A Hierarchical and Location-aware Consensus Protocol for IoT-Blockchain Applications

Blockchain-based IoT systems can manage IoT devices and achieve a high level of data integrity, security, and provenance. However, incorporating existing consensus protocols in many IoT systems limits scalability and leads to high computational cost and consensus latency. In addition, location-centric characteristics of many IoT applications paired with limited storage and computing power of IoT devices bring about more limitations, primarily due to the location-agnostic designs in blockchains. We propose a hierarchical and location-aware consensus protocol (LH-Raft) for IoT-blockchain applications inspired by the original Raft protocol to address these limitations. The proposed LH-Raft protocol forms local consensus candidate groups based on nodes' reputation and distance to elect the leaders in each sub-layer blockchain. It utilizes a threshold signature scheme to reach global consensus and the local and global log replication to maintain consistency for blockchain transactions. To evaluate the performance of LH-Raft, we first conduct an extensive numerical analysis based on the proposed reputation mechanism and the candidate group formation model. We then compare the performance of LH-Raft against the classical Raft protocol from both theoretical and experimental perspectives. We evaluate the proposed threshold signature scheme using Hyperledger Ursa cryptography library to measure various consensus nodes' signing and verification time. Experimental results show that the proposed LH-Raft protocol is scalable for large IoT applications and significantly reduces the communication cost, consensus latency, and agreement time for consensus processing.Comment: Published in IEEE Transactions on Network and Service Management ( Volume: 19, Issue: 3, September 2022). arXiv admin note: text overlap with arXiv:2305.1696

DBNS: A Distributed Blockchain-Enabled Network Slicing Framework for 5G Networks

5G technology is expected to enable many innovative applications in different verticals. These applications have heterogeneous performance requirements (e.g., high data rate, low latency, high reliability, and high availability). In order to meet these requirements, 5G networks endorse network flexibility through the deployment of new emerging technologies, mainly network slicing and mobile edge computing. This article introduces a distributed blockchain-enabled network slicing (DBNS) framework that enables service and resource providers to dynamically lease resources to ensure high performance for their end-to-end services. The key component of our framework is global service provisioning, which provides admission control for incoming service requests along with dynamic resource assignment by means of a blockchain-based bidding system. The goal is to improve users’ experience with diverse services and reduce providers’ capital and operational expenditure

Blockchain for Transparent Data Management Toward 6G

The wealth of user data acts as a fuel for network intelligence toward the sixth generation wireless networks (6G). Due to data heterogeneity and dynamics, decentralized data management (DM) is desirable for achieving transparent data operations across network domains, and blockchain can be a promising solution. However, the increasing data volume and stringent data privacy-preservation requirements in 6G bring significantly technical challenge to balance transparency, efficiency, and privacy requirements in decentralized blockchain-based DM. In this paper, we investigate blockchain solutions to address the challenge. First, we explore the consensus protocols and scalability mechanisms in blockchains and discuss the roles of DM stakeholders in blockchain architectures. Second, we investigate the authentication and authorization requirements for DM stakeholders. Third, we categorize DM privacy requirements and study blockchain-based mechanisms for collaborative data processing. Subsequently, we present research issues and potential solutions for blockchain-based DM toward 6G from these three perspectives. Finally, we conclude this paper and discuss future research directions.Huawei Technologies Canada || Natural Sciences and Engineering Research Council of Canad

Cyber Security

This open access book constitutes the refereed proceedings of the 16th International Annual Conference on Cyber Security, CNCERT 2020, held in Beijing, China, in August 2020. The 17 papers presented were carefully reviewed and selected from 58 submissions. The papers are organized according to the following topical sections: access control; cryptography; denial-of-service attacks; hardware security implementation; intrusion/anomaly detection and malware mitigation; social network security and privacy; systems security

A framework to assess the authenticity of subjective information in the integration of blockchain technology - an application in supply chain management.

