A Survey on Blockchain-Based IoMT Systems: Towards Scalability

peer reviewedRecently, blockchain-based Internet of Medical Things (IoMT) has started to receive more attention in the healthcare domain as it not only improves the care quality using real-time and continuous monitoring but also minimizes the cost of care. However, there is a clear trend to include many entities in IoMT systems, such as IoMT sensor nodes, IoT wearable medical devices, patients, healthcare centers, and insurance companies. This makes it challenging to design a blockchain framework for these systems where scalability is a most critical factor in blockchain technology. Motivated by this observation, in this survey we review the state-of-the-art in blockchain-IoMT systems. Comparison and analysis of such systems prove that there is a substantial gap, which is the negligence of scalability. In this survey, we discuss several approaches proposed in the literature to improve the scalability of blockchain technology, and thus overcoming the above mentioned research gap. These approaches include on-chain and off-chain techniques, based on which we give recommendations and directions to facilitate designing a scalable blockchain-based IoMT system. We also recommended that a designer considers the well-known trilemma along with the various dimensions of a scalable blockchain system to prevent sacrificing security and decentralization as well. Moreover, we raise several research questions regarding benchmarking; addressing these questions could help designers determining the existing bottlenecks, leading to a scalable blockchain

D5.2 - Data Management Plan (DMP)

The purpose of the DMP is to provide an analysis of the main elements of the data management policy that will be used by the applications with regard to all the datasets that will be generated by the project. The DMP should ensure that most important aspects regarding data management, like metadata generation, data preservation, and responsibilities, are identified in an early stage of the project. This ensures that data is well-managed during the project and also beyond the end of the project. Data which will be generated in the course of the project include output data of random number generators, PUF output data, measurement data, and source code. As the DMP is an incremental tool, it will be adapted in the course of the project

D2.1 - Report on Selected TRNG and PUF Principles

This report represents the final version of Deliverable 2.1 of the HECTOR work package WP2. It is a result of discussions and work on Task 2.1 of all HECTOR partners involved in WP2. The aim of the Deliverable 2.1 is to select principles of random number generators (RNGs) and physical unclonable functions (PUFs) that fulfill strict technology, design and security criteria. For example, the selected RNGs must be suitable for implementation in logic devices according to the German AIS20/31 standard. Correspondingly, the selected PUFs must be suitable for applying similar security approach. A standard PUF evaluation approach does not exist, yet, but it should be proposed in the framework of the project. Selected RNGs and PUFs should be then thoroughly evaluated from the point of view of security and the most suitable principles should be implemented in logic devices, such as Field Programmable Logic Arrays (FPGAs) and Application Specific Integrated Circuits (ASICs) during the next phases of the project

Security of distance-bounding: A survey

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI linkDistance-bounding protocols allow a verifier to both authenticate a prover and evaluate whether the latter is located in his vicinity. These protocols are of particular interest in contactless systems, e.g., electronic payment or access control systems, which are vulnerable to distance-based frauds. This survey analyzes and compares in a unified manner many existing distance-bounding protocols with respect to several key security and complexity features

Entanglement-based Mutual Quantum Distance Bounding

Mutual distance bounding (DB) protocols enable two distrusting parties to establish an upper-bound on the distance between them. DB has been so far mainly considered in classical settings and for classical applications, especially in wireless settings, e.g., to prevent relay attacks in wireless authentication and access control systems, and for secure localization. While recent research has started exploring DB in quantum settings, all current quantum DB (QDB) protocols employ quantum-bits (qubits) in the rapid-bit exchange phase and only perform one-way DB. Specifically, the latest QDB proposals improve the initial ones by adding resistance to photon number splitting attacks, and improving round complexity by avoiding communication from the prover to the verifier in the last authentication phase. This paper presents two new QDB protocols that differ from previously proposed protocols in several aspects: (1) to the best of our knowledge, our protocols are the first to utilize entangled qubits in the rapid-bit exchange phase, previous protocols relied on sending individual qubits, not those from a pair of entangled ones; (2) our second protocol can perform mutual QDB between two parties in one execution, previous QDB protocols had to be executed twice with the prover and verifier roles reversed in each execution; (3) the use of entangled qubits in our protocols thwarts attacks that previous QDB protocols were prone to; (4) and finally, our protocols also eliminate the need for communication from the prover to the verifier in the last authentication phase, which was necessary in some previous QDB protocols. Our work paves the way for several interesting research directions which we briefly discuss in detail in the appendix.Comment: 23 page

