221 research outputs found
Blockchain and Internet of Things in smart cities and drug supply management: Open issues, opportunities, and future directions
Blockchain-based drug supply management (DSM) requires powerful security and privacy procedures for high-level authentication, interoperability, and medical record sharing. Researchers have shown a surprising interest in Internet of Things (IoT)-based smart cities in recent years. By providing a variety of intelligent applications, such as intelligent transportation, industry 4.0, and smart financing, smart cities (SC) can improve the quality of life for their residents. Blockchain technology (BCT) can allow SC to offer a higher standard of security by keeping track of transactions in an immutable, secure, decentralized, and transparent distributed ledger. The goal of this study is to systematically explore the current state of research surrounding cutting-edge technologies, particularly the deployment of BCT and the IoT in DSM and SC. In this study, the defined keywords “blockchain”, “IoT”, drug supply management”, “healthcare”, and “smart cities” as well as their variations were used to conduct a systematic search of all relevant research articles that were collected from several databases such as Science Direct, JStor, Taylor & Francis, Sage, Emerald insight, IEEE, INFORMS, MDPI, ACM, Web of Science, and Google Scholar. The final collection of papers on the use of BCT and IoT in DSM and SC is organized into three categories. The first category contains articles about the development and design of DSM and SC applications that incorporate BCT and IoT, such as new architecture, system designs, frameworks, models, and algorithms. Studies that investigated the use of BCT and IoT in the DSM and SC make up the second category of research. The third category is comprised of review articles regarding the incorporation of BCT and IoT into DSM and SC-based applications. Furthermore, this paper identifies various motives for using BCT and IoT in DSM and SC, as well as open problems and makes recommendations. The current study contributes to the existing body of knowledge by offering a complete review of potential alternatives and finding areas where further research is needed. As a consequence of this, researchers are presented with intriguing potential to further create decentralized DSM and SC apps as a result of a comprehensive discussion of the relevance of BCT and its implementation.© 2023 The Author(s). Published by Elsevier B.V. This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/).fi=vertaisarvioitu|en=peerReviewed
Recommended from our members
Cyberattacks and security of cloud computing: a complete guideline
Cloud computing is an innovative technique that offers shared resources for stock cache and server management. Cloud computing saves time and monitoring costs for any organization and turns technological solutions for large-scale systems into server-to-service frameworks. However, just like any other technology, cloud computing opens up many forms of security threats and problems. In this work, we focus on discussing different cloud models and cloud services, respectively. Next, we discuss the security trends in the cloud models. Taking these security trends into account, we move to security problems, including data breaches, data confidentiality, data access controllability, authentication, inadequate diligence, phishing, key exposure, auditing, privacy preservability, and cloud-assisted IoT applications. We then propose security attacks and countermeasures specifically for the different cloud models based on the security trends and problems. In the end, we pinpoint some of the futuristic directions and implications relevant to the security of cloud models. The future directions will help researchers in academia and industry work toward cloud computing security
Iris: Dynamic Privacy Preserving Search in Structured Peer-to-Peer Networks
In structured peer-to-peer networks like Chord, the users manage to retrieve
the information they seek by asking other nodes from the network for the
information they search. Revealing to other nodes the search target makes
structured peer-to-peer networks unsuitable for applications that demand query
privacy, i.e., hiding the query's target from the intermediate nodes that take
part in the routing. This paper studies the query privacy of structured P2P
networks, particularly the Chord protocol.
We initially observe that already proposed privacy notions, such as
-anonymity, do not allow us to reason about the privacy guarantees of a
query in Chord in the presence of a strong adversary. Thus, we introduce a new
privacy notion that we call -privacy that allows us to
evaluate the privacy guarantees even when considering the worst-case scenario
regarding an attacker's background knowledge.
We then design Iris, an algorithm that allows a requester to conceal the
target of a query in Chord from the intermediate nodes that take part in the
routing. Iris achieves that by having the requester query for other than the
target addresses so as reaching each one of them allows the requester to get
closer to the target address.
