Security and Privacy for Green IoT-based Agriculture: Review, Blockchain solutions, and Challenges

open access articleThis paper presents research challenges on security and privacy issues in the field of green IoT-based agriculture. We start by describing a four-tier green IoT-based agriculture architecture and summarizing the existing surveys that deal with smart agriculture. Then, we provide a classification of threat models against green IoT-based agriculture into five categories, including, attacks against privacy, authentication, confidentiality, availability, and integrity properties. Moreover, we provide a taxonomy and a side-by-side comparison of the state-of-the-art methods toward secure and privacy-preserving technologies for IoT applications and how they will be adapted for green IoT-based agriculture. In addition, we analyze the privacy-oriented blockchain-based solutions as well as consensus algorithms for IoT applications and how they will be adapted for green IoT-based agriculture. Based on the current survey, we highlight open research challenges and discuss possible future research directions in the security and privacy of green IoT-based agriculture

Exploring Privacy-Preserving Disease Diagnosis: A Comparative Analysis

In the healthcare sector, data is considered as a valuable asset, with enormous amounts generated in the form of patient records and disease-related information. Leveraging machine learning techniques enables the analysis of extensive datasets, unveiling hidden patterns in diseases, facilitating personalized treatments, and forecasting potential health issues. However, the flourish of online diagnosis and prediction still faces some challenges related to information security and privacy as disease diagnosis technologies utilizes a lot of clinical records and sensitive patient data. Hence, it becomes imperative to prioritize the development of innovative methodologies that not only advance the accuracy and efficiency of disease prediction but also ensure the highest standards of privacy protection. This requires collaborative efforts between researchers, healthcare practitioners, and policymakers to establish a comprehensive framework that addresses the evolving landscape of healthcare data while safeguarding individual privacy. Addressing this constraint, numerous researchers integrate privacy preservation measures with disease prediction techniques to develop a system capable of diagnosing diseases without compromising the confidentiality of sensitive information. The survey paper conducts a comparative analysis of privacy-preserving techniques employed in disease diagnosis and prediction. It explores existing methodologies across various domains, assessing their efficacy and trade-offs in maintaining data confidentiality while optimizing diagnostic accuracy. The review highlights the need for robust privacy measures in disease prediction, shortcomings related to existing techniques of privacy preserving disease diagnosis, and provides insights into promising directions for future research in this critical intersection of healthcare and privacy preservation

EAGLE—A Scalable Query Processing Engine for Linked Sensor Data

Recently, many approaches have been proposed to manage sensor data using semantic web technologies for effective heterogeneous data integration. However, our empirical observations revealed that these solutions primarily focused on semantic relationships and unfortunately paid less attention to spatio–temporal correlations. Most semantic approaches do not have spatio–temporal support. Some of them have attempted to provide full spatio–temporal support, but have poor performance for complex spatio–temporal aggregate queries. In addition, while the volume of sensor data is rapidly growing, the challenge of querying and managing the massive volumes of data generated by sensing devices still remains unsolved. In this article, we introduce EAGLE, a spatio–temporal query engine for querying sensor data based on the linked data model. The ultimate goal of EAGLE is to provide an elastic and scalable system which allows fast searching and analysis with respect to the relationships of space, time and semantics in sensor data. We also extend SPARQL with a set of new query operators in order to support spatio–temporal computing in the linked sensor data context.EC/H2020/732679/EU/ACTivating InnoVative IoT smart living environments for AGEing well/ACTIVAGEEC/H2020/661180/EU/A Scalable and Elastic Platform for Near-Realtime Analytics for The Graph of Everything/SMARTE

mini-ELSA: using Machine Learning to improve space efficiency in Edge Lightweight Searchable Attribute-based encryption for Industry 4.0

In previous work a novel Edge Lightweight Searchable Attribute-based encryption (ELSA) method was proposed to support Industry 4.0 and specifically Industrial Internet of Things applications. In this paper, we aim to improve ELSA by minimising the lookup table size and summarising the data records by integrating Machine Learning (ML) methods suitable for execution at the edge. This integration will eliminate records of unnecessary data by evaluating added value to further processing. Thus, resulting in the minimization of both the lookup table size, the cloud storage and the network traffic taking full advantage of the edge architecture benefits. We demonstrate our mini-ELSA expanded method on a well-known power plant dataset. Our results demonstrate a reduction of storage requirements by 21% while improving execution time by 1.27x

Privacy-preserving data search with fine-grained dynamic search right management in fog-assisted Internet of Things

