are components in the VANET network to help vehicles perform
the services that they need.
Choi et al [16] investigate the feasibility of using symmetric encryption in VANET. The authors in [17] [18] pro-
posed a scheme that ensures the security in VANET communication using symmetric cryptography. Li et al proposed
an efficient and secure communication scheme for VANET [19]. Kamat et al [20] proposed an Identity-Based Signa-
ture (IBS) scheme that decentralized the Trust-Authority in VANET networks to reduce the communication overhead.
However, the scheme works only amongst peer vehicles. Cui et al proposed the attribute based scheme based on ABS
[4]. The schemes in [21] proposed Public Key Infrastructure (PKI) to protect user identities. Prema proposed homo-
morphic encryption to reduce the communication overhead of the message transmission on VANET [22]. Gao and
Xin proposed a novel location privacy for VANET[23]. The authors suggest to create encrypted area at the time that
vehicle/vehicles need to change the pseudonyms using group of key encryption to avoid any the external adversary.
Duan et al proposed the adaptive vehicles cluster using a Software-Defind Network (SDN) based vehicle [8]. The
information is distributed by SDN and the vehicle joins the cluster adaptively based on the traffic of data. Truong et
al proposed a hybrid (of Fog and SDN) scheme for the VANET system [24] to fix scalability, connectivity and the
flexibility problem. [25] proposed an algorithm to build the optimal service function chain cluster (SFC) using VANET.
However, these schemes centralize on controlling their algorithms in the control unit which is not suitable because the
control units are managed by administrators and this will take more time to process. [26] SDN are considered as key
enablers in VANET to ensure safety in the self-driving based cooperate intelligent vehicle.

3. Preliminaries

In this section, we discuss some technical issues that we use in this paper.

3.0.1. Bilinear Map

CP-ABE uses pairing based cryptography (pbc) to construct a bilinear map (map two multiplicative group of prime
order p). Therefore, the G0 * G0 → G1 .
The main properties of a bilinear map are:

• Bilinear : e(ga ,gb )= e(g,g)a,b

• Non- Degenerate : e(g,g) 1
G0 is considered a bilinear group if the group operation in G0 and the bilinear map e are both computable. The
map e is symmetric because e(ga ,gb ) = e(g, g) sb = e(gb ,ga ).

3.0.2. CP-ABE
CP-ABE is special form of public key encryption proposed by Bethencourt in 2007 [27].In CP-ABE, the data
encrypts with the access policy (set of attributes associated with a Boolean operation such as ”AND”, ”OR” , or
”OF”) to generate the cipherttext (CT). The secret key (SK) which is used to decrypt the data is associated with a
list of attributes. If and only if the attributes in the SK satisfy the access policy, then SK will be able to decrypt CT.
Otherwise, it will return ⊥. The main algorithms of CP-ABE are:

• Setup (λ)→(PK, MSK).

The setup algorithm is used to generate the public key (PK) and master secret key (MSK) using some
security parameters (α, β) as seen in equation 1.
PK = G0, g, h = gβ , f = g1/β , e(g, g)α (1)
The master secret key (MSK) equation is:
MS K = (β, gα ) (2)
• KeyGen(pk, S, msk)→ SK.
444 Mohammad Bany Taha et al. / Procedia Computer Science 155 (2019) 441–448
4 Bany Taha / Procedia Computer Science 00 (2019) 000–000

The keygen algorithm is used to generate the client secret key (SK). The algorithm takes PK, MSK, and
S as input where S is the client’s attributes as seen in equation 3, r is random secret and H is a hashing function.


S K = D = g(α + r)/β) , ∀ j ∈ S :
 (3)
Dj = gr .H( j)rj , D’ j = gr j
• Encryption(PK, M, A) →CT

The encryption algorithm is used to generate the cipher-text CT. The algorithm input is the PK, M, and
A. where A is the access policy and M is the message. It is worth mentioning that each attribute in the access
policy is blinded with sub-shared and all sub-shared are required to reconstruct the main shared that all
sub-shared in the access policy have emerged from. This prevents a collusion attack [27].

CT = A, C ’ = Me(g, g)αs , C = hs , ∀y ∈ Y :
 (4)
C y = gqy (0) , C yp = H(att(y))qy (0)
The encryption algorithm generates a random value (s) to calculate a shared value (qy(0) ) for each attribute in
the access policy A using linear secret sharing [27]. Blinding each attributes in A with their share (qy(0) ) is
preventing a collusion attack [27].

