218 research outputs found
A user-centric privacy-preserving authentication protocol for IoT-AmI environments
Ambient Intelligence (AmI) in Internet of Things (IoT) has empowered healthcare professionals to monitor, diagnose, and treat patients remotely. Besides, the AmI-IoT has improved patient engagement and gratification as doctors’ interactions have become more comfortable and efficient. However, the benefits of the AmI-IoT-based healthcare applications are not availed entirely due to the adversarial threats. IoT networks are prone to cyber attacks due to vulnerable wireless mediums and the absentia of lightweight and robust security protocols. This paper introduces computationally-inexpensive privacy-assuring authentication protocol for AmI-IoT healthcare applications. The use of blockchain & fog computing in the protocol guarantees unforgeability, non-repudiation, transparency, low latency, and efficient bandwidth utilization. The protocol uses physically unclonable functions (PUF), biometrics, and Ethereum powered smart contracts to prevent replay, impersonation, and cloning attacks. Results prove the resource efficiency of the protocol as the smart contract incurs very minimal gas and transaction fees. The Scyther results validate the robustness of the proposed protocol against cyber-attacks. The protocol applies lightweight cryptography primitives (Hash, PUF) instead of conventional public-key cryptography and scalar multiplications. Consequently, the proposed protocol is better than centralized infrastructure-based authentication approaches
The Internet of Things Security and Privacy: Current Schemes, Challenges and Future Prospects
The Internet of Things devices and users exchange massive amount of data. Some of these exchanged messages are highly sensitive as they involve organizational, military or patient personally identifiable information. Therefore, many schemes and protocols have been put forward to protect the transmitted messages. The techniques deployed in these schemes may include blockchain, public key infrastructure, elliptic curve cryptography, physically unclonable function and radio frequency identification. In this paper, a review is provided of these schemes including their strengths and weaknesses. Based on the obtained results, it is clear that majority of these protocols have numerous security, performance and privacy issues
DSCOT: An NFT-Based Blockchain Architecture for the Authentication of IoT-Enabled Smart Devices in Smart Cities
Smart city architecture brings all the underlying architectures, i.e.,
Internet of Things (IoT), Cyber-Physical Systems (CPSs), Internet of
Cyber-Physical Things (IoCPT), and Internet of Everything (IoE), together to
work as a system under its umbrella. The goal of smart city architecture is to
come up with a solution that may integrate all the real-time response
applications. However, the cyber-physical space poses threats that can
jeopardize the working of a smart city where all the data belonging to people,
systems, and processes will be at risk. Various architectures based on
centralized and distributed mechanisms support smart cities; however, the
security concerns regarding traceability, scalability, security services,
platform assistance, and resource management persist. In this paper, private
blockchain-based architecture Decentralized Smart City of Things (DSCoT) is
proposed. It actively utilizes fog computing for all the users and smart
devices connected to a fog node in a particular management system in a smart
city, i.e., a smart house or hospital, etc. Non-fungible tokens (NFTs) have
been utilized for representation to define smart device attributes. NFTs in the
proposed DSCoT architecture provide devices and user authentication (IoT)
functionality. DSCoT has been designed to provide a smart city solution that
ensures robust security features such as Confidentiality, Integrity,
Availability (CIA), and authorization by defining new attributes and functions
for Owner, User, Fog, and IoT devices authentication. The evaluation of the
proposed functions and components in terms of Gas consumption and time
complexity has shown promising results. Comparatively, the Gas consumption for
minting DSCoT NFT showed approximately 27%, and a DSCoT approve() was
approximately 11% more efficient than the PUF-based NFT solution.Comment: 18 pages, 15 figures, 5 tables, journa
Recommended from our members
ENABLING IOT AUTHENTICATION, PRIVACY AND SECURITY VIA BLOCKCHAIN
Although low-power and Internet-connected gadgets and sensors are increasingly integrated into our lives, the optimal design of these systems remains an issue. In particular, authentication, privacy, security, and performance are critical success factors. Furthermore, with emerging research areas such as autonomous cars, advanced manufacturing, smart cities, and building, usage of the Internet of Things (IoT) devices is expected to skyrocket. A single compromised node can be turned into a malicious one that brings down whole systems or causes disasters in safety-critical applications. This dissertation addresses the critical problems of (i) device management, (ii) data management, and (iii) service management in IoT systems. In particular, we propose an integrated platform solution for IoT device authentication, data privacy, and service security via blockchain-based smart contracts. We ensure IoT device authentication by blockchain-based IC traceability system, from its fabrication to its end-of-life, allowing both the supplier and a potential customer to verify an IC’s provenance. Results show that our proposed consortium blockchain framework implementation in Hyperledger Fabric for IC traceability achieves a throughput of 35 transactions per second (tps). To corroborate the blockchain information, we authenticate the IC securely and uniquely with an embedded Physically Unclonable Function (PUF). For reliable Weak PUF-based authentication, our