890 research outputs found
Web3.0 Security: Privacy Enhancing and Anonym Auditing in Blockchain-based Structures
The advent of Web 3.0, underpinned by blockchain technologies, promises to
transform the internet's landscape by empowering individuals with decentralized
control over their data. However, this evolution brings unique security
challenges that need to be addressed. This paper explores these complexities,
focusing on enhancing privacy and anonymous auditing within blockchain
structures. We present the architecture of Web 3.0 based on the blockchain,
providing a clear perspective on its workflow and security mechanisms. A
security protocol for Web 3.0 systems, employing privacy-preserving techniques
and anonymous auditing during runtime, is proposed. Key components of our
solution include the integration of privacy-enhancing techniques and the
utilization of Tor for anonymous auditing. We discuss related work and propose
a framework that meets these new security requirements. Lastly, we offer an
evaluation and comparison of our model to existing methods. This research
contributes towards the foundational understanding of Web 3.0's secure
structure and offers a pathway towards secure and privacy-preserving digital
interactions in this novel internet landscape
Privacy-Preserving Data in IoT-based Cloud Systems: A Comprehensive Survey with AI Integration
As the integration of Internet of Things devices with cloud computing
proliferates, the paramount importance of privacy preservation comes to the
forefront. This survey paper meticulously explores the landscape of privacy
issues in the dynamic intersection of IoT and cloud systems. The comprehensive
literature review synthesizes existing research, illuminating key challenges
and discerning emerging trends in privacy preserving techniques. The
categorization of diverse approaches unveils a nuanced understanding of
encryption techniques, anonymization strategies, access control mechanisms, and
the burgeoning integration of artificial intelligence. Notable trends include
the infusion of machine learning for dynamic anonymization, homomorphic
encryption for secure computation, and AI-driven access control systems. The
culmination of this survey contributes a holistic view, laying the groundwork
for understanding the multifaceted strategies employed in securing sensitive
data within IoT-based cloud environments. The insights garnered from this
survey provide a valuable resource for researchers, practitioners, and
policymakers navigating the complex terrain of privacy preservation in the
evolving landscape of IoT and cloud computingComment: 33 page
A security-and quality-aware system architecture for Internet of Things
Internet of Things (IoT) is characterized, at the system level, by high diversity with respect to enabling technologies and supported services. IoT also assumes to deal with a huge amount of heterogeneous data generated by devices, transmitted by the underpinning infrastructure and processed to support value-added services. In order to provide users with valuable output, the IoT architecture should guarantee the suitability and trustworthiness of the processed data. This is a major requirement of such systems in order to guarantee robustness and reliability at the service level. In this paper, we introduce a novel IoT architecture able to support security, privacy and data quality guarantees, thereby effectively boosting the diffusion of IoT services
FlexiChain 2.0: NodeChain Assisting Integrated Decentralized Vault for Effective Data Authentication and Device Integrity in Complex Cyber-Physical Systems
Distributed Ledger Technology (DLT) has been introduced using the most common
consensus algorithm either for an electronic cash system or a decentralized
programmable assets platform which provides general services. Most established
reliable networks are unsuitable for all applications such as smart cities
applications, and, in particular, Internet of Things (IoT) and Cyber Physical
Systems (CPS) applications. The purpose of this paper is to provide a suitable
DLT for IoT and CPS that could satisfy their requirements. The proposed work
has been designed based on the requirements of Cyber Physical Systems.
FlexiChain is proposed as a layer zero network that could be formed from
independent blockchains. Also, NodeChain has been introduced to be a
distributed (Unique ID) UID aggregation vault to secure all nodes' UIDs.