We perform a security analysis of the proposed algorithm, based on the
privacy notion we introduce. We also develop a prototype of the algorithm in
Matlab and evaluate its performance. Our analysis proves Iris to be
-private while introducing a modest performance overhead
Themelio: a new blockchain paradigm
Public blockchains hold great promise in building protocols that uphold security properties like transparency and consistency based on internal, incentivized cryptoeconomic mechanisms rather than preexisting trust in participants. Yet user-facing blockchain applications beyond "internal" immediate derivatives of blockchain incentive models, like cryptocurrency and decentralized finance, have not achieved widespread development or adoption.
We propose that this is not primarily due to "engineering" problems in aspects such as scaling, but due to an overall lack of transferable endogenous trust—the twofold ability to uphold strong, internally-generated security guarantees and to translate them into application-level security. Yet we argue that blockchains, due to their foundation on game-theoretic incentive models rather than trusted authorities, are uniquely suited for building transferable endogenous trust, despite their current deficiencies. We then engage in a survey of existing public blockchains and the difficulties and crises that they have faced, noting that in almost every case, problems such as governance disputes and ecosystem inflexibility stem from a lack of transferable endogenous trust.
Next, we introduce Themelio, a decentralized, public blockchain designed to support a new blockchain paradigm focused on transferable endogenous trust. Here, the blockchain is used as a low-level, stable, and simple root of trust, capable of sharing this trust with applications through scalable light clients. This contrasts with current blockchains, which are either applications or application execution platforms. We present evidence that this new paradigm is crucial to achieving flexible deployment of blockchain-based trust.
We then describe the Themelio blockchain in detail, focusing on three areas key to its overall theme of transferable, strong endogenous trust: a traditional yet enhanced UTXO model with features that allow powerful programmability and light-client composability, a novel proof-of-stake system with unique cryptoeconomic guarantees against collusion, and Themelio's unique cryptocurrency "mel", which achieves stablecoin-like low volatility without sacrificing decentralization and security.
Finally, we explore the wide variety of novel, partly off-chain applications enabled by Themelio's decoupled blockchain paradigm. This includes Astrape, a privacy-protecting off-chain micropayment network, Bitforest, a blockchain-based PKI that combines blockchain-backed security guarantees with the performance and administration benefits of traditional systems, as well as sketches of further applications
Jornadas Nacionales de Investigación en Ciberseguridad: actas de las VIII Jornadas Nacionales de Investigación en ciberseguridad: Vigo, 21 a 23 de junio de 2023
Jornadas Nacionales de Investigación en Ciberseguridad (8ª. 2023. Vigo)atlanTTicAMTEGA: Axencia para a modernización tecnolóxica de GaliciaINCIBE: Instituto Nacional de Cibersegurida
Content Censorship in the InterPlanetary File System
The InterPlanetary File System (IPFS) is currently the largest decentralized
storage solution in operation, with thousands of active participants and
millions of daily content transfers. IPFS is used as remote data storage for
numerous blockchain-based smart contracts, Non-Fungible Tokens (NFT), and
decentralized applications.
We present a content censorship attack that can be executed with minimal
effort and cost, and that prevents the retrieval of any chosen content in the
IPFS network. The attack exploits a conceptual issue in a core component of
IPFS, the Kademlia Distributed Hash Table (DHT), which is used to resolve
content IDs to peer addresses. We provide efficient detection and mitigation
mechanisms for this vulnerability. Our mechanisms achieve a 99.6\% detection
rate and mitigate 100\% of the detected attacks with minimal signaling and
computational overhead. We followed responsible disclosure procedures, and our
countermeasures are scheduled for deployment in the future versions of IPFS.Comment: 15 pages (including references), 15 figures. Accepted to be published
at the Network and Distributed System Security (NDSS) Symposium 202
Improving Data Availability in Decentralized Storage Systems
PhD thesis in Information technologyPreserving knowledge for future generations has been a primary concern for humanity since the dawn of civilization. State-of-the-art methods have included stone carvings, papyrus scrolls, and paper books. With each advance in technology, it has become easier to record knowledge. In the current digital age, humanity may preserve enormous amounts of knowledge on hard drives with the click of a button.
The aggregation of several hard drives into a computer forms the basis for a storage system. Traditionally, large storage systems have comprised many distinct computers operated by a single administrative entity.