• Decryption(CT,SK)→ M.

e(Di , C x )
M= (5)
e(D’ i , C ’ x )
The decryption algorithm is used to recover the data (M) from CT . Therefore, if the attributes in SK satisfy the
access policy A , the algorithm will return (M). Otherwise the algorithm will return ⊥.

4. Problem Statement

CP-ABE encryption is a form of public key encryption. It consumes high resources [6] and that reduces the execu-
tion time. In VANET, OBU is considered as a constraint and has limited resources [28]. That increases the problem of
applying CP-ABE encryption on these vehicles. In a dynamic network such as VANET, it is hard to find some devices
that can delegate the task during a vehicle trip because of the mobility feature of a VANET network. Therefore, build-
ing a cluster of vehicles to use their resources during the trip is mandatory and this will reduce the execution time of
the CP- ABE operation. Based on our experiments, we found that the execution time of generating CT depends on the
size of data in addition to the length of the access policy. We observe that the previous two factors are also significantly
impacted by the status of the resource of constrained device (OBU). Therefore, the execution time will be impacted by
these factors. Hence, designing a new algorithm that distributing the tasks based on the available resources of vehicles
cluster in order to reduce the execution time of CP-ABE operations in VANET network is indispensable.

5. Proposed Scheme

We discuss our proposed scheme in this section. We will explain how we build the vehicle cluster first and then
how our task distribution algorithm works to distribute the encryption tasks in the vehicles.

5.1. Building Vehicles Cluster

In Fig. 1, assume that vehicle 2 (v2 ) is recording a video and wants to upload it to the cloud. The vehicle is
looking to encrypt the video streaming before uploading it to the cloud because the cloud is honest but curious [29].
 Mohammad Bany Taha et al. / Procedia Computer Science 155 (2019) 441–448 445
Bany Taha / Procedia Computer Science 00 (2019) 000–000 5

5 tvi

3 tvi

1 tvi

T1 T2 T3 T4 T5

Fig. 1. Kubernetes Vehicles Cluster Fig. 2. Timeline of Vehicles Cluster

Therefore, based on the context of v2 at the time of encryption (resource in v2 , data size DP , complexity of access
policy) Algorithm 1 decides whether CP-ABE task will perform locally in v2 or by building the cluster.
Algorithm 1 shows how we build the cluster of vehicles, where PK, DP , DU , and A in line 1 is the input of the
algorithm. PK is the public key and DP is the data payload. DU is the data unit that the master vehicle (v2 ) send to
the vehicles to encrypt. A is the access policy that the data will encrypt with. CT l is the ciphertext generated at l
time where l ∈ L and L are natural numbers. In line 5 of Algorithm 1, v2 checks the data size. If the data is small,
then it is better to perform CP-ABE locally. Otherwise, the algorithm will perform CP-ABE as a microservice using
a Kubernetes cluster. The lines from 8-22 of Algorithm 1 are for building the cluster, v2 sends broadcast message to
all vehicles in it is range (line 8). Then K vehicles reply to v2 . In Fig. 1, vehicles (1,3,4,5) reply back to v2 . After that,
v2 checks tvi for each vehicle, where tvi is the time that vi will stay in v2 range as shown in Fig.2 . t xi is the minimum
time required for any vehicle to join the cluster to take advantage of it is resources. Otherwise if the time tvi is less than
t xi it will meaningless to join vi to the v2 cluster. We found the value of tvi by tvi = Vdii , where di is the distance of vi
from time of joining the cluster until the first stop of the vehicle (expect to become out of the range). Vi is the speed
of vi where we assume all vehicle have constant speed. Referring back to Fig. 1, vehicles (1,3,5) match the condition
since all these vehicles take the Road A path which means they will exceed t xi before their first stop. Now, v2 has the
cluster ready to distribute the tasks to all cluster vehicles. Joining the cluster is keep continuous as long as v2 needs to
perform CP-ABE operations.

