Towards Cyber Security for Low-Carbon Transportation: Overview, Challenges and Future Directions

In recent years, low-carbon transportation has become an indispensable part as sustainable development strategies of various countries, and plays a very important responsibility in promoting low-carbon cities. However, the security of low-carbon transportation has been threatened from various ways. For example, denial of service attacks pose a great threat to the electric vehicles and vehicle-to-grid networks. To minimize these threats, several methods have been proposed to defense against them. Yet, these methods are only for certain types of scenarios or attacks. Therefore, this review addresses security aspect from holistic view, provides the overview, challenges and future directions of cyber security technologies in low-carbon transportation. Firstly, based on the concept and importance of low-carbon transportation, this review positions the low-carbon transportation services. Then, with the perspective of network architecture and communication mode, this review classifies its typical attack risks. The corresponding defense technologies and relevant security suggestions are further reviewed from perspective of data security, network management security and network application security. Finally, in view of the long term development of low-carbon transportation, future research directions have been concerned.Comment: 34 pages, 6 figures, accepted by journal Renewable and Sustainable Energy Review

Message sharing scheme based on edge computing in IoV

With the rapid development of 5G wireless communication and sensing technology, the Internet of Vehicles (IoV) will establish a widespread network between vehicles and roadside infrastructure. The collected road information is transferred to the cloud server with the assistance of roadside infrastructure, where it is stored and made available to other vehicles as a resource. However, in an open cloud environment, message confidentiality and vehicle identity privacy are severely compromised, and current attribute-based encryption algorithms still burden vehicles with large computational costs. In order to resolve these issues, we propose a message-sharing scheme in IoV based on edge computing. To start, we utilize attribute-based encryption techniques to protect the communications being delivered. We introduce edge computing, in which the vehicle outsources some operations in encryption and decryption to roadside units to reduce the vehicle's computational load. Second, to guarantee the integrity of the message and the security of the vehicle identity, we utilize anonymous identity-based signature technology. At the same time, we can batch verify the message, which further reduces the time and transmission of verifying a large number of message signatures. Based on the computational Diffie-Hellman problem, it is demonstrated that the proposed scheme is secure under the random oracle model. Finally, the performance analysis results show that our work is more computationally efficient compared to existing schemes and is more suitable for actual vehicle networking

A comprehensive survey of V2X cybersecurity mechanisms and future research paths

Recent advancements in vehicle-to-everything (V2X) communication have notably improved existing transport systems by enabling increased connectivity and driving autonomy levels. The remarkable benefits of V2X connectivity come inadvertently with challenges which involve security vulnerabilities and breaches. Addressing security concerns is essential for seamless and safe operation of mission-critical V2X use cases. This paper surveys current literature on V2X security and provides a systematic and comprehensive review of the most relevant security enhancements to date. An in-depth classification of V2X attacks is first performed according to key security and privacy requirements. Our methodology resumes with a taxonomy of security mechanisms based on their proactive/reactive defensive approach, which helps identify strengths and limitations of state-of-the-art countermeasures for V2X attacks. In addition, this paper delves into the potential of emerging security approaches leveraging artificial intelligence tools to meet security objectives. Promising data-driven solutions tailored to tackle security, privacy and trust issues are thoroughly discussed along with new threat vectors introduced inevitably by these enablers. The lessons learned from the detailed review of existing works are also compiled and highlighted. We conclude this survey with a structured synthesis of open challenges and future research directions to foster contributions in this prominent field.This work is supported by the H2020-INSPIRE-5Gplus project (under Grant agreement No. 871808), the ”Ministerio de Asuntos Económicos y Transformacion Digital” and the European Union-NextGenerationEU in the frameworks of the ”Plan de Recuperación, Transformación y Resiliencia” and of the ”Mecanismo de Recuperación y Resiliencia” under references TSI-063000-2021-39/40/41, and the CHIST-ERA-17-BDSI-003 FIREMAN project funded by the Spanish National Foundation (Grant PCI2019-103780).Peer ReviewedPostprint (published version

Lightweight Static and Dynamic Attributes Based Access Control Scheme for Secure Data Access in Mobile Environment

Technology advancements in smart mobile devices empower mobile users by enhancing mobility, customizability and adaptability of computing environments. Mobile devices are now intelligent enough to capture dynamic attributes such as unlock failures, application usage, location and proximity of devices in and around its surrounding environment. Different users will have different set of values for these dynamic attributes. In traditional attribute based access control, users are authenticated to access restricted data using long term static attributes such as password, roles, and physical location. In this paper, in order to allow secure data access in mobile environment, we securely combine both the dynamic and static attributes and develop novel access control technique. Security and performance analyse show that the proposed scheme substantially reduces the computational complexity while enhances the security compare to the conventional schemes

Achieving cybersecurity in blockchain-based systems: a survey

With The Increase In Connectivity, The Popularization Of Cloud Services, And The Rise Of The Internet Of Things (Iot), Decentralized Approaches For Trust Management Are Gaining Momentum. Since Blockchain Technologies Provide A Distributed Ledger, They Are Receiving Massive Attention From The Research Community In Different Application Fields. However, This Technology Does Not Provide With Cybersecurity By Itself. Thus, This Survey Aims To Provide With A Comprehensive Review Of Techniques And Elements That Have Been Proposed To Achieve Cybersecurity In Blockchain-Based Systems. The Analysis Is Intended To Target Area Researchers, Cybersecurity Specialists And Blockchain Developers. For This Purpose, We Analyze 272 Papers From 2013 To 2020 And 128 Industrial Applications. We Summarize The Lessons Learned And Identify Several Matters To Foster Further Research In This AreaThis work has been partially funded by MINECO, Spain grantsTIN2016-79095-C2-2-R (SMOG-DEV) and PID2019-111429RB-C21 (ODIO-COW); by CAM, Spain grants S2013/ICE-3095 (CIBERDINE),P2018/TCS-4566 (CYNAMON), co-funded by European Structural Funds (ESF and FEDER); by UC3M-CAM grant CAVTIONS-CM-UC3M; by the Excellence Program for University Researchers, Spain; and by Consejo Superior de Investigaciones Científicas (CSIC), Spain under the project LINKA20216 (“Advancing in cybersecurity technologies”, i-LINK+ program)

A novel image-based homomorphic approach for preserving the privacy of autonomous vehicles connected to the cloud

Autonomous vehicles are taking a leap forward by performing operations without human intervention through continuous monitoring of their surroundings using multiple sensors. Images gathered through vehicle mounted cameras can be large, requiring specialized storage such as cloud. However, cloud data centres can be prone to security and privacy challenges. A partial image-based, homomorphic searchable encryption scheme is proposed, which uses pixel-level encryption to identify objects within encrypted images. The scheme provides Object-Trapdoor and Trapdoor-Image indistinguishability – as the trapdoors are probabilistic. The proposed scheme is deployed on a cloud data centre and tested over a real data set. The proposed scheme reduces storage overhead by approximately 20 times, and is 33 times more efficient compared to the generic Paillier homomorphic searchable encryption scheme. Security analysis demonstrates that the scheme maintains high levels of security and privacy