The concept of digital twins has gained traction over recent years. A digital twin is a digital representation of a physical object in the cloud, which is continuously synchronized in both directions. Consequently, owners can conveniently review the state of the digital twin’s physical object and interact. Furthermore, collecting the data of one or multiple digital twins enables powerful computations. This concept has been applied in various fields, e.g., to monitor and optimize manufacturing processes or to provide precision medicine. However, as digital twins are maintained by cloud services that are not fully trusted, the confidentiality of sensitive digital twin data needs to be protected, which, unfortunately, has been neglected in related work so far.
This work proposes a security architecture and involved processes to provide end-to-end confidentiality for digital twin systems while keeping the concept flexible with regard to the sharing rules. Our concept builds upon key-policy conditional proxy re-encryption, in which ciphertext is associated with attribute sets upon which owners define policies. Owners generate re-encryption keys for such policies to enable the cloud service to translate selected subsets of the digital twin’s encrypted data with authorized receivers. We integrate this protection mechanism into the processes to achieve the desired functionality of a digital twin system: to synchronize digital twin data to and from the cloud, to protect communication with external requesters, and to share subsets with processing services that offer computations on the digital twins’ data. Finally, our performance evaluation highlights the feasibility and practical efficiency of this concept.