A Privacy Protection Scheme for Facial Recognition and Resolution Based on Edge Computing

Facial recognition and resolution technology have extensive application scenarios in the era of big data. It ensures the consistency of personal identity in physical space and cyberspace by establishing correspondence between physical objects and network entities. However, massive data brings huge processing pressure to cloud service, and there are data leakage risks about personal information. To address this problem, we propose a privacy security protection scheme for facial recognition and resolution based on edge computing. Firstly, a facial recognition and resolution framework based on edge computing is established, which improves the communication and storage efficiency through task partition and relieves the pressure of cloud computing. )en, a verifiable deletion scheme based on Hidden CP-ABE is proposed to provide fine-grained access control and ensure the safe deletion of target data in the cloud. Moreover, after applying the verifiable deletion method, the safe deletion of the target data in the cloud can be achieved. Finally, the simulation results show the effectiveness and security of the proposed scheme.


Introduction
Internet of ings (IoT) devices are very common in our daily life, and more and more physical entities are connected to cyberspace. A series of intelligent applications derived from IoT such as smart home, smart medical, and smart grid are profoundly changing social public services and people's daily life [1]. As a key biometric technology to authenticate personal identity, facial recognition and resolution technology can collect any object that needs monitoring and interaction through information sensors. It has been widely used in security fields such as smart card user authentication, criminal investigation, and access control management [2]. Because facial image involves a large amount of private information including identity identifiers, and its recognition and resolution process requires high computing, high storage, and high communication capabilities.
is information is usually uploaded to the cloud server in an unencrypted state. Once the cloud server is attacked, privacy leakage is likely to occur [3]. Some researchers have adopted cloud computing to improve computing, storage, and communication capabilities. But limited network bandwidth has become the bottleneck of this centralized processing architecture. As a distributed computing paradigm, edge computing can provide an intermediate layer between the cloud and terminal devices and use the computing power of edge devices to provide efficient services [4]. Compared with the traditional cloud server model, we introduce edge computing technology into the facial recognition and resolution framework, forming a three-tier distributed architecture composed of cloud, edge, and terminal devices. e cloud server offloads some computing tasks to the edge server and performs some operations on it, in order to reduce the interaction with the cloud server. erefore, we propose a face recognition and resolution framework based on edge computing, which can not only ease the tension between computing-intensive applications and resource-constrained mobile devices, but also reduce the long delay caused by the interaction between devices and the cloud to improve data processing efficiency [5].
e cloud server provides finite privacy protection under the complex network environment, and the data stored in them is vulnerable to malicious attacks [6]. At present, the shared files on most data storage servers are generally expressed in plain text or simply encrypted. is traditional security mechanism consumes more resources and bandwidth. In CP-ABE encryption, the ciphertext is associated with the access structure, and the key is associated with the attribute set. Only when the decryptor attribute meets the ciphertext-related access policy can the ciphertext be decrypted. However, any user who can obtain the ciphertext can see the content of the access structure, so it may cause information leakage of the decryption party or the encryption party. When data in the cloud is no longer available, the lack of effective deletion will lead to serious problems such as abuse and theft [7]. Physical destruction is obviously the most effective way to delete stored data, but we need to delete it at the file level, and other data can still remain. erefore, the privacy and security issue of data transmission and data storage in facial recognition and resolution needs to be resolved urgently.
is paper aims to optimize the security and privacy protection scheme of facial recognition and resolution framework and further ensure data security during transmission and storage. We introduce the edge nodes to relieve the bandwidth pressure of transmission and improve the efficiency of calculation. And we apply the Hidden CP-ABE scheme to the data before it is transmitted to the cloud. Furthermore, we adopt a verifiable deletion scheme to ensure the "true deletion" of cloud data. e main contributions can be summarized as follows: (1) We establish a face recognition and resolution framework based on edge computing, and it can reduce the network bandwidth pressure of the cloud server through completing the recognition and resolution of facial images on the edge server.
(2) We propose a verifiable deletion scheme based on the Hidden CP-ABE, which encrypts the data before uploading it to the cloud. According to the requirements of the data owner, a verifiable deletion method is adopted to confirm the deletion of the target data in the cloud, to prevent attackers from accessing the relevant data after "false deletion." Consequently, the data storage security is ensured in the cloud. (3) Experimental results show that the transmission bits are effectively reduced under this scheme, and the facial recognition and resolution framework can provide more secure and efficient services. e rest of the paper is organized as follows. Section 2 briefly introduces the relevant work. Section 3 introduces the system model. Section 4 introduces the verifiable deletion scheme of cloud data in facial recognition and resolution. Section 5 carries on the simulation experiment to test the validity of our scheme. Section 6 draws the conclusion.