With the rise in popularity of blockchain and cryptocurrencies, a new type of storage system has emerged. This new type of storage system is fully decentralized and comprises a network of untrusted peers cooperating to act as a single storage system. During upload, files are split into chunks and distributed across a network of peers. These storage systems encode files using Merkle trees, a hierarchical data structure that provides integrity verification and lookup services.
While decentralized storage systems are popular and have a user base in the millions, many technical aspects are still in their infancy. As such, they have yet to prove themselves viable alternatives to traditional centralized storage systems.
In this thesis, we contribute to the technical aspects of decentralized storage systems by proposing novel techniques and protocols. We make significant contributions with the design of three practical protocols that each improve data availability in different ways.
Our first contribution is Snarl and entangled Merkle trees. Entangled Merkle trees are resilient data structures that decrease the impact hierarchical dependencies have on data availability. Whenever a chunk loss is detected, Snarl uses the entangled Merkle trees to find parity chunks to repair the lost chunk. Our results show that by encoding data as an entangled Merkle tree and using Snarl’s repair algorithm, the storage utilization in current systems could be improved by over five times, with improved data availability.
Second, we propose SNIPS, a protocol that efficiently synchronizes the data stored on peers to ensure that all peers have the same data. We designed a Proof of Storage-like construction using a Minimal Perfect Hash Function. Each peer uses the PoS-like construction to create a storage proof for those chunks it wants to synchronize. Peers exchange storage proofs and use them to efficiently determine which chunks they are missing. The evaluation shows that by using SNIPS, the amount of synchronization data can be reduced by three orders of magnitude in current systems.
Lastly, in our third contribution, we propose SUP, a protocol that uses cryptographic proofs to check if a chunk is already stored in the network before doing wasteful uploads. We show that SUP may reduce the amount of data transferred by up to 94 % in current systems.
The protocols may be deployed independently or in combination to create a decentralized storage system that is more robust to major outages. Each of the protocols has been implemented and evaluated on a large cluster of 1,000 peers
Cost-effective Data Upkeep in Decentralized Storage Systems
Decentralized storage systems split files into chunks and distribute the chunks across a network of peers. Each peer may only store a few chunks per file. To later reconstruct a file, all its chunks must be downloaded. Chunks can disappear from the network at any time as peers are untrusted and may misbehave, fail or leave the network. Current systems lack a secure and cost-effective mechanism for discovering missing chunks. Hence, a client must periodically re-upload all of the file's chunks to keep it available, even if only a few are missing from the network. Needlessly re-uploading chunks waste significant amounts of the network's bandwidth, takes additional time to complete, and forces the client to pay for unwarranted resources.
To address the above problem, we propose SUP, a novel protocol that utilizes proof-of-storage queries to detect missing chunks. We have evaluated SUP on a large cluster of 1000 peers running a recent version of Ethereum Swarm. Our contributions include the design and implementation of SUP and a study of Swarm's redundancy characteristics. Our evaluation shows that SUP significantly improves bandwidth utilization and time spent on data upkeep compared to the existing solution. In common scenarios, SUP can save as much as 94 % bandwidth and reduce the time spent re-uploading by up to 82 %. While dependent on the storage network's bandwidth pricing policy, using SUP may also reduce the overall monetary costs of data upkeep.acceptedVersio
Blockchain Nodes are Heterogeneous and Your P2P Overlay Should be Too: PODS
At the core of each blockchain system, parties communicate through a
peer-to-peer (P2P) overlay. Unfortunately, recent evidence suggests these P2P
overlays represent a significant bottleneck for transaction throughput and
scalability. Furthermore, they enable a number of attacks. We argue that these
performance and security problems arise because current P2P overlays cannot
fully capture the complexity of a blockchain system as they do not offer
flexibility to accommodate node heterogeneity. We propose a novel approach to
address these issues: P2P Overlay Domains with Sovereignty (PODS), which allows
nodes in a single overlay to belong to multiple heterogeneous groups, called
domains. Each domain features its own set of protocols, tailored to the
characteristics and needs of its nodes. To demonstrate the effectiveness of
PODS, we design and implement two novel node discovery protocols: FedKad and
SovKad. Using a custom simulator, we show that node discovery using PODS
(SovKad) architecture outperforms both single overlay (Kademlia) and
multi-overlay (FedKad) architectures in terms of hop count and success rate,
though FedKad requires slightly less bandwidth
- …