This is the author accepted manuscript. The final version is available from Elsevier via the DOI in this record.Fog computing, as an assisted method for cloud computing, collects Internet of Things (IoT) data to multiple fog nodes on the edge of IoT and outsources them to the cloud for data search, and it reduces the computation cost on IoT nodes and provides fine-grained search right management. However, to provide privacy-preserving IoT data search, the existing searchable encryptions are very inefficient as the computation cost is too high for the resource-constrained IoT ends. Moreover, to provide dynamic search right management, the users need to be online all the time in the existing schemes, which is impractical. In this paper, we first present a new fog-assisted privacy-preserving IoT data search framework, where the data from each IoT device is collected by a fog node, stored in a determined document and outsourced to the cloud, the users search the data through the fog nodes, and the fine-grained search right management is maintained at document level. Under this framework, two searchable encryption schemes are proposed, i.e., Credible Fog Nodes assisted Searchable Encryption (CFN-SE) and Semi-trusted Fog Nodes assisted Searchable Encryption (STFN-SE). In CFN-SE scheme, the indexes and trapdoors are generated by the fog nodes, which greatly reduce the computation costs at the IoT devices and user ends, and fog nodes are used to support offline users’ key update. In STFN-SE scheme, the semi-trusted fog nodes are used to provide storage of encrypted key update information to assist offline users’ search right update. In both schemes, no re-encryption of the keywords is needed in search right updates. The performance evaluations of our schemes demonstrate the feasibility and high efficiency of our system.National Key Research and Development ProgramNational Natural Science Foundation of ChinaSichuan Provincial Major Frontier IssuesState Key Laboratory of Integrated Services Networks, Xidian Universit

Blockchain Technology for Secure Accounting Management: Research Trends Analysis

The scope of blockchain technology, initially associated with the cryptocurrency Bitcoin, is greater due to the multiple applications in various disciplines. Its use in accounting lies mainly in the fact that it reduces risks and the eventuality of fraud, eliminates human error, promotes efficiency, and increases transparency and reliability. This means that different economic sectors assume it as a recording and management instrument. The aim is to examine current and emerging research lines at a global level on blockchain technology for secure accounting management. The evolution of the publication of the number of articles between 2016 and 2020 was analyzed. Statistical and mathematical techniques were applied to a sample of 1130 records from the Scopus database. The data uncovered a polynomial trend in this period. The seven main lines of work were identified: blockchain, network security, information management, digital storage, edge computing, commerce, and the Internet of Things. The ten most outstanding emerging research lines are detected. This study provides the past and future thematic axes on this incipient field of knowledge, which is a tool for decision-making by academics, researchers, and directors of research investment program

BLA2C2: Design of a Novel Blockchain-based Light-Weight Authentication & Access Control Layer for Cloud Deployments

Cloud deployments are consistently under attack, from both internal and external adversaries. These attacks include, but are not limited to brute force, masquerading, improper access, session hijacking, cross site scripting (XSS), etc. To mitigate these attacks, a wide variety of authentication & access control models are proposed by researchers, and each of them vary in terms of their internal implementation characteristics. It was observed that these models are either highly complex, or lack in terms of security under multiple attacks, which limits their applicability for real-time deployments. Moreover, some of these models are not flexible and cannot be deployed under dynamic cloud scenarios (like constant reconfigurations of Virtual Machines, dynamic authentication use-cases, etc.). To overcome these issues, this text proposes design of a novel blockchain-based Light-weight authentication & access control layer that can be used for dynamic cloud deployments. The proposed model initially applies a header-level light-weight sanitization layer that removes Cross Site Scripting, SQL Injection, and other data-level attacks. This is followed by a light-weight authentication layer, that assists in improving login-level security for external attacks. The authentication layer uses IP matching with reverse geolocation mapping in order to estimate outlier login attempts. This layer is cascaded with an efficient blockchain-based access control model, which assists in mitigating session hijacking, masquerading, sybil and other control-level attacks. The blockchain model is developed via integration of Grey Wolf Optimization (GWO) to reduce unnecessary complexities, and provides faster response when compared with existing blockchain-based security deployments. Efficiency of the model was estimated in terms of accuracy of detection for different attack types, delay needed for detection of these attacks, and computational complexity during attack mitigation operations. This performance was compared with existing models, and it was observed that the proposed model showcases 8.3% higher accuracy, with 10.5% lower delay, and 5.9% lower complexity w.r.t. standard blockchain-based & other security models. Due to these enhancements, the proposed model was capable of deployment for a wide variety of large-scale scenarios

TKSE: Trustworthy keyword search over encrypted data with two-side verifiability via blockchain

AXA Research Fund Singapor