Related Work
e privacy security of facial recognition and resolution is of great significance to ensure the security of the IoT. Researchers at home and abroad have conducted some studies on the architecture and security of the IoT.
Compared with the traditional cloud computing network, the layered distributed computing architecture based on edge computing and cloud computing can solve the problems of data transmission efficiency and network bandwidth more effectively [8]. In order to meet the requirements of high computing power and reduce the corresponding costs, most operators outsource huge amounts of data and computing tasks to cloud servers [9]. However, the cloud server is generally relative far away from the position of the service request, which may lead to a longer delay and lower user satisfaction, especially, applications of face recognition that require swift feedback [10]. erefore, in order to provide highly responsive cloud services. In [11], Shi et al. proposed to sink the computing and storage center to the edge of the Internet near the image acquisition equipment to reduce the communication delay. In [12], Ning et al. proposed a new information retrieval scheme that better reduces the computing burden and network transmission load of the cloud by introducing edge computing technology. In [13], Yu et al. improved the Label Distribution Protocol (LDP) algorithm and the centralized algorithm for global interference location. And they designed a distributed Centralized and Localized Traversal (CLT) algorithm on this basis, which only lost a constant part of the optimal scheduling and significantly reduced the time complexity of the algorithm and transmission delay. In [14], Barbieri et al. proposed an independent health management architecture, which executes efficient and fast algorithms on edge servers and combines them with other algorithms on cloud servers, showing a certain degree of robustness.
All of the above schemes have optimized the delay problem, but the edge computing architecture determines that it faces new security and privacy challenges [15]. Especially in the field of biological information recognition, the problem of information transmission security between edge server and cloud server has not been effectively solved. After many sensors collect our facial data, if the data is sent to the cloud server without encryption, there will be the risk of privacy leakage of eavesdropping or tampering, reducing the reliability of network transmission [16,17]. Regarding the problems above, researchers put forward many privacy protection methods for biometric recognition.
In [18], Ma et al. proposed a lightweight adaptive enhanced facial recognition framework based on additive secret sharing and edge computing, and designed a series of interactive protocols for privacy protection integrated classification. It not only improves the fault tolerance rate of the system, but also makes it possible to calculate encrypted facial features between the two deployed edge servers. To further ensure security and prevent malicious client attacks, in [19], Im et al. proposed a smart phone face authentication system. e face feature vector is stored on the cloud server in encrypted form, and the Euclidean distance matching score is calculated by using homomorphic encryption, which makes faster verification speed and higher verification rate. However, the related calculations in traditional encryption schemes are usually carried out independently in the cloud. In [20], in order to improve the efficiency of ciphertext expansion, Wang et al. proposed a dynamic multikey scheme, which hides the key by public key and uniform random matrix to make the parties jointly deliver and reduce the workload of the cloud.
CP-ABE algorithm is a promising solution for finegrained access control. In order to implement more finegrained access control over transmitted data, in [21], Qi et al. designed an industrial data access control scheme that outsources tasks to cloud services, providing stronger security guarantees. More importantly, the scheme carries out item-level data protection to prevent key disclosure. However, the system overhead of the above scheme is relatively high, and the traditional CP-ABE scheme may leak sensitive information embedded in the ciphertext access structure. erefore, in [22], Zhang et al. proposed a fixed-length ciphertext distributed CP-ABE scheme that completely hides the access policy. In [23], Tian et al. proposed a lightweight completely hidden protection access control scheme based on attributes, which achieves complete privacy protection through three key stages of key generation, access control, and partial decryption. In [24], Yu et al. proposed an intelligent IoT privacy protection scheme based on multipermission CP-ABE to prevent the platform from prying on user data. e above three optimized CP-ABE schemes effectively hide the attribute values and reduce the communication overhead and computing overhead of the client to a certain extent.
In the above work, researchers have proposed a number of schemes for encrypting data before it is uploaded. However, the common challenge faced is the security of the "to be deleted" data stored in the cloud. All the stored data can be deleted at one time by physically damaging the hardware, but the purpose of deleting is to prevent attackers from continuing to access the data after the deletion, so this method is effective but not advisable [25]. To better comply with the processing rules of user private data, we need to delete the target data from the storage media at the file level, making it unrecoverable and leaving the rest of the data unaffected [26]. erefore, some researchers consider to solve such problems by fine-grained attribute revocation, but it usually results in excessive key management overhead and high computational costs.
For this reason, in [27], Yeh et al. proposed a cloudbased fine-grained health information access control framework. It has the functions of dynamic data audit and attribute revocation. In [28], Miao et al. used a hierarchical commitment method for updating. is structure can simultaneously satisfy the private verifiability and public verifiability, but when the client continuously inserts new data in the same index of the database, the hierarchical commitment level has increased linearly. In this case, the load of cloud computing and storage will increase accordingly. erefore, in [29], Ma et al. proposed a fine-grained access control mechanism that can be undone by the storage, computing, and management capabilities of the cloud to achieve efficient user's revocation based on fine-grained attributes. In [30], Edemacu et al. proposed an expressible and collusion-resistant new access control scheme, which further realized forward and backward security. But how to eliminate the dependence on a single trusted authority remains to be resolved. In [31], Yu et al. proposed a new blockchain-based IoT system to solve the immutability of traditional blockchain and the incompatibility of attribute updates. In summary, data security protection is a quite challenging problem. In the field of facial recognition and resolution, how to ensure the security of data transmission and data storage at the same time is worth further study.

