An Efficient Online/Offline Signcryption Scheme for Internet of Things in Smart Home

publishedVersio

MAKE-IT—A Lightweight Mutual Authentication and Key Exchange Protocol for Industrial Internet of Things

Continuous development of the Industrial Internet of Things (IIoT) has opened up enormous opportunities for the engineers to enhance the efficiency of the machines. Despite the development, many industry administrators still fear to use Internet for operating their machines due to untrusted nature of the communication channel. The utilization of internet for managing industrial operations can be widespread adopted if the authentication of the entities are performed and trust is ensured. The traditional schemes with their inherent security issues and other complexities, cannot be directly deployed to resource constrained network devices. Therefore, we have proposed a strong mutual authentication and secret key exchange protocol to address the vulnerabilities of the existing schemes. We have used various cryptography operations such as hashing, ciphering, and so forth, for providing secure mutual authentication and secret key exchange between different entities to restrict unauthorized access. Performance and security analysis clearly demonstrates that the proposed work is energy efficient (computation and communication inexpensive) and more robust against the attacks in comparison to the traditional scheme

A patient agent controlled customized blockchain based framework for internet of things

Although Blockchain implementations have emerged as revolutionary technologies for various industrial applications including cryptocurrencies, they have not been widely deployed to store data streaming from sensors to remote servers in architectures known as Internet of Things. New Blockchain for the Internet of Things models promise secure solutions for eHealth, smart cities, and other applications. These models pave the way for continuous monitoring of patient’s physiological signs with wearable sensors to augment traditional medical practice without recourse to storing data with a trusted authority. However, existing Blockchain algorithms cannot accommodate the huge volumes, security, and privacy requirements of health data. In this thesis, our first contribution is an End-to-End secure eHealth architecture that introduces an intelligent Patient Centric Agent. The Patient Centric Agent executing on dedicated hardware manages the storage and access of streams of sensors generated health data, into a customized Blockchain and other less secure repositories. As IoT devices cannot host Blockchain technology due to their limited memory, power, and computational resources, the Patient Centric Agent coordinates and communicates with a private customized Blockchain on behalf of the wearable devices. While the adoption of a Patient Centric Agent offers solutions for addressing continuous monitoring of patients’ health, dealing with storage, data privacy and network security issues, the architecture is vulnerable to Denial of Services(DoS) and single point of failure attacks. To address this issue, we advance a second contribution; a decentralised eHealth system in which the Patient Centric Agent is replicated at three levels: Sensing Layer, NEAR Processing Layer and FAR Processing Layer. The functionalities of the Patient Centric Agent are customized to manage the tasks of the three levels. Simulations confirm protection of the architecture against DoS attacks. Few patients require all their health data to be stored in Blockchain repositories but instead need to select an appropriate storage medium for each chunk of data by matching their personal needs and preferences with features of candidate storage mediums. Motivated by this context, we advance third contribution; a recommendation model for health data storage that can accommodate patient preferences and make storage decisions rapidly, in real-time, even with streamed data. The mapping between health data features and characteristics of each repository is learned using machine learning. The Blockchain’s capacity to make transactions and store records without central oversight enables its application for IoT networks outside health such as underwater IoT networks where the unattended nature of the nodes threatens their security and privacy. However, underwater IoT differs from ground IoT as acoustics signals are the communication media leading to high propagation delays, high error rates exacerbated by turbulent water currents. Our fourth contribution is a customized Blockchain leveraged framework with the model of Patient-Centric Agent renamed as Smart Agent for securely monitoring underwater IoT. Finally, the smart Agent has been investigated in developing an IoT smart home or cities monitoring framework. The key algorithms underpinning to each contribution have been implemented and analysed using simulators.Doctor of Philosoph

Permissão para partilha seletiva em ambientes IoT

The increasing use of smart devices for monitoring spaces has caused an increase in concerns about the privacy of users of these spaces. Given this problem, the legislation on the right to privacy has been worked to ensure that the existing laws on this subject are sufficiently comprehensive to preserve the privacy of users. In this way, research on this topic evolves in the sense of creating systems that ensure compliance with these laws, that is, increase transparency in the treatment of user data. In the context of this dissertation, a demonstrator-based strategy is presented to provide users control over their stored data during the temporary use of an intelligent environment. In addition, this strategy includes transparency guarantees, highlights the right to forgetting, provides the ability to consent and proof of that consent. A strategy for privacy control in such environments is also mentioned in this paper. This dissertation was developed within the CASSIOPEIA project where the case study focuses on the SmartBnB problem where a user rents a smart home for a limited time. This paper presents the developed system that ensures the user’s privacy and control over their data.O uso crescente de dispositivos inteligentes para monitorização de espaços tem provocado um aumento das preocupações sobre a privacidade dos utilizadores destes espaços. Face a este problema, a legislação sobre o direito à privacidade tem sido trabalhada de forma a garantir que as leis existentes sobre este tema são suficientemente abrangentes para preservar a privacidade dos utilizadores. Desta forma, a investigação neste tópico evolui no sentido de criar sistemas que garantam o cumprimento destas leis, ou seja aumentam a transparência no tratamentos dos dados dos utilizadores. No contexto desta dissertação, é apresentada uma estratégia baseado num demonstrador para fornecer um controlo ao utilizador sobre os seus dados armazenados durante a utilização temporária de um ambiente inteligente. Para além disso, esta estratégia inclui garantias de transparência, evidencia o direito ao esquecimento, fornece a capacidade de consentimento e prova desse consentimento. É também mencionada neste documento uma estratégia para um controlo de privacidade neste tipo de ambientes. Esta dissertação foi desenvolvida no âmbito do projeto CASSIOPEIA onde o caso de estudo se foca no SmartBnB problem onde um utilizador arrenda uma casa inteligente durante um tempo limitado. Este documento apresenta o sistema desenvolvido que garante a privacidade e controlo do utilizador sobre os seus próprios dados.This work is partially funded by NGI Trust, with number 3.85, Pro-ject CASSIOPEIA.Mestrado em Engenharia de Computadores e Telemátic

