PrivySharing: A Blockchain-based framework for integrity and privacy-preserving data sharing in Smart Cities

Copyright © 2019 by SCITEPRESS – Science and Technology Publications, Lda. All rights reserved The ubiquitous use of Internet of Things (IoT) ranges from industrial control systems to e-Health, e-commerce, smart cities, supply chain management, smart cars, cyber-physical systems and a lot more. However, the data collected and processed by IoT systems especially the ones with centralized control are vulnerable to availability, integrity, and privacy threats. Hence, we present “PrivySharing,” a blockchain-based innovative framework for integrity and privacy-preserving IoT data sharing in a smart city environment. The proposed scheme is distinct from existing technologies on many aspects. The data privacy is preserved by dividing the blockchain network into various channels, where every channel processes a specific type of data such as health, smart car, smart energy or financial data. Moreover, access to user data within a channel is controlled by embedding access control rules in the smart contracts. In addition, users' data within a channel is further isolated and secured by using private data collection. Likewise, the REST API that enables clients to interact with the blockchain network has dual security in the form of an API Key and OAuth 2.0. The proposed solution also conforms to some of the significant requirements outlined in the European Union General Data Protection Regulation. Lastly, we present a system of reward in the form of a digital token “PrivyCoin” for the users for sharing their data with the stakeholders/third parties

PrivySharing: A blockchain-based framework for privacy-preserving and secure data sharing in smart cities

© 2019 Elsevier Ltd The ubiquitous use of Internet of Things (IoT) ranges from industrial control systems to e-Health, e-commerce, smart cities, agriculture, supply chain management, smart cars, cyber-physical systems and a lot more. However, the data collected and processed by IoT systems especially the ones with centralized control are vulnerable to availability, integrity, and privacy threats. Hence, we present “PrivySharing,” a blockchain-based innovative framework for privacy-preserving and secure IoT data sharing in a smart city environment. The proposed scheme is distinct from existing strategies on many aspects. The data privacy is preserved by dividing the blockchain network into various channels, where every channel comprises a finite number of authorized organizations and processes a specific type of data such as health, smart car, smart energy or financial details. Moreover, access to users’ data within a channel is controlled by embedding access control rules in the smart contracts. In addition, data within a channel is further isolated and secured by using private data collection and encryption respectively. Likewise, the REST API that enables clients to interact with the blockchain network has dual security in the form of an API Key and OAuth 2.0. The proposed solution conforms to some of the significant requirements outlined in the European Union General Data Protection Regulation. We also present a system of reward in the form of a digital token named “PrivyCoin” for users sharing their data with stakeholders/third parties. Lastly, the experimental outcomes advocate that a multi-channel blockchain scales well as compared to a single-channel blockchain system

Systematic Review on Security and Privacy Requirements in Edge Computing: State of the Art and Future Research Opportunities

Edge computing is a promising paradigm that enhances the capabilities of cloud computing. In order to continue patronizing the computing services, it is essential to conserve a good atmosphere free from all kinds of security and privacy breaches. The security and privacy issues associated with the edge computing environment have narrowed the overall acceptance of the technology as a reliable paradigm. Many researchers have reviewed security and privacy issues in edge computing, but not all have fully investigated the security and privacy requirements. Security and privacy requirements are the objectives that indicate the capabilities as well as functions a system performs in eliminating certain security and privacy vulnerabilities. The paper aims to substantially review the security and privacy requirements of the edge computing and the various technological methods employed by the techniques used in curbing the threats, with the aim of helping future researchers in identifying research opportunities. This paper investigate the current studies and highlights the following: (1) the classification of security and privacy requirements in edge computing, (2) the state of the art techniques deployed in curbing the security and privacy threats, (3) the trends of technological methods employed by the techniques, (4) the metrics used for evaluating the performance of the techniques, (5) the taxonomy of attacks affecting the edge network, and the corresponding technological trend employed in mitigating the attacks, and, (6) research opportunities for future researchers in the area of edge computing security and privacy