6,140 research outputs found
MOF-BC: A Memory Optimized and Flexible BlockChain for Large Scale Networks
BlockChain (BC) immutability ensures BC resilience against modification or
removal of the stored data. In large scale networks like the Internet of Things
(IoT), however, this feature significantly increases BC storage size and raises
privacy challenges. In this paper, we propose a Memory Optimized and Flexible
BC (MOF-BC) that enables the IoT users and service providers to remove or
summarize their transactions and age their data and to exercise the "right to
be forgotten". To increase privacy, a user may employ multiple keys for
different transactions. To allow for the removal of stored transactions, all
keys would need to be stored which complicates key management and storage.
MOF-BC introduces the notion of a Generator Verifier (GV) which is a signed
hash of a Generator Verifier Secret (GVS). The GV changes for each transaction
to provide privacy yet is signed by a unique key, thus minimizing the
information that needs to be stored. A flexible transaction fee model and a
reward mechanism is proposed to incentivize users to participate in optimizing
memory consumption. Qualitative security and privacy analysis demonstrates that
MOF-BC is resilient against several security attacks. Evaluation results show
that MOF-BC decreases BC memory consumption by up to 25\% and the user cost by
more than two orders of magnitude compared to conventional BC instantiations
Lightweight Blockchain Framework for Location-aware Peer-to-Peer Energy Trading
Peer-to-Peer (P2P) energy trading can facilitate integration of a large
number of small-scale producers and consumers into energy markets.
Decentralized management of these new market participants is challenging in
terms of market settlement, participant reputation and consideration of grid
constraints. This paper proposes a blockchain-enabled framework for P2P energy
trading among producer and consumer agents in a smart grid. A fully
decentralized market settlement mechanism is designed, which does not rely on a
centralized entity to settle the market and encourages producers and consumers
to negotiate on energy trading with their nearby agents truthfully. To this
end, the electrical distance of agents is considered in the pricing mechanism
to encourage agents to trade with their neighboring agents. In addition, a
reputation factor is considered for each agent, reflecting its past performance
in delivering the committed energy. Before starting the negotiation, agents
select their trading partners based on their preferences over the reputation
and proximity of the trading partners. An Anonymous Proof of Location (A-PoL)
algorithm is proposed that allows agents to prove their location without
revealing their real identity. The practicality of the proposed framework is
illustrated through several case studies, and its security and privacy are
analyzed in detail
Kevoree Modeling Framework (KMF): Efficient modeling techniques for runtime use
The creation of Domain Specific Languages(DSL) counts as one of the main
goals in the field of Model-Driven Software Engineering (MDSE). The main
purpose of these DSLs is to facilitate the manipulation of domain specific
concepts, by providing developers with specific tools for their domain of
expertise. A natural approach to create DSLs is to reuse existing modeling
standards and tools. In this area, the Eclipse Modeling Framework (EMF) has
rapidly become the defacto standard in the MDSE for building Domain Specific
Languages (DSL) and tools based on generative techniques. However, the use of
EMF generated tools in domains like Internet of Things (IoT), Cloud Computing
or Models@Runtime reaches several limitations. In this paper, we identify
several properties the generated tools must comply with to be usable in other
domains than desktop-based software systems. We then challenge EMF on these
properties and describe our approach to overcome the limitations. Our approach,
implemented in the Kevoree Modeling Framework (KMF), is finally evaluated
according to the identified properties and compared to EMF.Comment: ISBN 978-2-87971-131-7; N° TR-SnT-2014-11 (2014
A survey on subjecting electronic product code and non-ID objects to IP identification
Over the last decade, both research on the Internet of Things (IoT) and
real-world IoT applications have grown exponentially. The IoT provides us with
smarter cities, intelligent homes, and generally more comfortable lives.
However, the introduction of these devices has led to several new challenges
that must be addressed. One of the critical challenges facing interacting with
IoT devices is to address billions of devices (things) around the world,
including computers, tablets, smartphones, wearable devices, sensors, and
embedded computers, and so on. This article provides a survey on subjecting
Electronic Product Code and non-ID objects to IP identification for IoT
devices, including their advantages and disadvantages thereof. Different
metrics are here proposed and used for evaluating these methods. In particular,
the main methods are evaluated in terms of their: (i) computational overhead,
(ii) scalability, (iii) adaptability, (iv) implementation cost, and (v) whether
applicable to already ID-based objects and presented in tabular format.
Finally, the article proves that this field of research will still be ongoing,
but any new technique must favorably offer the mentioned five evaluative
parameters.Comment: 112 references, 8 figures, 6 tables, Journal of Engineering Reports,
Wiley, 2020 (Open Access
The Meeting of Acquaintances: A Cost-efficient Authentication Scheme for Light-weight Objects with Transient Trust Level and Plurality Approach
Wireless sensor networks consist of a large number of distributed sensor
nodes so that potential risks are becoming more and more unpredictable. The new
entrants pose the potential risks when they move into the secure zone. To build
a door wall that provides safe and secured for the system, many recent research
works applied the initial authentication process. However, the majority of the
previous articles only focused on the Central Authority (CA) since this leads
to an increase in the computation cost and energy consumption for the specific
cases on the Internet of Things (IoT). Hence, in this article, we will lessen
the importance of these third parties through proposing an enhanced
authentication mechanism that includes key management and evaluation based on
the past interactions to assist the objects joining a secured area without any
nearby CA. We refer to a mobility dataset from CRAWDAD collected at the
University Politehnica of Bucharest and rebuild into a new random dataset
larger than the old one. The new one is an input for a simulated authenticating
algorithm to observe the communication cost and resource usage of devices. Our
proposal helps the authenticating flexible, being strict with unknown devices
into the secured zone. The threshold of maximum friends can modify based on the
optimization of the symmetric-key algorithm to diminish communication costs
(our experimental results compare to previous schemes less than 2000 bits) and
raise flexibility in resource-constrained environments.Comment: 27 page
SEABASS: Symmetric-keychain Encryption and Authentication for Building Automation Systems
There is an increasing security risk in Building Automation Systems (BAS) in that its communication is unprotected, resulting in the adversary having the capability to inject spurious commands to the actuators to alter the behaviour of BAS. The communication between the Human-Machine-Interface (HMI) and the controller (PLC) is vulnerable as there is no secret key being used to protect the authenticity, confidentiality and integrity of the sensor data and commands.
We propose SEABASS, a lightweight key management scheme to distribute and manage session keys between HMI and PLCs, providing a secure communication channel between any two communicating devices in BAS through a symmetric-key based hash-chain encryption and authentication of message exchange. Our scheme facilitates automatic renewal of session keys periodically based on the use of a reversed hash-chain. A prototype was implemented using the BACnet/IP communication protocol and the preliminary results show that the symmetric keychain approach is lightweight and incurs low latency
Resource Efficient Authentication and Session Key Establishment Procedure for Low-Resource IoT Devices
open access journalThe Internet of Things (IoT) can includes many resource-constrained devices, with most usually needing to securely communicate with their network managers, which are more resource-rich devices in the IoT network. We propose a resource-efficient security scheme that includes authentication of devices with their network managers, authentication between devices on different networks, and an attack-resilient key establishment procedure. Using automated validation with internet security protocols and applications tool-set, we analyse several attack scenarios to determine the security soundness of the proposed solution, and then we evaluate its performance analytically and experimentally. The performance analysis shows that the proposed solution occupies little memory and consumes low energy during the authentication and key generation processes respectively. Moreover, it protects the network from well-known attacks (man-in-the-middle attacks, replay attacks, impersonation attacks, key compromission attacks and denial of service attacks)
- …