proposed accelerated aging technique reduces the cumulative burn-in cost by ∼ 56%. We also propose a blockchain-based solution to integrate the privacy of data generated from the IoT devices by giving users control of their privacy. The smart contract controlled trust-base ensures that the users have private access to their IoT devices and data. We then propose a remote configuration of IC features via smart contracts, where an IC can be programmed repeatedly and securely. This programmability will enable users to upgrade IC features or rent upgraded IC features for a fixed period after users have purchased the IC. We tailor the hardware to meet the blockchain performance. Our on-die hardware module design enforces the hardware configuration’s secure execution and uses only 2,844 slices in the Xilinx Zedboard Zynq Evaluation board. The blockchain framework facilitates decentralized IoT, where interacting devices are empowered to execute digital contracts autonomously
Enhancing cryptographic protection, authentication, and authorization in cellular networks: a comprehensive research study
This research article provides an extensive analysis of novel methods of cryptographic protection as well as advancements in authentication and authorization techniques within cellular networks. The aim is to explore recent literature and identify effective authentication and authorization methods, including high-speed data encryption. The significance of this study lies in the growing need for enhanced data security in scientific research. Therefore, the focus is on identifying suitable authentication and authorization schemes, including blockchain-based approaches for distributed mobile cloud computing. The research methodology includes observation, comparison, and abstraction, allowing for a comprehensive examination of advanced encryption schemes and algorithms. Topics covered in this article include multi-factor authentication, continuous authentication, identity-based cryptography for vehicle-to-vehicle (V2V) communication, secure blockchain-based authentication for fog computing, internet of things (IoT) device mutual authentication, authentication for wireless sensor networks based on blockchain, new secure authentication schemes for standard wireless telecommunications networks, and the security aspects of 4G and 5G cellular networks. Additionally, in the paper a differentiated authentication mechanism for heterogeneous 6G networks blockchain-based is discussed. The findings presented in this article hold practical value for organizations involved in scientific research and information security, particularly in encryption and protection of sensitive data
A secure lightweight authentication mechanism for IoT devices in generic domain
The Internet of Things prompt deployment enhances the security concerns of these systems in recent years. The enormous exchange of sensory information between devices raises the necessity for a secure authentication scheme for Internet of Things devices. Despite many proposed schemes, providing authenticated and secure communication for Internet of Things devices is still an open issue. This research addresses challenges pertaining to the Internet of Things authentication, verification, and communication, and proposes a new secure lightweight mechanism for Internet of Things devices in the generic domain. The proposed authentication method utilizes environmental variables obtained by sensors to allow the system to identify genuine devices and reject anomalous connections
IoT Security Evolution: Challenges and Countermeasures Review
Internet of Things (IoT) architecture, technologies, applications and security have been recently addressed by a number of researchers. Basically, IoT adds internet connectivity to a system of intelligent devices, machines, objects and/or people. Devices are allowed to automatically collect and transmit data over the Internet, which exposes them to serious attacks and threats. This paper provides an intensive review of IoT evolution with primary focusing on security issues together with the proposed countermeasures. Thus, it outlines the IoT security challenges as a future roadmap of research for new researchers in this domain
FlexiChain 2.0: NodeChain Assisting Integrated Decentralized Vault for Effective Data Authentication and Device Integrity in Complex Cyber-Physical Systems
Distributed Ledger Technology (DLT) has been introduced using the most common
consensus algorithm either for an electronic cash system or a decentralized
programmable assets platform which provides general services. Most established
reliable networks are unsuitable for all applications such as smart cities
applications, and, in particular, Internet of Things (IoT) and Cyber Physical
Systems (CPS) applications. The purpose of this paper is to provide a suitable
DLT for IoT and CPS that could satisfy their requirements. The proposed work
has been designed based on the requirements of Cyber Physical Systems.
FlexiChain is proposed as a layer zero network that could be formed from
independent blockchains. Also, NodeChain has been introduced to be a
distributed (Unique ID) UID aggregation vault to secure all nodes' UIDs.
Moreover, NodeChain is proposed to serve mainly FlexiChain for all node
security requirements. NodeChain targets the security and integrity of each
node. Also, the linked UIDs create a chain of narration that keeps track not
merely for assets but also for who authenticated the assets. The security
results present a higher resistance against four types of attacks. Furthermore,
the strength of the network is presented from the early stages compared to
blockchain and central authority. FlexiChain technology has been introduced to
be a layer zero network for all CPS decentralized applications taking into
accounts their requirements. FlexiChain relies on lightweight processing
mechanisms and creates other methods to increase security
- …