A Lightweight Security Protocol for NFC-based Mobile Payments

© 2016 Published by Elsevier B.V. In this work, we describe a security solution that can be used to securely establish mobile payment transactions over the Near-Field Communication (NFC) radio interface. The proposed solution is very lightweight one; it uses symmetric cryptographic primitives on devices having memory and CPU resources limitations. We show that our approach maintains the security of NFC communications and we further demonstrate that our solution is simple, scalable, cost-effective, and incurs minimal computational processing overheads

An improved privacy solution for the smart grid

Recent advances in hardware, software, computing, and communication technologies have enabled the design and deployment of a smarter, interactive, dynamic 21st cen-tury electrical grid, also known as the smart grid. The bi-directional ow of information between the customer premise and the utility provider opens up several privacy challenges that must beaddressed. We describe possi-ble man-in-the-middle attacks against one (proposed by Marmol et al.) of the recently propsed privacy solu-tions for the smart grid environment. To address this vulnerability, we propose an improved privacy solution. We demonstrate the robustness and efficiency of our so-lution through a detailed security analysis

Design and performance analysis of a virtual ring architecture for smart grid privacy

The traditional electrical grid has become inadequate in meeting the needs and demands of electricity users in the 21st century. To address this challenge, smart grid technologies have emerged, which promise more efficient production and usage of electricity through bidirectional interactions between the consumer and the utility provider. This two-way interaction allows electricity to be generated in real time based on the actual needs of the consumers. However, this two-way interaction also raises concerns related to the privacy and the personal habits of consumers. To protect sensitive energy usage information of consumers, we propose a virtual ring architecture that can provide a privacy protection solution using symmetric or asymmetric encryptions of customers\u27 requests belonging to the same group. We compare the efficiency of our proposed approach with two recently proposed smart grid privacy approaches namely, one based on blind signature and other based on a homomorphic encryption solution. We show that our approach maintains the privacy of customers while reducing the performance overhead of cryptographic computations by more than a factor of 2 when compared with the aforementioned past solutions. We further demonstrate that our smart grid privacy solution is simple, scalable, cost-effective, and incurs minimal computational processing overheads. © 2013 IEEE

A novel cryptography based privacy preserving solution for urban mobility and traffic control

© 2015 IEEE. Due to the proliferation of high-speed mobile networks and powerful smartphones featuring on-board GPS and multi-modal sensors devices, urban sensing has recently emerged as a novel computing paradigm for enabling future smart cities. However, users\u27 privacy protection represents currently one of the biggest challenges which can significantly impact the engagement of people and the widespread adoption of such applications. In this paper, we propose a novel trajectory privacy-preserving architecture for urban sensing and traffic control applications. We show that our approach maintains the privacy of users while reducing the performance overhead of cryptographic computations. We further demonstrate that our solution is simple, scalable, and is robust against external attacks in maintaining data privacy and confidentiality of the users

Dynamic and efficient brokering of energy suppliers and consumers in a smart grid

© 2016 IEEE. One of the fundamental tasks of a smart-grid is achieving an optimal balance between the supplied and consumed energy in the grid. The optimal balance avoids underutilisation as well as overloading of energy sources; minimises the cost of energy transportation and storage; and reduces the price of energy. In this paper we propose a stochastic model for associating energy-suppliers with consumers having matching characteristics in a probabilistic sense. The optimal number of users a particular supplier can serve is described in terms of the probability density functions of its energy production and the demand of consumers. We shall demonstrate both analytically and numerically that an optimal balance can be achieved when the supplied energy, the demand for energy, and the number of users associated with a particular supplier, all, have a normally distributed probability distribution function (pdf)

Extending TLS with KMIP protocol for cloud computing

© 2016 IEEE. Any information system using encryption tends to have its own key management infrastructure. In practice, we find a separate key management systems dedicated to application encryption, or database encryption, or file encryption etc. This emergent needs to several key management systems and multiple cryptographic algorithms are resolved by the new Key Management Interoperability Protocol (KMIP). This work specifies how the Key Management Interoperability Protocol (KMIP) can be included in Transport Layer Security (TLS) protocol in order to provide additional security features, flexibility, interoperability and authentication specially in distributed systems like Cloud Computing. Till now, authentication in TLS is limited to digital certificate and Kerberos. In this paper, we use the Key Management Interoperability Protocol to make an additional authentication option for TLS and we reduce handshake latency to 0-RTT for repeated handshakes and 1-RTT for full handshakes. We specify also the KMIP-TLS extension and its formal validation with AVISPA tool

DocCert: Nostrification, Document Verification and Authenticity Blockchain Solution

Many institutions and organizations require nostrification and verification of qualification as a prerequisite for hiring. The idea is to recognize the authenticity of a copy or digital document issued by an institution in a foreign country and detect forgeries. Certificates, financial records, health records, official papers and others are often required to be attested from multiple entities in distinct locations. However, in this digital era where most applications happen online, and document copies are uploaded, the traditional signature and seal methods are obsolete. In a matter of minutes and with a simple photo editor, a certificate or document copy may be plagiarized or forged. Blockchain technology offers a decentralized approach to record and verify transactions without the need for huge infrastructure investment. In this paper, we propose a blockchain based nostrification system, where awarding institutions generate a digital certificate, store in a public but permissioned blockchain, where students and other stakeholders may verify. We present a thorough discussion and formal evaluation of the proposed system.Comment: The Fifth International Conference on Blockchain Computing and Applications (BCCA 2023), held in Conjunction with Kuwait Fintech and Blockchain Summit 2023, 24,26 Oct 2023, Kuwait City, Kuwai

Techniques, Taxonomy, and Challenges of Privacy Protection in the Smart Grid

As the ease with which any data are collected and transmitted increases, more privacy concerns arise leading to an increasing need to protect and preserve it. Much of the recent high-profile coverage of data mishandling and public mis- leadings about various aspects of privacy exasperates the severity. The Smart Grid (SG) is no exception with its key characteristics aimed at supporting bi-directional information flow between the consumer of electricity and the utility provider. What makes the SG privacy even more challenging and intriguing is the fact that the very success of the initiative depends on the expanded data generation, sharing, and pro- cessing. In particular, the deployment of smart meters whereby energy consumption information can easily be collected leads to major public hesitations about the tech- nology. Thus, to successfully transition from the traditional Power Grid to the SG of the future, public concerns about their privacy must be explicitly addressed and fears must be allayed. Along these lines, this chapter introduces some of the privacy issues and problems in the domain of the SG, develops a unique taxonomy of some of the recently proposed privacy protecting solutions as well as some if the future privacy challenges that must be addressed in the future.Peer Reviewedhttp://deepblue.lib.umich.edu/bitstream/2027.42/111644/1/Uludag2015SG-privacy_book-chapter.pd

Building Smart Contracts for COVID19 Pandemic Over the Blockchain Emerging Technologies

This research aims to improve and integrate hospital’s healthcare applications with Blockchain and smart contracts technologies to provide huge and secure storage that is immutable. This application will be able to record the patients’ medical history like appointments, medical tests, etc.; As a matter of fact, these resources should be recorded to be securely retrieved, modified, and stored by an authorized party only. The utilization of these critical resources will increase the validity for participants with a high level of liability, where building a scheduling appointment system using the blockchain-based on a smart contract will enhance patients’ privacy and provides a safer method to keep data away from altering through an unofficial use. COVID-19 Coronavirus is a global disaster that requires a reliable and stable network-based application with a giant and secure platform to hold a huge number of people and settings. The simulated outcomes of the developed system were significant and extremely noteworthy according to immutability and correctness