AUTHOR=Hinojosa-Cabello Melissa Brigitthe , Aldeco-Perez Rocio , Morales-Sandoval Miguel , Garcia-Hernandez Jose Juan TITLE=Blockchain-based decentralization approach for Ciphertext-Policy Attribute-Based Encryption schemes JOURNAL=Frontiers in Blockchain VOLUME=Volume 8 - 2025 YEAR=2025 URL=https://www.frontiersin.org/journals/blockchain/articles/10.3389/fbloc.2025.1622270 DOI=10.3389/fbloc.2025.1622270 ISSN=2624-7852 ABSTRACT=Since the rise of the Internet, several IT services and applications have become widely accessible, making cloud computing a vital solution for its deployment for corporate and personal use. Additionally, the Internet of Things (IoT) has accelerated large-scale data generation, e.g., for monitoring applications in medical and industrial environments. Cloud computing and IoT are seamlessly integrated: IoT devices generate data later stored and accessed in the cloud, enabling efficient data use across multiple applications and processing models. Consequently, cloud services are increasingly being used for outsourcing the high processing and storage requirements demanded by IoT applications. While this integration offers significant advantages, it also presents major data security challenges, particularly concerning the confidentiality and access control of outsourced sensitive data. It is especially relevant because cloud service providers are typically assumed to be honest but curious and, hence, untrustworthy. In this context, Ciphertext-Policy Attribute-Based Encryption (CP-ABE) can successfully enforce complex access control over outsourced data. It is achieved by encrypting it using fine-grained access policies and delegating access control to decryption keys dependent on end-user attributes. Although CP-ABE offers several advantages, its wide adoption and efficient deployment in practical applications is still hindered by some issues. One of the major concerns involves the strong dependency on a centralized trusted authority setting and managing CP-ABE’s access control policies and attribute sets. This dependency represents a single point of failure that threatens the system’s continuous operation. In this paper, we eliminate CP-ABE’s dependency on a single trusted authority by adopting a decentralization strategy relying on blockchain’s main features. Therefore, we propose a blockchain-based approach to distribute among multiple peers the users’ secret keys generation and management tasks performed by the trusted authority, solving CP-ABE’s centralization problem. By combining blockchain, CP-ABE, and Elliptic Curve Integrated Encryption Scheme (ECIES), we ensure the confidentiality of CP-ABE critical components regardless of their heterogeneous privacy requirements. We evaluated our proposal considering a case study in the eHealth domain, whose results confirm its deployment feasibility in practical applications, where confidentiality and access control hold while resiliency and the system’s continuous operation are achieved.