5 research outputs found
Trust Management in Decentralized IoT Access Control System
Heterogeneous and dynamic IoT environments require a lightweight, scalable,
and trustworthy access control system for protection from unauthorized access
and for automated detection of compromised nodes. Recent proposals in IoT
access control systems have incorporated blockchain to overcome inherent issues
in conventional access control schemes. However, the dynamic interaction of IoT
networks remains uncaptured. Here, we develop a blockchain based Trust and
Reputation System (TRS) for IoT access control, which progressively evaluates
and calculates the trust and reputation score of each participating node to
achieve a self-adaptive and trustworthy access control system. Trust and
reputation are explicitly incorporated in the attribute-based access control
policy, so that different nodes can be assigned to different access right
levels, resulting in dynamic access control policies. We implement our proposed
architecture in a private Ethereum blockchain comprised of a Docker container
network. We benchmark our solution using various performance metrics to
highlight its applicability for IoT contexts.Comment: Accepted to IEEE ICBC 202
A Blockchain-Based Trust Management Framework with Verifiable Interactions
There has been tremendous interest in the development of formal trust models
and metrics through the use of analytics (e.g., Belief Theory and Bayesian
models), logics (e.g., Epistemic and Subjective Logic) and other mathematical
models. The choice of trust metric will depend on context, circumstance and
user requirements and there is no single best metric for use in all
circumstances. Where different users require different trust metrics to be
employed the trust score calculations should still be based on all available
trust evidence. Trust is normally computed using past experiences but, in
practice (especially in centralised systems), the validity and accuracy of
these experiences are taken for granted. In this paper, we provide a formal
framework and practical blockchain-based implementation that allows independent
trust providers to implement different trust metrics in a distributed manner
while still allowing all trust providers to base their calculations on a common
set of trust evidence. Further, our design allows experiences to be provably
linked to interactions without the need for a central authority. This leads to
the notion of evidence-based trust with provable interactions. Leveraging
blockchain allows the trust providers to offer their services in a competitive
manner, charging fees while users are provided with payments for recording
experiences. Performance details of the blockchain implementation are provided
Blockchain for IoT Access Control: Recent Trends and Future Research Directions
With the rapid development of wireless sensor networks, smart devices, and
traditional information and communication technologies, there is tremendous
growth in the use of Internet of Things (IoT) applications and services in our
everyday life. IoT systems deal with high volumes of data. This data can be
particularly sensitive, as it may include health, financial, location, and
other highly personal information. Fine-grained security management in IoT
demands effective access control. Several proposals discuss access control for
the IoT, however, a limited focus is given to the emerging blockchain-based
solutions for IoT access control. In this paper, we review the recent trends
and critical needs for blockchain-based solutions for IoT access control. We
identify several important aspects of blockchain, including decentralised
control, secure storage and sharing information in a trustless manner, for IoT
access control including their benefits and limitations. Finally, we note some
future research directions on how to converge blockchain in IoT access control
efficiently and effectively
Towards Secure and Intelligent Diagnosis: Deep Learning and Blockchain Technology for Computer-Aided Diagnosis Systems
Cancer is the second leading cause of death across the world after cardiovascular disease. The survival rate of patients with cancerous tissue can significantly decrease due to late-stage diagnosis. Nowadays, advancements of whole slide imaging scanners have resulted in a dramatic increase of patient data in the domain of digital pathology. Large-scale histopathology images need to be analyzed promptly for early cancer detection which is critical for improving patient's survival rate and treatment planning. Advances of medical image processing and deep learning methods have facilitated the extraction and analysis of high-level features from histopathological data that could assist in life-critical diagnosis and reduce the considerable healthcare cost associated with cancer. In clinical trials, due to the complexity and large variance of collected image data, developing computer-aided diagnosis systems to support quantitative medical image analysis is an area of active research. The first goal of this research is to automate the classification and segmentation process of cancerous regions in histopathology images of different cancer tissues by developing models using deep learning-based architectures. In this research, a framework with different modules is proposed, including (1) data pre-processing, (2) data augmentation, (3) feature extraction, and (4) deep learning architectures. Four validation studies were designed to conduct this research. (1) differentiating benign and malignant lesions in breast cancer (2) differentiating between immature leukemic blasts and normal cells in leukemia cancer (3) differentiating benign and malignant regions in lung cancer, and (4) differentiating benign and malignant regions in colorectal cancer.
Training machine learning models, disease diagnosis, and treatment often requires collecting patients' medical data. Privacy and trusted authenticity concerns make data owners reluctant to share their personal and medical data. Motivated by the advantages of Blockchain technology in healthcare data sharing frameworks, the focus of the second part of this research is to integrate Blockchain technology in computer-aided diagnosis systems to address the problems of managing access control, authentication, provenance, and confidentiality of sensitive medical data. To do so, a hierarchical identity and attribute-based access control mechanism using smart contract and Ethereum Blockchain is proposed to securely process healthcare data without revealing sensitive information to an unauthorized party leveraging the trustworthiness of transactions in a collaborative healthcare environment. The proposed access control mechanism provides a solution to the challenges associated with centralized access control systems and ensures data transparency and traceability for secure data sharing, and data ownership
On the Design of a Flexible Delegation Model for the Internet of Things Using Blockchain
The Internet of things (IoT) presents new opportunities and challenges due to its scale and dynamic nature. One significant challenge for the IoT is the need for security, in particular access control solutions, that are designed to meet the characteristics of these systems. Delegation of rights, from one entity to another, is a crucial component of an access control system. The IoT requires a secure, flexible, and fine-grained delegation model. While there has been considerable work in the area of delegation, much of it assumes a centralized, well-resourced system and these solutions have limited capacity in the context of the IoT. Where delegation models for the IoT have been proposed they typically provide only coarse-grained control over the delegation of rights. Moreover, many of them require a centralized trusted authority, which can suffer from a single-point failure and is not an ideal base for a large and dynamic system like the IoT. In this paper, we propose an identity-less, asynchronous, and decentralized delegation model for the IoT based on blockchain technology. We describe system components, architecture, and key aspects related to the security of the system. We use attributes to validate an entity rather than depending upon unique identities. We demonstrate the feasibility of our model through use-case examples and analyze the performance with a proof of concept testbed implementation using Ethereum private blockchain.</p