Model Keamanan Ubiquitous Dalam Mendukung Keamanan Data Pada Smart Agriculture Berbasis Autentikasi Token

Tujuan dari penelitian ini adalah untuk mengusulkan model keamanan sistem ubiquitous menggunakan autentikasi token pada Smart Agriculture. Kebutuhan jaringan yang selalu terkoneksi dibutuhkan untuk pengiriman data dalam Smart Agriculture, khususnya yang berbasis pada internet of things. Tetapi, karena selalu terkoneksi maka dibutuhkan keamanan data pada setiap proses pengiriman data. Model keamanan data dengan autentikasi dibutuhkan untuk menjaga dan memastikan bahwa yang berkomunikasi adalah perangkat yang diizinkan. Metode yang digunakan dalam pengembangan model ini meliputi studi literatur, pengumpulan data, analisis kebutuhan keamanan data, serta membuat model keamanan data. Hasil penelitian menunjukan bahwa model sistem Smart Agriculture dengan dukungan keamanan menggunakan autentikasi token memiliki peluang untuk diimplementasikan secara langsung untuk mendukung keamanan dalam proses pengiriman data.

Security of IoT in 5G Cellular Networks: A Review of Current Status, Challenges and Future Directions

The Internet of Things (IoT) refers to a global network that integrates real life physical objects with the virtual world through the Internet for making intelligent decisions. In a pervasive computing environment, thousands of smart devices, that are constrained in storage, battery backup and computational capability, are connected with each other. In such an environment, cellular networks that are evolving from 4G to 5G, are set to play a crucial role. Distinctive features like high bandwidth, wider coverage, easy connectivity, in-built billing mechanism, interface for M2M communication, etc., makes 5G cellular network a perfect candidate to be adopted as a backbone network for the future IoT. However, due to resource constrained nature of the IoT devices, researchers have anticipated several security and privacy issues in IoT deployments over 5G cellular network. Off late, several schemes and protocols have been proposed to handle these issues. This paper performs a comprehensive review of such schemes and protocols proposed in recent times. Different open security issues, challenges and future research direction are also summarized in this review paper

Systematic Review on Security and Privacy Requirements in Edge Computing: State of the Art and Future Research Opportunities

Edge computing is a promising paradigm that enhances the capabilities of cloud computing. In order to continue patronizing the computing services, it is essential to conserve a good atmosphere free from all kinds of security and privacy breaches. The security and privacy issues associated with the edge computing environment have narrowed the overall acceptance of the technology as a reliable paradigm. Many researchers have reviewed security and privacy issues in edge computing, but not all have fully investigated the security and privacy requirements. Security and privacy requirements are the objectives that indicate the capabilities as well as functions a system performs in eliminating certain security and privacy vulnerabilities. The paper aims to substantially review the security and privacy requirements of the edge computing and the various technological methods employed by the techniques used in curbing the threats, with the aim of helping future researchers in identifying research opportunities. This paper investigate the current studies and highlights the following: (1) the classification of security and privacy requirements in edge computing, (2) the state of the art techniques deployed in curbing the security and privacy threats, (3) the trends of technological methods employed by the techniques, (4) the metrics used for evaluating the performance of the techniques, (5) the taxonomy of attacks affecting the edge network, and the corresponding technological trend employed in mitigating the attacks, and, (6) research opportunities for future researchers in the area of edge computing security and privacy

Vehicle Positioning System Based on Cubic Spline Interpolation Using Statistical Analysis

Vehicle monitoring and positioning become an essential factor in road management to secure and safeguard the vehicular network, which influences the coupling of reliability on the advanced automobile technologies. Furthermore, to predict the exact location of a car in a given time is challenging, because it depends on a myriad number of elements. Moreover, knowing the position of a vehicle helps passengers as well as increase vehicle network security. In this paper, we propose a mathematical model to predict the position of a car from a prepopulated dataset using spline interpolation. More interestingly, the prediction point of a mobile vehicle will be presented without any help from real-time monitoring devices. Simulation of vehicle positioning is done using bus trajectory data in a university environment in the University of Malaya to verify the feasibility and benefit of the proposed approach. Accordingly, a process of evaluation has been performed based on a plethora of components and existing works to show the effectiveness of the proposed method

An end-to-end bidirectional authentication system for pallet pooling management through blockchain internet of things (BIoT)

Pallet pooling is regarded as a sustainable and cost-effective measure for the industry, but it is challenging to advocate due to weak data and pallet authentication. In order to establish trust between end-users and pallet pooling services, the authors propose an end-to-end, bidirectional authentication system for transmitted data and pallets based on blockchain and internet-of-things (IoT) technologies. In addition, secure data authentication fosters the pallet authenticity in the whole supply chain network, which is achieved by considering the tag, location, and object-specific features. To evaluate the object-specific features, the scale invariant feature transform (SIFT) approach is adopted to match key-points and descriptors between two pallet images. According to the case study, it is found that the proposed system provides a low bandwidth blocking rate and a high probability of restoring complete data payloads. Consequently, positive influences on end-user satisfaction, quality of service, operational errors, and pallet traceability are achieved through the deployment of the proposed system

