Systematic Review of Internet of Things Security

The Internet of Things has become a new paradigm of current communications technology that requires a deeper overview to map its application domains, advantages, and disadvantages. There have been a number of in-depth research efforts to study various aspects of IoT. However, to the best of our knowledge, there is no literature that have discussed specifically and deeply about the security and privacy aspects of IoT. To that end, this paper aims at providing a more comprehensive and systematic review of IoT security based on the survey result of the most recent literature over the past three years (2015 to 2017). We have classified IoT security research based on the research objectives, application domains, vulner-abilities/threats, countermeasures, platforms, proto-cols, and performance measurements. We have also provided some security challenges for further research

IoT Resources and Their Practical Application, A Comprehensive Study

The Internet of Things (IoT) has become a paradigm shifter, connecting an enormous number of smart devices and facilitating seamless data exchange for a diverse array of applications. The availability and effective use of the IoT ecosystem's resources are key factors in determining how its practical applications will develop as they mature. The IoT resources and their practical application across several areas are thoroughly explored in this paper. The paper begins by classifying and describing the various sensor types, their applications in various fields, and IoT resources, highlighting their contributions to real-time data collection, processing, and transmission. It then goes on to demonstrate a wide range of real-world uses for these resources, such as smart cities, education, agriculture, business, healthcare, environment monitoring, transportation, and industrial automation. However, utilizing IoT resources effectively is not without difficulties. Critical difficulties such as resource allocation, scalability, security, interoperability, and privacy concerns are identified and discussed in the paper. Furthermore, the paper also highlights future directions and emerging trends in IoT resource management, including edge computing, cloud computing, human machine integration, and compatibility with other systems. These developments aim to increase the dependability of IoT applications in diverse settings and optimize resource allocation. This paper's conclusion highlights the crucial role that IoT resources play in advancing real-world applications across a variety of areas. Researchers, practitioners, policymakers, and other stakeholders may collaborate together to effectively leverage the full potential of IoT resources to build intelligent, effective ecosystems that meet the needs of contemporary society by solving difficulties and utilizing developing trends

Secure privacy-preserving computing applications on cloud using homomorphic cryptography

The advancement of cloud computing technologies has provided users and business organisations with various cloud-based options to store and access information externally, across multiple platforms and geographic locations. The cloud also has the ability to deliver scalable and high-performance computing services on demand and in a cost-effective manner while helping users to avoid the trouble of maintaining large data centres and complex computing facilities. The economies of scale increase revenue for cloud providers and lower costs for cloud users. The resulting on-demand model of computing allows providers to achieve better resource utilization through statistical multiplexing, and enables users to avoid the costs of resource over-provisioning through dynamic scaling. However, there are major security and privacy concerns when data is stored in external cloud storage systems. For example, when personal information is stored in unencrypted formats on the cloud, service providers can learn many details about the users such as their preferences, past behaviours and biometric identities. The widely distributed nature of cloud architectures means that server farms can be located in many countries or geographic locations that might be under different laws and regulations regarding user privacy. Furthermore, cloud service providers may encrypt data in-transit, but not while user data is stored on their servers, causing the reluctance of many business organisations to outsource the storage of their sensitive and valuable data, which can be major targets for attacks coming from both outside attackers and insiders. Therefore, encrypting the data when it is stored on the cloud is an important task to guarantee the confidentiality and privacy of users data. However, traditional cryptographic techniques make it difficult for processing tasks such as searching, updating or checking the integrity of encrypted data without asking clients to download and decrypt large amounts of data from the cloud. To realise the full potential of cloud computing, better cryptographic schemes are required. They should enable the cloud to perform various computing operations on encrypted data and return encrypted results to customers. Another desirable feature is how a cryptographic scheme can allow different parties to combine their encrypted data and perform some computing tasks on the cloud without compromising the confidentiality and privacy of the data of each party. Recently, homomorphic cryptography has increasingly been the focus of researchers because this technology has a great potential to provide the desirable features described above. Homomorphic encryption can be implemented either as a symmetric or a public-private asymmetric key paradigm. This technique allows many types of computing operations to be performed on ciphertext and output encrypted results which, when decrypted, are found to be identical to the results of the same operations performed on plaintext data. With a homomorphic cryptosystem, many computational circuits can now be homomorphically evaluated, producing programs that might be run on encryptions of their inputs to produce an encryption of their output. Since the inputs of such programs are encrypted, a computation task can be performed on an untrusted cloud without revealing any inputs and internal states. In this thesis, we focus the design and implementation of various application models of homomorphic cryptography so that the cloud can be used more effective and securely to store and process sensitive customer data. Our research works throughout many chapters of this thesis also provide valuable information regarding the security of homomorphic cryptography in many use case scenarios. We illustrate how homomorphic cryptography can be applied effectively with all of its flexibility, power and usefulness in many applications ranging from smart grid, e-commerce to secret sharing. In this thesis, we also propose approaches to enhance the efficiency and effectiveness of homomorphic cryptography, so that these cryptographic schemes can be applied not only in current cloud-based application, but also in larger, more mission-critical applications in the future