Network Model and definitions
In this section, we first introduce the facial recognition and resolution framework based on edge computing. en, we analyze the functions of each module and the specific process of facial recognition and resolution. In addition, we analyze the potential risks in the transmission and stored process based on this framework.

Facial Recognition and Resolution Framework Based on
Edge Computing. Compared with the traditional cloud computing model, in order to reduce the throughput of the transmission channel and the computing load of the cloud, a facial recognition and resolution framework based on edge computing is proposed. e framework consists of three main parts: client, edge server, and cloud server. e client usually consists of terminal devices such as mobile phones and computers with cameras. e edge server includes two kinds of resolution servers: one is an image parsing server, and the other is an information parsing server. e cloud servers usually consist of a management server and a data center in the cloud. Figure 1 shows the facial recognition and resolution framework. e functions of each functional module are as follows.
Client: It is responsible for temporarily storing the original facial images collected by the visual detection equipment, and initiating facial recognition and resolution services to the edge server. After the identity is successfully matched, it returns the resolved identity information to the client. Edge Server: It mainly includes an image resolution server and information resolution server. Resolution is performed closer to the user side without delivering the information to the cloud. e image resolution server is used to resolve the original facial image into the corresponding facial identifier. e information resolution server is used to resolve each piece of personal information registered by the client into a corresponding serial number, bind the facial identifier to each serial number, and then send it to the cloud for identity matching.
Data Center (DC): It is responsible for storing the information from the edge server and performing preliminary matching operations in the existing database. Management Server (MS): It is responsible for receiving the information from the edge server, and properly scheduling and distributing it to the data center for matching operations during facial resolution. (4) e management server in the cloud receives the facial identifier and serial number and then stores them in the data center. Finally, the successful registration flag is returned to the edge server, and then, returned to the client.

Facial Recognition
At this point, the whole facial recognition process is completed. It successfully realized the identity information registration and transform individual faces in physical space into identity identifiers in information space.

