Security and blockchain convergence with internet of multimedia things : current trends, research challenges and future directions

The Internet of Multimedia Things (IoMT) orchestration enables the integration of systems, software, cloud, and smart sensors into a single platform. The IoMT deals with scalar as well as multimedia data. In these networks, sensor-embedded devices and their data face numerous challenges when it comes to security. In this paper, a comprehensive review of the existing literature for IoMT is presented in the context of security and blockchain. The latest literature on all three aspects of security, i.e., authentication, privacy, and trust is provided to explore the challenges experienced by multimedia data. The convergence of blockchain and IoMT along with multimedia-enabled blockchain platforms are discussed for emerging applications. To highlight the significance of this survey, large-scale commercial projects focused on security and blockchain for multimedia applications are reviewed. The shortcomings of these projects are explored and suggestions for further improvement are provided. Based on the aforementioned discussion, we present our own case study for healthcare industry: a theoretical framework having security and blockchain as key enablers. The case study reflects the importance of security and blockchain in multimedia applications of healthcare sector. Finally, we discuss the convergence of emerging technologies with security, blockchain and IoMT to visualize the future of tomorrow's applications. © 2020 Elsevier Lt

A lightweight authentication mechanism for M2M communications in industrial IoT environment

In the emerging Industrial IoT era, Machine-to-Machine (M2M) communication technology is considered as a key underlying technology for building Industrial IoT environments where devices (e.g., sensors, actuators, gateways) are enabled to exchange information with each other in an autonomous way without human intervention. However, most of the existing M2M protocols that can be also used in the Industrial IoT domain provide security mechanisms based on asymmetric cryptography resulting in high computational cost. As a consequence, the resource-constrained IoT devices are not able to support them appropriately and thus, many security issues arise for the Industrial IoT environment. Therefore, lightweight security mechanisms are required for M2M communications in Industrial IoT in order to reach its full potential. As a step towards this direction, in this paper, we propose a lightweight authentication mechanism, based only on hash and XOR operations, for M2M communications in Industrial IoT environment. The proposed mechanism is characterized by low computational cost, communication and storage overhead, while achieving mutual authentication, session key agreement, device’s identity confidentiality, and resistance against the following attacks: replay attack, man-in-the-middle attack, impersonation attack, and modification attack

Secure Real-time Data Transmission for Drone Delivery Services using Forward Prediction Scheduling SCTP

Drone technology is considered the most effective solution for the improvement of various industrial fields. As a delivery service, drones need a secure communication system that is also able to manage all of the information data in real-time.  However, because the data transmission process occurs in a wireless network, data will be sent over a channel that is more unstable and vulnerable to attack. Thus, this research, purposes a  Forward Prediction Scheduling-based Stream Control Transmission Protocol (FPS-SCTP) scheme that is implemented on drone data transmission system. This scheme supports piggybacking, multi-streaming, and Late Messages Filter (LMF) which will improve the real-time transmission process in IEEE 802.11 wireless network. Meanwhile, on the cybersecurity aspect, this scheme provides the embedded option feature to enable the encryption mechanism using AES and the digital signatures mechanism using ECDSA. The results show that the FPS-SCTP scheme has better network performance than the default SCTP, and provides full security services with low computation time. This research contributes to providing a communication protocol scheme that is suitable for use on the internet of drones’ environment, both in real-time and reliable security levels

Security Attacks and Countermeasures in Smart Homes

The Internet of Things (IoT) application is visible in all aspects of humans’ day-to-day affairs. The demand for IoT is growing at an unprecedented rate, from wearable wristwatches to autopilot cars. The smart home has also seen significant advancements to improve the quality of lifestyle. However, the security and privacy of IoT devices have become primary concerns as data is shared among intelligent devices and over the internet in a smart home network. There are several attacks - node capturing attack, sniffing attack, malware attack, boot phase attack, etc., which are conducted by adversaries to breach the security of smart homes. The security breach has a negative impact on the tenants\u27 privacy and prevents the availability of smart home services. This article presents smart homes\u27 most common security attacks and mitigation techniques

Secure Proximity-Based Identity Pairing using an Untrusted Signalling Service

New protocols such as WebRTC promise seamless in-browser peer-to-peer communications that in theory remove the need for third-party services. In practice, widespread use of Firewalls, NATS and dynamic IP addresses mean that overlay addressing or use of some fixed rendezvous point is still needed. In this paper we describe a proximity-based pairing scheme that uses a signalling service to minimise the trust requirements on the third party, achieving anonymity and avoiding the need for PKI, while still requiring only a simple asymmetric pairing protocol

Revisiting the Feasibility of Public Key Cryptography in Light of IIoT Communications

Digital certificates are regarded as the most secure and scalable way of implementing authentication services in the Internet today. They are used by most popular security protocols, including Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). The lifecycle management of digital certificates relies on centralized Certification Authority (CA)-based Public Key Infrastructures (PKIs). However, the implementation of PKIs and certificate lifecycle management procedures in Industrial Internet of Things (IIoT) environments presents some challenges, mainly due to the high resource consumption that they imply and the lack of trust in the centralized CAs. This paper identifies and describes the main challenges to implement certificate-based public key cryptography in IIoT environments and it surveys the alternative approaches proposed so far in the literature to address these challenges. Most proposals rely on the introduction of a Trusted Third Party to aid the IIoT devices in tasks that exceed their capacity. The proposed alternatives are complementary and their application depends on the specific challenge to solve, the application scenario, and the capacities of the involved IIoT devices. This paper revisits all these alternatives in light of industrial communication models, identifying their strengths and weaknesses, and providing an in-depth comparative analysis.This work was financially supported by the European commission through ECSEL-JU 2018 program under the COMP4DRONES project (grant agreement N∘ 826610), with national financing from France, Spain, Italy, Netherlands, Austria, Czech, Belgium and Latvia. It was also partially supported by the Ayudas Cervera para Centros Tecnológicos grant of the Spanish Centre for the Development of Industrial Technology (CDTI) under the project EGIDA (CER-20191012), and in part by the Department of Economic Development and Competitiveness of the Basque Government through the project TRUSTIND—Creating Trust in the Industrial Digital Transformation (KK-2020/00054)

Fast Session Resumption in DTLS for Mobile Communications

DTLS is a protocol that provides security guarantees to Internet communications. It can operate on top of both TCP and UDP transport protocols. Thus, it is particularly suited for peer-to-peer and distributed multimedia applications. The same holds if the endpoints are mobile devices. In this scenario, mechanisms are needed to surmount possible network disconnections, often arising due to the mobility or the scarce resources of devices, that can jeopardize the quality of the communications. Session resumption is thus a main issue to deal with. To this aim, we propose a fast reconnection scheme that employs non-connected sockets to quickly resume DTLS communication sessions. The proposed scheme is assessed in a performance evaluation that confirms its viability.Comment: Proceedings of the IEEE Consumer Communications and Networking Conference 2020 (CCNC 2020