A Level Dependent Authentication for IoT Paradigm

The Internet of Things (IoT) based services are getting a widespread expansion in all the directions and dimensions of the 21st century. The IoT based deployment involves an internet-connected sensor, mobiles, laptops, and other networking and computing de- vices. In most IoT based applications, the sensor collects the data and communicates it to the end-user via gateway device or fog device over a precarious internet channel. The attacker can use this open channel to capture the sensing device or the gateway device to collect the IoT data or control the IoT system. For a long time, numerous researchers are working towards designing the authentication mechanism for the sen- sor network to achieve reliable and computationally feasible security. For the resource constraint environment of the IoT, it is essential to design reliable, ecient, and secure authentication protocol. In this paper, we propose a novel approach of authentication in the IoT paradigm called a Level-Dependent Authentication(LDA). In the LDA protocol, we propose a security reliable and resource ecient key sharing mechanism in which users at level li can communicate with the sensor at level lj if and only if the level of user in the organizational hierarchy is lower or equal to the level of sensor deployment. We pro- vide a security analysis for the proposed LDA protocol using random oracle based games & widely accepted AVISPA tools. We prove mutual authentication for the proposed protocol using BAN logic. In this paper, we also discuss a comparative analysis of the proposed protocol with other existing IoT authentication systems based on communica- tion cost, computation cost, and security index. We provide an implementation for the proposed protocol using a globally adopted IoT protocol called MQTT protocol. Finally, we present the collected data related to the networking parameters like throughput and round trip delay

Internet of Things for system integrity: a comprehensive survey on security, attacks and countermeasures for industrial applications

The growth of the Internet of Things (IoT) offers numerous opportunities for developing industrial applications such as smart grids, smart cities, smart manufacturers, etc. By utilising these opportunities, businesses engage in creating the Industrial Internet of Things (IIoT). IoT is vulnerable to hacks and, therefore, requires various techniques to achieve the level of security required. Furthermore, the wider implementation of IIoT causes an even greater security risk than its benefits. To provide a roadmap for researchers, this survey discusses the integrity of industrial IoT systems and highlights the existing security approaches for the most significant industrial applications. This paper mainly classifies the attacks and possible security solutions regarding IoT layers architecture. Consequently, each attack is connected to one or more layers of the architecture accompanied by a literature analysis on the various IoT security countermeasures. It further provides a critical analysis of the existing IoT/IIoT solutions based on different security mechanisms, including communications protocols, networking, cryptography and intrusion detection systems. Additionally, there is a discussion of the emerging tools and simulations used for testing and evaluating security mechanisms in IoT applications. Last, this survey outlines several other relevant research issues and challenges for IoT/IIoT security

Post-Quantum Era Privacy Protection for Intelligent Infrastructures

As we move into a new decade, the global world of Intelligent Infrastructure (II) services integrated into the Internet of Things (IoT) are at the forefront of technological advancements. With billions of connected devices spanning continents through interconnected networks, security and privacy protection techniques for the emerging II services become a paramount concern. In this paper, an up-to-date privacy method mapping and relevant use cases are surveyed for II services. Particularly, we emphasize on post-quantum cryptography techniques that may (or must when quantum computers become a reality) be used in the future through concrete products, pilots, and projects. The topics presented in this paper are of utmost importance as (1) several recent regulations such as Europe's General Data Protection Regulation (GDPR) have given privacy a significant place in digital society, and (2) the increase of IoT/II applications and digital services with growing data collection capabilities are introducing new threats and risks on citizens' privacy. This in-depth survey begins with an overview of security and privacy threats in IoT/IIs. Next, we summarize some selected Privacy-Enhancing Technologies (PETs) suitable for privacy-concerned II services, and then map recent PET schemes based on post-quantum cryptographic primitives which are capable of withstanding quantum computing attacks. This paper also overviews how PETs can be deployed in practical use cases in the scope of IoT/IIs, and maps some current projects, pilots, and products that deal with PETs. A practical case study on the Internet of Vehicles (IoV) is presented to demonstrate how PETs can be applied in reality. Finally, we discuss the main challenges with respect to current PETs and highlight some future directions for developing their post-quantum counterparts