Facial Resolution
(1) e client device obtains the original facial image of the person being tested, sends a facial resolution request to the edge server, and then sends the original facial image to the edge server. (2) Similar to the facial recognition process, the image resolution server in edge sever generates facial identifier from the received original facial image by performing algorithms such as face detection, preprocessing, feature extraction, and facial identifier generation. Edge server initiates a facial resolution service to the cloud and sends the facial identifier to the cloud after establishing network connection. (3) e cloud receives the facial identifier. Firstly, the management server in the cloud initially matches the facial identifier with the existing facial identifier in the data center. After the match is successful, the corresponding serial number of the facial identifier is returned to the management server, which in turn is returned to the edge server. e information resolution server in the edge server reversely parses the returned serial number into the corresponding personal information. Finally, the edge server returns the obtained personal information to the client and displays it to the terminal user.
At this point, the whole facial resolution process is completed, realizing the matching of the facial image in the physical space and the personal identity in cyberspace, and ensuring the consistency of the corresponding relationship between them.

Security Issues.
Due to the openness of channels and the sensitivity of data, with the maximization of business purposes, both edge and cloud computing sectors have a strong interest in user information. ere are many potential security threats in practical application, so it should be guaranteed from the following three aspects.
(1) Security of data transmission process. e process of facial recognition and resolution involves the transmission from the edge server to the cloud server, which is extremely vulnerable to malicious attacks. Facial information is usually closely associated with sensitive personal information such as health care or financial records. Leakage of facial information will pose a serious threat to users' privacy. erefore, the data is authenticated before being uploaded to the cloud and encrypted to ensure security during transmission. (2) e concealability of attributes in access policy. In the traditional CP-ABE scheme, the access policy is embedded in the ciphertext. It is required that the attributes in the set of attributes owned by the visitor can satisfy the attributes in the access structure, so as to decrypt the data. In fact, regardless of whether the decryption is successful or not, some important information can be deduced according to the existing plaintext access policy. erefore, in order to eliminate the security risks caused by plaintext transmission of the access policy, the attribute values in the access policy can be encrypted and hidden. (3) Confirmability of target data deletion in the cloud.
Users usually store their data in the cloud. However, the cloud is honest but curious. It may be driven by interest to extract some useful information and leak it to the analysis organization. Users do not want their information to be permanently stored in the cloud. When they want to delete data in the cloud, the cloud may be reluctant to delete or fraudulently delete it for hidden business interests, but users cannot verify whether their data has actually been deleted. erefore, it is particularly important to delete the target data with assurance and confirmability.
In the process of facial recognition and resolution, the framework offloads some tasks from the cloud to the edge server by applying the task partitioning strategy, rather than performing all the facial resolution processes in the cloud. It makes full use of the powerful computing and parsing capabilities of the edge server, which not only significantly reduces the amount of personal information transmission, but also reduces the computing pressure of cloud. However, how to ensure the data security of transmission, access, and stored procedures needs to be solved urgently.
us, we propose a cloud data verifiable deletion scheme in response to the above security issues to ensure the security of the scheme.

Verifiable Deletion Scheme of Cloud Data in Facial Recognition and Resolution
In this section, we first optimize the MTI session key agreement scheme, which ensures the correctness of channel transmission by confirming the identity between the sender server and the receiver server. In addition, based on the analysis of the security and privacy issues of the framework, we introduce the verifiable deletion scheme of cloud data in detail.

Optimized MTI Session Key Agreement Scheme.
To ensure the security of the channel during transmission, the identity between the resolution server and the management server needs to be verified. Firstly, we optimize the MTI session key agreement scheme, which has the ability to resist replay attacks and parallel sessions. e symbol is shown in Table 1. e system first exposes q and g to RS and MS. RS has a unique ID RS , x RS , y RS � g x RS modq, authorization C RS � (ID RS , y RS , Sig TA (ID RS , y RS )) certificate C RS � ID RS , y RS , Sig TA ID RS , y RS , ≠ K RS,MS , the negotiation fails. In this algorithm, the shared key can be derived from the (q, s MS ) or (g, s RS ), but not from (s MS , s RS ). In other words, although the attacker can eavesdrop on q, g, s RS , s MS and even ciphertext, it cannot export the correct session key K RS,MS due to the unknown values of r RS and r MS . erefore, it cannot crack the ciphertext. e algorithm adds a fresh factor every time the message is sent and binds the source and destination of the message, which can effectively prevent replay attacks. Because the session keys (S RS , S MS ) are randomly selected, attackers can only destroy the formation of the key but has no way to launch a parallel session attack against it. e optimized MTI session key agreement scheme defines the authorization certificate and increases the authentication process, which improves the security of the scheme.