5.2. CP-ABE Task Distribution

Once the cluster builds, v2 starts distributing the data to the vehicle clusters. The data (DP ) is divided into small
pieces (DU ) to reduce the overhead on the vehicle cluster. In Algorithm 1, the lines from (23-31) are the task dis-
tribution parts by distributed CP-ABE tasks between the vehicles. In line 24, the algorithm distributes tasks to the
vehicle by sending them (DU ). When building the cluster, once the vehicle joins the cluster, it pulls a CP-ABE docker
image (line 14) in the target vehicle (vl ). In our experiments, we use DockerHub to push and pull our container im-
ages. Therefore, all vehicles in the cluster are waiting for DU to perform equation 4. In equation 4, the value of M is
DU since it is performs partial data to reduce the overhead on these vehicles and this allows us to take advantage of
microservice definition by decoupling task into light tasks.
In our algorithm, the vehicle that has a high score (best node/more resources) will have priority to receive the task
first (line 24 of Algorithm 1). The score depends on the CPU and memory consumption. As the vehicles 1,3,5 consider
nodes for v2 cluster, v2 is always aware about the consumption of CPU and memory in vehicle 1,2,and 3, and this helps
the Kubernetes master node (v2 ) managing the task distribution on these resources. Equation 4 is performed in line 25
of Algorithm 1 to generate CT. The equation encrypts DU that is received by v2 . After that, the algorithm checks if
all DP are encrypted or not. If yes, it exits and completes the tasks, or the algorithm will distribute a new DU to the
appropriate vehicle in the cluster.
446 Mohammad Bany Taha et al. / Procedia Computer Science 155 (2019) 441–448
6 Bany Taha / Procedia Computer Science 00 (2019) 000–000

Algorithm 1 CP-ABE Task Scheduling algorithm For Vehicles

1: Input: PK, DP , DU , A
2: Output: CT l
3: Req CP-ABE Service← v2
4: Initialize l ←1
 
5: if DP ≤ 100MB then
6: Perform CT(DP ) (Equation 4) locally in v2
7: else
8: BroadcastMS G ← v2
9: v2 ← (K) MSG
10: for all vi do
 
11: if tvi ≥ t xi then
  
12: if Ui ∧ RAMi ∧ BANi ≥ 20% then
13: vi joint v2 cluster
14: Initlize CP-ABE Docker image (POD fct )
15: else
16: i++
17: End If
18: else
19: i++
20: End If
21: End For
22: End If
23: for all DP do
24: v l ← DU
25: Perform CT(DU ) (Equation 4) in vl
26: if (DP == Null) then
27: Exit
28: else
29: l++
30: End If
31: End For

6. Numerical Analysis

In this section, we discuss our experiment and the performance of our algorithm. We use RaspberryPi3 B+ mode
as OBU for each vehicle. We use the Charm [30] framework to build the CP-ABE docker container.
As we mentioned in section 5.2, the algorithm distribute DU based on CPU and memory of the vehicles cluster.
Our algorithm reduces the overhead of CP-ABE in order to reduce the execution time by reducing the size of the
data that is encrypted using equation 4. We measure several factors that impact the time to generate CT. We found
that complexity of the access policy impacts the time of CT. Moreover, the size of the data also impacts the time to
generate CT.
Fig. 3 shows the time needed to generate CT of file size 1KB and 30-MB (a) and (b) respectively. The time of
generating CT increases with the policy length and with the file size. We also notice that for the file size ((b) of Fig. 3)
it is not feasible to run frequent of requests of CP-ABE tasks to encrypt a 30 MB file size if the policy length is more
than 20.
On the other hand, the number of CP-ABE (DU ) that each vehicle can run depends on the status of resources (Idle,
Medium, Critical) in each OBU. The algorithm will send more DU to the vehicle that has more resources.
Fig. 4 shows two files (1-KB and 10-MB) running in one vehicle under two different status resources (Idle, Critical).
The algorithm sends the data 10 times to a vehicle under two statuses. Fig. 4 shows that when the status of OBU is
 Mohammad Bany Taha et al. / Procedia Computer Science 155 (2019) 441–448 447
Bany Taha / Procedia Computer Science 00 (2019) 000–000 7

4 4.5

4
3.5
3.5
3
3
2.5
2.5
Time (s)

Time (s)
2
2
1.5
1.5
1
1
0.5
0.5

0 0
2 4 5 9 12 20 30 50 100 2 4 5 9 12 20 30 50 100
Number of Attributes
Number of Attributes
(a) OBU-Critical OBU-Idle (b) OBU-Critical OBU-Idle

Fig. 3. (a) Time need to generate CT for file size 1-KB (b) Time need to generate CT for file size 30-MB