Blockchain technology has burgeoned due to the booming value of cryptocurrency capitalisation. It enables financial transactions to be carried out without a bank or a third party regulating them. Aspects such as privacy, trust, security, and transparency of a transaction are ensured by its immutability characteristics. These features of blockchain have resulted in it being used in other domains, such as supply chains. As the adoption of blockchain has expanded, it is currently being applied in domains where there is an equal chance of opinions, facts, and personal commitment being part of the business operation. One such area is proactive supply chain risk management (SCRM). Previous researchers have often highlighted the fraudulent behaviour of supply chain partners who do not disclose information on the risks that impact their operations. Despite this, very few researchers consider subjective information in the processing of blockchain. Those who take this into consideration acknowledge the presence of such information but do not utilize it in the processing of blockchain. Blockchain can address this problem by encoding each partner's commitment to SCRM and achieving consensus. However, before this can be achieved, a key challenge to address is the inability of existing consensus mechanisms such as Proof of Work (PoW), Proof of Authority (PoA) and Proof of Stake (PoS) to deal with information that does not have a digital footprint such as claims, opinions, promises, or communications between supply chain partners when they form a Service Level Agreement (SLA). This type of information is called subjective information. Addressing this research gap is very important if the true potential of blockchain in providing a single source of truth in a domain, irrespective of what type of information is used, is to be achieved. Thus, future research should investigate a new consensus mechanism with a unified framework that not only stores this information but determines its trustworthiness. This thesis addresses this gap by proposing the Proof of Earnestness (PoE) consensus mechanism which accounts for the authenticity, legitimacy and trustworthiness of information that does not have a digital footprint. This thesis also proposes the Subjective Information Authenticity Earnestness Framework (SIAEF) as the overarching framework that assists PoE in achieving its aim. SIAEF comprises four modules, namely the Identification module, the Mapping module, the Data collection & Impact determination module and Local consensus & Global legitimacy module. These modules provide a complete solution to identify subjective information in an SLA, detect the potential operational risk term which may potentially impact a responsible partner who commits to the subjective information, collate its real-world occurrences in the geographic region of interest, then determine the responsible partner's adherence to what it had recommitted. SIAEF assists in achieving PoE's aim of generating a digital footprint of a responsible partner’s earnestness in communicating subjective information. Once this footprint is generated, existing consensus mechanisms such as PoW, PoS or PoA are used to encode this information in blockchains. Each module is computed in the application of machine learning and natural language processing with recent techniques, metrics and evaluation. The applicability of SIAEF and PoE is tested in a real-world blockchain environment by deploying it as a Decentralized application (Dapp) and applying it in BscScan Testnet which is an official test blockchain network. The thesis will contribute to the existing literature by proposing a new consensus mechanism and its framework to assist the existing blockchain framework in verifying and validating the truthfulness of subjective information. Supply chain partners can use the SIAEF framework as a reference to choose a potential partner with whom to form an SLA, preventing opportunistic and fraudulent behaviours in supply chain management

A Generic Approach for the Automated Notarization of Cloud Configurations Using Blockchain-Based Trust.

Debido a su escalabilidad, las aplicaciones en la nube tienen una importante ventaja de costes para las empresas. En consecuencia, las empresas quieren tanto externalizar sus datos como obtener servicios de la nube. Sin embargo, dado que la mayoría de las empresas tienen políticas internas y requisitos de cumplimiento para operar y utilizar aplicaciones de software, el uso de aplicaciones en la nube crea un nuevo desafío para las empresas. La inclusión de aplicaciones en la nube equivale a la subcontratación de servicios en el sentido de que las empresas deben confiar en que el proveedor de aplicaciones en la nube aplicará los requisitos de cumplimiento interno en las aplicaciones adoptadas. La investigación ha demostrado que la confianza y el riesgo están estrechamente relacionados y son factores clave que influyen en la utilización de aplicaciones en la nube. Esta tesis pretende desarrollar una arquitectura en la nube que aborde este reto, trasladando la confianza en las configuraciones de cumplimiento del proveedor de aplicaciones en la nube a la cadena de bloques. Así, este trabajo pretende reducir el riesgo de adopción de las aplicaciones en la nube debido a los requisitos de cumplimiento. En esta tesis, la investigación de la ciencia del diseño se utiliza para crear la arquitectura para trasladar la confianza mencionada a la cadena de bloques. Un grupo de discusión determinó el alcance del trabajo. La base de conocimientos de este trabajo se construyó utilizando inteligencia artificial y una revisión sistemática de la literatura, y la arquitectura presentada se desarrolló y prototipó utilizando el método de desarrollo rápido de aplicaciones. Se utilizaron entrevistas guiadas semiestructuradas de método mixto para evaluar el enfoque de la arquitectura presentada y valorar las cualidades de reducción del riesgo de adopción. La tesis demostró que la arquitectura de software desarrollada podía trasladar la confianza del proveedor de la nube a la cadena de bloques. La evaluación de la arquitectura de software propuesta demostró además que el riesgo de adopción debido a las configuraciones de la nube basadas en el cumplimiento podía reducirse de "alto" a "bajo" utilizando la tecnología blockchain. Esta tesis presenta una arquitectura que desplaza la confianza para la implementación de configuraciones basadas en el cumplimiento de la normativa desde el proveedor de la nube a la cadena de bloques. Además, muestra que el cambio de confianza puede reducir significativamente el riesgo de adopción de las aplicaciones en la nube.Administración y Dirección de Empresa