Encryption Scheme in Facial
Recognition. Firstly, there are two communication channels that are absolutely safe. One is the channel among the trusted authority (TA), RS, and MS, and the other is the channel between the client and RS. Secondly, MS uses read-only access to decrypt files and will not tamper with relevant data. Furthermore, the communication channel between RS and MS is not secure, and the cloud storage center is also semi-honest.
When the user collects the facial image, the edge server generates facial data through facial detection, facial image preprocessing, feature extraction, and facial identifier generation algorithms. MTI session key agreement scheme and SHA-1 hash algorithm are used to ensure the security and integrity of data transmission, and CP-ABE algorithm is used to encrypt personal data and fine control access as shown in Figure 2. e symbol definition and description list of facial recognition and resolution are in Table 2. e encryption scheme in facial recognition is as follows.

Verifiable Deletion Scheme of Cloud Data in Face
Resolution. In the process of facial resolution, the client first collects the facial image of the person being tested, and the edge server resolves it into a facial identifier and uploads it to the cloud. e cloud server first uses the decryption algorithm to decrypt the ciphertext file and then matchs the decrypted facial identifier with the facial identifier uploaded in the data center. e serial number of personal information bound with the facial identifier is returned to the edge server to match with each other. e verifiable deletion scheme in face resolution is as follows: When the user completes the facial resolution, some information in the cloud is no longer available. If user needs to delete it, the verifiable deletion scheme can be used to cancel the user's access to facial data. Our scheme is to add a verifiable process after the user deletes the data to ensure the deletion succeeds completely, and also to avoid false deletion of the cloud. is enables users to better control their own data, and the security of data in the cloud is effectively ensured as shown in Figure 3.

Security Analysis.
is part mainly analyzes the security of data transmission in the process of facial recognition and resolution, the concealability of access policy attributes, and the confirmability of cloud data deletion.
(1) In our security scheme, we adopt the MTI session key agreement scheme. In the process of session key agreement, the public keys of RS and MS are allocated to be shown in public. ey perform bidirectional authentication to confirm each other's identity and ensure antireplay attack by adding fresh factors and randomly selecting keys each time they send messages. At the same time, we use the SHA-1 algorithm.
All the facial identifiers (K RS,MS , CT‖sig ssk R) � � � �Hash(CT‖sig ssk R) stored in the data center are extracted and decrypted; we calculate Hash ′ (CT‖sig ssk R) and Hash(CT‖sig ssk R) to ensure the integrity of the data access process and effectively prevent malicious tampering by illegal users. (2) e scheme first generates the symmetric key DK through AES symmetric key algorithm and construct the access policy by the CP-ABE algorithm. en, it uses DK to encrypt the data, which is further encrypted to the ciphertext CT associated with the access policy A. Based on this, the plaintext attribute values in the access policy are successfully partially hidden. Visitors must make their own attributes meet the access policy attributes in order to achieve the access and decryption of the data. (3) In the cloud storage environment, when the data owner wants to delete the outsourced data, in order to avoid logical deletion, the attribute access control policy corresponding to the ciphertext is changed by reencrypting the ciphertext to achieve fine-grained operation and deterministic permanent deletion. In the proposed scheme, we use CP-ABE algorithm to generate the reencryption key and then use it to encrypt the ciphertext CT to generate new ciphertext and MHT tree roots. RS compares the new and old tree root. And if the two are equal, it indicates that the target data has indeed been completely deleted in the cloud.