4
Time (s)

0
2 4 5 9 12 20 30 50 100

Number of Attributes
1-KB-Idle 10-MB-Idle 1-KB-Critical 10-MB-Critical

Fig. 4. Time Needs to Generate CT if Each Vehicle Run Ten Request at the time

critical, it cannot run 10 requests if the data size is 10-MB or more and the access policy is more than 5. On the
other hand, performing 10 CP-ABE operations on OBU is feasible in case the OBU status is Idle for a 10-MB data
size. Based on our results, we can see that several factors impact the time to generate CT for all the data such as, the
complexity of the access policy, the data size, and the status of the OBU on the vehicle.

7. Conclusion and Future Work

In this work, we proposed task distribution algorithm for CP-ABE encryption tasks in VANET network. We used
Kubernetes to generate CT by distributing the overhead of CP-ABE cryptography operations between the vehicles
resources. In our algorithm, we use Kubernetes to build a cluster of vehicles. Kubernetes helps to build the infrastruc-
ture that allow each vehicle to perform micro-CP-ABE cryptography tasks, and it helps data owner vehicle to know
the information about available resources in each vehicle of the cluster. We plan to improve our algorithm to use new
criteria to distribute Micro-CP-ABE encryption tasks. We found several factors that impact the time to generate CT in
the VANET network such as distance between vehicles that encourage us to investigate in the future work.
 448 Mohammad Bany Taha et al. / Procedia Computer Science 155 (2019) 441–448
8 Bany Taha / Procedia Computer Science 00 (2019) 000–000