Navigating the IoT landscape: Unraveling forensics, security issues, applications, research challenges, and future

Given the exponential expansion of the internet, the possibilities of security attacks and cybercrimes have increased accordingly. However, poorly implemented security mechanisms in the Internet of Things (IoT) devices make them susceptible to cyberattacks, which can directly affect users. IoT forensics is thus needed for investigating and mitigating such attacks. While many works have examined IoT applications and challenges, only a few have focused on both the forensic and security issues in IoT. Therefore, this paper reviews forensic and security issues associated with IoT in different fields. Future prospects and challenges in IoT research and development are also highlighted. As demonstrated in the literature, most IoT devices are vulnerable to attacks due to a lack of standardized security measures. Unauthorized users could get access, compromise data, and even benefit from control of critical infrastructure. To fulfil the security-conscious needs of consumers, IoT can be used to develop a smart home system by designing a FLIP-based system that is highly scalable and adaptable. Utilizing a blockchain-based authentication mechanism with a multi-chain structure can provide additional security protection between different trust domains. Deep learning can be utilized to develop a network forensics framework with a high-performing system for detecting and tracking cyberattack incidents. Moreover, researchers should consider limiting the amount of data created and delivered when using big data to develop IoT-based smart systems. The findings of this review will stimulate academics to seek potential solutions for the identified issues, thereby advancing the IoT field.Comment: 77 pages, 5 figures, 5 table

An Empirical Assessment of the Use of Password Workarounds and the Cybersecurity Risk of Data Breaches

Passwords have been used for a long time to grant controlled access to classified spaces, electronics, networks, and more. However, the dramatic increase in user accounts over the past few decades has exposed the realization that technological measures alone cannot ensure a high level of IS security; this leaves the end-users holding a critical role in protecting their organization and personal information. The increased use of IS as a working tool for employees increases the number of accounts and passwords required. Despite being more aware of password entropy, users still often participate in deviant password behaviors, known as ‘password workarounds’ or ‘shadow security.’ These deviant password behaviors can put individuals and organizations at risk, resulting in data privacy. This study, engaging 303 IS users and 27 Subject Matter Experts (SMEs), focused on designing, developing, and empirically validating Password Workaround Cybersecurity Risk Taxonomy (PaWoCyRiT)—a model supported on perceived cybersecurity risks from Password Workarounds (PWWA) techniques and their usage frequency. A panel of SMEs validated the PWWA list from existing literature with recommended adjustments. Additionally, the perception level of the cybersecurity risks of each technique was measured from the 27 SMEs and 303 IS users. They also provided their self-reported and reported on coworkers\u27 engagement frequencies related to the PWWA list. Noteworthy, significant differences were found between SMEs and IS users in their aggregated perceptions of cybersecurity risks of the PWWAs, with IS users perceiving higher risks. Engagement patterns varied between the groups, as well as factors like years of IS experience, gender, and job level had significant differences among groups. The PaWoCyRiT was developed to provide insights into password-related risks and behaviors

Smart object-oriented access control: Distributed access control for the Internet of Things

Ensuring that data and devices are secure is of critical importance to information technology. While access control has held a key role in traditional computer security, its role in the evolving Internet of Things is less clear. In particular, the access control literature has suggested that new challenges, such as multi-user controls, fine-grained controls, and dynamic controls, prompt a foundational re-thinking of access control. We analyse these challenges, finding instead that the main foundational challenge posed by the Internet of Things involves decentralization: accurately describing access control in Internet of Things environments (e.g., the Smart Home) requires a new model of multiple, independent access control systems. To address this challenge, we propose a meta-model (i.e., a model of models): Smart Object-Oriented Access Control (SOOAC). This model is an extension of the XACML framework, built from principles relating to modularity adapted from object-oriented programming and design. SOOAC draws attention to a new class of problem involving the resolution of policy conflicts that emerge from the interaction of smart devices in the home. Contrary to traditional (local) policy conflicts, these global policy conflicts emerge when contradictory policies exist across multiple access control systems. We give a running example of a global policy conflict involving transitive access. To automatically avoid global policy conflicts before they arise, we extend SOOAC with a recursive algorithm through which devices communicate access requests before allowing or denying access themselves. This algorithm ensures that both individual devices and the collective smart home are secure. We implement SOOAC within a prototype smart home and assess its validity in terms of effectiveness and efficiency. Our analysis shows that SOOAC is successful at avoiding policy conflicts before they emerge, in real time. Finally, we explore improvements that can be made to SOOAC and suggest directions for future work