Setup of Experiment.
In this part, we add the facial recognition and resolution security privacy protection scheme based on edge computing to the prototype system and then verify the security and effectiveness of the scheme through a large number of simulation experiments. Because the facial recognition process is similar to the facial resolution process, we only test the effectiveness of verifiable deletion schemes in facial resolution. is experiment uses one cloud server, two edge servers, and six mobile terminal devices to build the system as shown in Figure 1. All the algorithms are tested on a Win10-64-bit laptop using Inteli7-6700HQ processor at 2.60 GHz. We use the following three face databases: Caltech face image database, GT face image database, and BioID face image database. ese three databases are, respectively, composed of 450 color face images of 27 characters, 750 face avatars of 50 characters, and 1521 gray-scale face images of 23 characters. We firstly preprocess the original database and randomly select 50 sheets from them. en, the preprocessed data is used as the database for our experiment.    Figure 4 shows an increase of only 0.132 kb relative to the prototype framework system and a decrease of 0.044 kb relative to the original security framework system. e experimental results show that the experimental communication overhead is relatively small, which can meet the needs of practical applications and have good stability.

Response Time of Facial Database.
We include the time of issuing the request, generating the facial identifier, network transmission, data encryption and decryption, identifier matching, and verifiable deletion of the target data in the cloud. Compared with security scheme, our scheme increases the computing time of data encryption and decryption and data verifiable deletion. rough comparing it with the experiment without face database, Figure 5 shows that the average consumption of this scheme increases by 84 ms milliseconds compared to the system without security framework and only increases by 14 ms compared to the system with security framework. But we can safely manage data in the cloud, which shows that our experiments can satisfy the practical application to a certain extent.

Begin
Step 1: TA inputs the security parameter c to generate the public key PK and the master key MK of the CP-ABE algorithm. TA inputs the security parameter λ to generate the symmetric key DK by the AES symmetric key algorithm. en, TA assigns PK and DK to RS.
Step 2: RS inputs attribute set U to construct access policy A by CP-ABE attribute encryption algorithm. RS uses the symmetric key DK of the AES algorithm to encrypt the data (V, SN), which binds the face identifier and the serial number. en, TA generates data ciphertext DE K. Based on the public key PK and the access policy A, RS uses the CP-ABE algorithm to encrypt the data ciphertext DE K into the ciphertext CT associated with A. en, ciphertext data CT generates the signature sig ssk R. R is the root of the constructed MHT, and ssk is the signature private key.
Step 3: e session key agreement algorithm between RS and MS is executed according to Algorithm   The framework without security scheme The framework with security scheme The designed scheme in this paper The framework with security scheme The designed scheme in this paper The framework without security scheme  The framework without security scheme The framework with security scheme The designed scheme in this paper

Response Time of Face Databases of Different Sizes.
In order to better reflect the performance of the experiment, we use BioID face database to test the response time of the system. By selecting the face database test in the range of 400-1600, Figure 6 shows that the scheme grows steadily with the increase of face database size, without great instability. e time consumption of this scheme increases by 64 ms compared to the system without security framework and increases by 12 ms compared to the system with security framework. is shows that our scheme has good advantages in stability.

Conclusion
In this paper, we focused on the privacy security of facial recognition and resolution framework based on edge computing. In summary, we analyzed the security threats of facial recognition and resolution framework, including the security of data transmission, the concealability of access policy attributes, and the verifiability of cloud data deletion. To solve these problems, we improved the framework by combining the characteristics of cloud computing and edge computing. To further ensure the security of cloud data transmission and storage, we proposed a verifiable deletion scheme based on Hidden CP-ABE, which can effectively prevent attackers from stealing sensitive information and deleting data falsely. en, we applied this scheme to the facial recognition and resolution framework based on edge computing and evaluated its performance by simulation experiments. e results indicated that the proposed scheme performs good stability and can effectively meet the requirements of facial recognition and resolution in practical application. In future work, we will further verify this scheme through experiments in more dimensions. Moreover, on the premise of ensuring the efficiency of facial recognition and resolution, the performance of low energy consumption and low latency performance will be optimized at a higher level.

Data Availability
e data used to support the findings of this study are available from the corresponding author upon request.

Conflicts of Interest
e authors declare that they have no conflicts of interest.