References

[1] Qamas Gul Khan Safi, Senlin Luo, Chao Wei, Limin Pan, and Guanglu Yan. Cloud-based security and privacy-aware information dissemination
over ubiquitous vanets. Computer standards & interfaces, 56:107–115, 2018.
[2] Roberto Di Pietro, Stefano Guarino, Nino Vincenzo Verde, and Josep Domingo-Ferrer. Security in wireless ad-hoc networks–a survey. Com-
puter Communications, 51:1–20, 2014.
[3] Hao Zhou, Xiaoyan Wang, Zhi Liu, Yusheng Ji, and Shigeki Yamada. Resource allocation for svc streaming over cooperative vehicular
networks. IEEE Transactions on Vehicular Technology, 67(9):7924–7936, 2018.
[4] Hui Cui, Robert H Deng, and Guilin Wang. An attribute-based framework for secure communications in vehicular ad hoc networks. IEEE/ACM
Transactions on Networking, 2019.
[5] Mounia Bouabdellah, Faissal El Bouanani, and Hussain Ben-Azza. A secure cooperative transmission model in vanet using attribute based
encryption. In Advanced Communication Systems and Information Security (ACOSIS), International Conference on, pages 1–6. IEEE, 2016.
[6] Xinlei Wang, Jianqing Zhang, Eve M Schooler, and Mihaela Ion. Performance evaluation of attribute-based encryption: Toward data privacy
in the iot. In 2014 IEEE International Conference on Communications (ICC), pages 725–730. IEEE, 2014.
[7] Yingjie Xia, Wenzhi Chen, Xuejiao Liu, Luming Zhang, Xuelong Li, and Yang Xiang. Adaptive multimedia data forwarding for privacy
preservation in vehicular ad-hoc networks. IEEE Transactions on Intelligent Transportation Systems, 18(10):2629–2641, 2017.
[8] Xiaoyu Duan, Yanan Liu, and Xianbin Wang. Sdn enabled 5g-vanet: Adaptive vehicle clustering and beamformed transmission for aggregated
traffic. IEEE Communications Magazine, 55(7):120–127, 2017.
[9] Dijiang Huang and Mayank Verma. Aspe: Attribute-based secure policy enforcement in vehicular ad hoc networks. Ad Hoc Networks,
7(8):1526–1535, 2009.
[10] Sushmita Ruj, Amiya Nayak, and Ivan Stojmenovic. Improved access control mechanism in vehicular ad hoc networks. In International
Conference on Ad-Hoc Networks and Wireless, pages 191–205. Springer, 2011.
[11] Y Sreenivasa Rao and Ratna Dutta. Efficient attribute based access control mechanism for vehicular ad hoc network. In International
Conference on Network and System Security, pages 26–39. Springer, 2013.
[12] Qian Kang, Xuejiao Liu, Yiyang Yao, Zhiqiang Wang, and Yang Li. Efficient authentication and access control of message dissemination over
vehicular ad hoc network. Neurocomputing, 181:132–138, 2016.
[13] Changsheng Wan and Juan Zhang. Efficient identity-based data transmission for vanet. Journal of Ambient Intelligence and Humanized
Computing, pages 1–11, 2017.
[14] Yinghui Zhang, Axin Wu, and Dong Zheng. Efficient and privacy-aware attribute-based data sharing in mobile cloud computing. Journal of
Ambient Intelligence and Humanized Computing, 9(4):1039–1048, 2018.
[15] Changji Wang, Dongyuan Shi, Xilei Xu, and Jian Fang. An anonymous data access scheme for vanet using pseudonym-based cryptography.
Journal of Ambient Intelligence and Humanized Computing, 7(1):63–71, 2016.
[16] Jong Youl Choi, Markus Jakobsson, and Susanne Wetzel. Balancing auditability and privacy in vehicular networks. In Proceedings of the 1st
ACM international workshop on Quality of service & security in wireless and mobile networks, pages 79–87. ACM, 2005.
[17] Yong Xi, Kewei Sha, Weisong Shi, Loren Schwiebert, and Tao Zhang. Enforcing privacy using symmetric random key-set in vehicular
networks. In ISADS, pages 344–351, 2007.
[18] Chenxi Zhang, Xiaodong Lin, Rongxing Lu, and P-H Ho. Raise: An efficient rsu-aided message authentication scheme in vehicular commu-
nication networks. In 2008 IEEE international conference on communications, pages 1451–1457. IEEE, 2008.
[19] Chun-Ta Li, Min-Shiang Hwang, and Yen-Ping Chu. A secure and efficient communication scheme with authenticated key establishment and
privacy preserving for vehicular ad hoc networks. Computer Communications, 31(12):2803–2814, 2008.
[20] Pandurang Kamat, Arati Baliga, and Wade Trappe. An identity-based security framework for vanets. In Proceedings of the 3rd international
workshop on Vehicular ad hoc networks, pages 94–95. ACM, 2006.
[21] David Förster, Frank Kargl, and Hans Löhr. Puca: A pseudonym scheme with user-controlled anonymity for vehicular ad-hoc networks (vanet).
In 2014 IEEE Vehicular Networking Conference (VNC), pages 25–32. IEEE, 2014.
[22] NK Prema. Efficient secure aggregation in vanets using fully homomorphic encryption (fhe). Mobile Networks and Applications, 24(2):434–
442, 2019.
[23] Tianhan Gao and Xin Xin. Location privacy protection scheme based on random encryption period in vanets. In International Conference on
Innovative Mobile and Internet Services in Ubiquitous Computing, pages 366–374. Springer, 2018.
[24] Nguyen B Truong, Gyu Myoung Lee, and Yacine Ghamri-Doudane. Software defined networking-based vehicular adhoc network with fog
computing. In 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM), pages 1202–1207. IEEE, 2015.
[25] Yan Han, Xiaofeng Tao, Xuefei Zhang, and Sijia Jia. A clustered vnf chaining scheme with delay guarantees in nfv-based vanets. In 2018
IEEE International Conference on Communications Workshops (ICC Workshops), pages 1–6. IEEE, 2018.
[26] Ammara Anjum Khan, Mehran Abolhasan, and Wei Ni. 5g next generation vanets using sdn and fog computing framework. In 2018 15th
IEEE Annual Consumer Communications & Networking Conference (CCNC), pages 1–6. IEEE, 2018.
[27] John Bethencourt, Amit Sahai, and Brent Waters. Ciphertext-policy attribute-based encryption. In 2007 IEEE symposium on security and
privacy (SP’07), pages 321–334. IEEE, 2007.
[28] Tahsin CM Dönmez and Ethiopia Nigussie. Security of join procedure and its delegation in lorawan v1. 1. Procedia Computer Science,
134:204–211, 2018.
[29] Mohammad M Bany Taha, Sivadon Chaisiri, and Ryan KL Ko. Trusted tamper-evident data provenance. In Trustcom/BigDataSE/ISPA, 2015
IEEE, volume 1, pages 646–653. IEEE, 2015.
[30] Charm. https://github.com/JHUISI/charm, 2011.