Towards Quantum Distance Bounding Protocols

© Springer International Publishing AG 2017. Distance Bounding (DB) is a security technique through which it is possible to determine an upper-bound on the physical distance between two parties (denoted as verifier and prover). These protocols typically combine physical properties of the communication channel with cryptographic challenge-response schemes. A key challenge to design secure DB protocols is to keep the time required by the prover to process the challenges and compute and transmit the responses as low as possible. For this purpose, different implementation approaches have been proposed in the literature, both in the analog as in the digital domain. Moreover, different types of communication channels have been proposed as well to find an optimal balance between security and implementation feasibility. This paper is the first to evaluate the feasibility of implementing DB protocols using quantum communication. Unlike conventional DB protocols, which execute the rapid-bit exchanges over a Radio Frequency (RF) or ultrasound channel, our quantum-based DB protocol makes use of quantum-bit (qubit) transmissions and detection during the challenge-response phase. Our protocol offers security against distance fraud, mafia fraud and terrorist attacks. We also discuss how to protect against some specific implementation attacks, such as double read-out and quantum attacks, and give an overview of the main implementation challenges as well as possible limitations.status: publishe

SOTERIA D5.4 HARDWARE-BASED PRIVACY

In the framework of the privacy-preserving concerns of the SOTERIA project, and concerning future Machine Learning (ML) implementations, we explore hardware-based privacy computations for secure and private data storage and ML computations. Current supported hardware on cloud and consumer devices most notably include Trusted Execution Environments (TEEs), which have emerged as a critical technology in modern computing, offering hardware-enforced security measures to protect sensitive data and computations from potential threats. This report presents a comprehensive review of TEEs, focusing on the advantages, vulnerabilities, and implementations of prominent TEE technologies, and the state-of-the-art on TEE-based methods for privacy-preserving sensitive data storage and ML operations. Finally, we provide a discussion on these commercial implementations, methods, possible implementations for improving the security and privacy on the SOTERIA platform for current and future applications, and our conclusion

Poster: Securing IoT through Coverage-Bounding Wireless Communication with Visible Light

We propose a concept of coverage-bounding and 'visual' wireless communication-HODOR 1-to secure the Internet of Things (IoT). Coverage-bounding means the communication coverage is controlled accurately in 3-dimensions. 'Visual' implies that the communication coverage and process are visible to user, representing an important and user-friendly side-channel for se-curing IoT. HODOR can provide secure wireless communication both psychologically (visible to users) and technically (nodes only communicate with each other within their delimited coverage). It can benefit IoT applications for secure wireless communications, especially those that demand secure interactions in proximity. Green Open Access added to TU Delft Institutional Repository ‘You share, we take care!’ – Taverne project https://www.openaccess.nl/en/you-share-we-take-care Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.Embedded and Networked System

Poster: Securing IoT through Coverage-Bounding Wireless Communication with Visible Light

We propose a concept of coverage-bounding and 'visual' wireless communication-HODOR 1-to secure the Internet of Things (IoT). Coverage-bounding means the communication coverage is controlled accurately in 3-dimensions. 'Visual' implies that the communication coverage and process are visible to user, representing an important and user-friendly side-channel for se-curing IoT. HODOR can provide secure wireless communication both psychologically (visible to users) and technically (nodes only communicate with each other within their delimited coverage). It can benefit IoT applications for secure wireless communications, especially those that demand secure interactions in proximity. </p

A secure low-delay protocol for wireless body area networks

The development of Wireless Body Area Networks (WBANs) for wireless sensing and monitoring of a person's vital functions, is an enabler in providing better personal health care whilst enhancing the quality of life. Acritical factor in the acceptance of WBANs is providing appropriate security and privacy protection of the wireless communication. This paper first describes a general health care platform and pinpoints the security challenges and requirements. Further it proposes and analyzes the CICADA-S protocol, a secure cross-layer protocol for WBANs. It is an extension of CICADA, which is a cross-layer protocol that handles both medium access and the routing of data in WBANs. The CICADA-S protocol is the first integrated solution that copes with threats that occur in this mobile medical monitoring scenario. It is shown that the integration of key management and secure, privacy preserving Communication techniques within the CICADA-S protocol has low impact on the power consumption and throughput