Moreover, NodeChain is proposed to serve mainly FlexiChain for all node
security requirements. NodeChain targets the security and integrity of each
node. Also, the linked UIDs create a chain of narration that keeps track not
merely for assets but also for who authenticated the assets. The security
results present a higher resistance against four types of attacks. Furthermore,
the strength of the network is presented from the early stages compared to
blockchain and central authority. FlexiChain technology has been introduced to
be a layer zero network for all CPS decentralized applications taking into
accounts their requirements. FlexiChain relies on lightweight processing
mechanisms and creates other methods to increase security
User-centric privacy preservation in Internet of Things Networks
Recent trends show how the Internet of Things (IoT) and its services are becoming more omnipresent and popular. The end-to-end IoT services that are extensively used include everything from neighborhood discovery to smart home security systems, wearable health monitors, and connected appliances and vehicles. IoT leverages different kinds of networks like Location-based social networks, Mobile edge systems, Digital Twin Networks, and many more to realize these services. Many of these services rely on a constant feed of user information. Depending on the network being used, how this data is processed can vary significantly. The key thing to note is that so much data is collected, and users have little to no control over how extensively their data is used and what information is being used. This causes many privacy concerns, especially for a na ̈ıve user who does not know the implications and consequences of severe privacy breaches. When designing privacy policies, we need to understand the different user data types used in these networks. This includes user profile information, information from their queries used to get services (communication privacy), and location information which is much needed in many on-the-go services. Based on the context of the application, and the service being provided, the user data at risk and the risks themselves vary. First, we dive deep into the networks and understand the different aspects of privacy for user data and the issues faced in each such aspect. We then propose different privacy policies for these networks and focus on two main aspects of designing privacy mechanisms: The quality of service the user expects and the private information from the user’s perspective. The novel contribution here is to focus on what the user thinks and needs instead of fixating on designing privacy policies that only satisfy the third-party applications’ requirement of quality of service
From Conventional to State-of-the-Art IoT Access Control Models
open access articleThe advent in Online Social Networks (OSN) and Internet of Things (IoT) has created a new world of collaboration and communication between people and devices. The domain of internet of things uses billions of devices (ranging from tiny sensors to macro scale devices) that continuously produce and exchange huge amounts of data with people and applications. Similarly, more than a billion people are connected through social networking sites to collaborate and share their knowledge. The applications of IoT such as smart health, smart city, social networking, video surveillance and vehicular communication are quickly evolving people’s daily lives. These applications provide accurate, information-rich and personalized services to the users. However, providing personalized information comes at the cost of accessing private information of users such as their location, social relationship details, health information and daily activities. When the information is accessible online, there is always a chance that it can be used maliciously by unauthorized entities. Therefore, an effective access control mechanism must be employed to ensure the security and privacy of entities using OSN and IoT services. Access control refers to a process which can restrict user’s access to data and resources. It enforces access rules to grant authorized users an access to resources and prevent others. This survey examines the increasing literature on access control for traditional models in general, and for OSN and IoT in specific. Challenges and problems related to access control mechanisms are explored to facilitate the adoption of access control solutions in OSN and IoT scenarios. The survey provides a review of the requirements for access control enforcement, discusses several security issues in access control, and elaborates underlying principles and limitations of famous access control models. We evaluate the feasibility of current access control models for OSN and IoT and provide the future development direction of access control for the sam
Navigating the IoT landscape: Unraveling forensics, security issues, applications, research challenges, and future
Given the exponential expansion of the internet, the possibilities of
security attacks and cybercrimes have increased accordingly. However, poorly
implemented security mechanisms in the Internet of Things (IoT) devices make
them susceptible to cyberattacks, which can directly affect users. IoT
forensics is thus needed for investigating and mitigating such attacks. While
many works have examined IoT applications and challenges, only a few have
focused on both the forensic and security issues in IoT. Therefore, this paper
reviews forensic and security issues associated with IoT in different fields.
Future prospects and challenges in IoT research and development are also
highlighted. As demonstrated in the literature, most IoT devices are vulnerable
to attacks due to a lack of standardized security measures. Unauthorized users
could get access, compromise data, and even benefit from control of critical
infrastructure. To fulfil the security-conscious needs of consumers, IoT can be
used to develop a smart home system by designing a FLIP-based system that is
highly scalable and adaptable. Utilizing a blockchain-based authentication
mechanism with a multi-chain structure can provide additional security
protection between different trust domains. Deep learning can be utilized to
develop a network forensics framework with a high-performing system for
detecting and tracking cyberattack incidents. Moreover, researchers should
consider limiting the amount of data created and delivered when using big data
to develop IoT-based smart systems. The findings of this review will stimulate
academics to seek potential solutions for the identified issues, thereby
advancing the IoT field.Comment: 77 pages, 5 figures, 5 table
- …