A survey of IoT security based on a layered architecture of sensing and data analysis

The Internet of Things (IoT) is leading today’s digital transformation. Relying on a combination of technologies, protocols, and devices such as wireless sensors and newly developed wearable and implanted sensors, IoT is changing every aspect of daily life, especially recent applications in digital healthcare. IoT incorporates various kinds of hardware, communication protocols, and services. This IoT diversity can be viewed as a double-edged sword that provides comfort to users but can lead also to a large number of security threats and attacks. In this survey paper, a new compacted and optimized architecture for IoT is proposed based on five layers. Likewise, we propose a new classification of security threats and attacks based on new IoT architecture. The IoT architecture involves a physical perception layer, a network and protocol layer, a transport layer, an application layer, and a data and cloud services layer. First, the physical sensing layer incorporates the basic hardware used by IoT. Second, we highlight the various network and protocol technologies employed by IoT, and review the security threats and solutions. Transport protocols are exhibited and the security threats against them are discussed while providing common solutions. Then, the application layer involves application protocols and lightweight encryption algorithms for IoT. Finally, in the data and cloud services layer, the main important security features of IoT cloud platforms are addressed, involving confidentiality, integrity, authorization, authentication, and encryption protocols. The paper is concluded by presenting the open research issues and future directions towards securing IoT, including the lack of standardized lightweight encryption algorithms, the use of machine-learning algorithms to enhance security and the related challenges, the use of Blockchain to address security challenges in IoT, and the implications of IoT deployment in 5G and beyond

Constant-size threshold attribute based SignCryption for cloud applications

In this paper, we propose a novel constant-size threshold attribute-based signcryption scheme for securely sharing data through public clouds. Our proposal has several advantages. First, it provides flexible cryptographic access control, while preserving users’ privacy as the identifying information for satisfying the access control policy are not revealed. Second, the proposed scheme guarantees both data origin authentication and anonymity thanks to the novel use of attribute based signcryption mechanism, while ensuring the unlinkability between the different access sessions. Third, the proposed signcryption scheme has efficient computation cost and constant communication overhead whatever the number of involved attributes. Finally, our scheme satisfies strong security properties in the random oracle model, namely Indistinguishability against the Adaptive Chosen Ciphertext Attacks (IND-CCA2), Existential Unforgeability against Chosen Message Attacks (EUFCMA) and privacy preservation of the attributes involved in the signcryption process, based on the assumption that the augmented Multi-Sequence of Exponents Decisional Diffie-Hellman (aMSE-DDH) problem and the Computational Diffie Hellman Assumption (CDH) are hard

PHOABE : securely outsourcing multi-authority attribute based encryption with policy hidden for cloud assisted IoT

Attribute based encryption (ABE) is an encrypted access control mechanism that ensures efficient data sharing among dynamic group of users. Nevertheless, this encryption technique presents two main drawbacks, namely high decryption cost and publicly shared access policies, thus leading to possible users’ privacy leakage. In this paper, we introduce PHOABE, a Policy-Hidden Outsourced ABE scheme. Our construction presents several advantages. First, it is a multi-attribute authority ABE scheme. Second, the expensive computations for the ABE decryption process is partially delegated to a Semi Trusted Cloud Server. Third, users’ privacy is protected thanks to a hidden access policy. Fourth, PHOABE is proven to be selectively secure, verifiable and policy privacy preserving under the random oracle model. Five, estimation of the processing overhead proves its feasibility in IoT constrained environments

PAbAC : a privacy preserving attribute based framework for fine grained access control in clouds

Several existing access control solutions mainly focus on preserving confidentiality of stored data from unauthorized access and the storage provider. Moreover, to keep sensitive user data confidential against untrusted servers, existing solutions usually apply cryptographic methods by disclosing data decryption keys only to authorized users. However, these solutions inevitably introduce a heavy computation overhead on the data owner for key distribution and data management when fine-grained data access control is desired. In addition, access control policies as well as users’ access patterns are also considered as sensitive information that should be protected from the cloud. In this paper, we propose PAbAC, a novel privacy preserving Attribute-based framework, that combines attribute-based encryption and attribute-based signature mechanisms for securely sharing outsourced data via the public cloud. Our proposal is multifold. First, it ensures fine-grained cryptographic access control enforced at the data owner’s side, while providing the desired expressiveness of the access control policies. Second, PAbAC preserves users’ privacy, while hiding any identifying information used to satisfy the access control. Third, PAbAC is proven to be highly scalable and efficient for sharing outsourced data in remote servers, at both the client and the cloud provider side

Towards securing machine learning models against membership inference attacks

From fraud detection to speech recognition, including price prediction, Machine Learning (ML) applications are manifold and can significantly improve different areas. Nevertheless, machine learning models are vulnerable and are exposed to different security and privacy attacks. Hence, these issues should be addressed while using ML models to preserve the security and privacy of the data used. There is a need to secure ML models, especially in the training phase to preserve the privacy of the training datasets and to minimise the information leakage. In this paper, we present an overview of ML threats and vulnerabilities, and we highlight current progress in the research works proposing defence techniques against ML security and privacy attacks. The relevant background for the different attacks occurring in both the training and testing/inferring phases is introduced before presenting a detailed overview of Membership Inference Attacks (MIA) and the related countermeasures. In this paper, we introduce a countermeasure against membership inference attacks (MIA) on Conventional Neural Networks (CNN) based on dropout and L2 regularization. Through experimental analysis, we demonstrate that this defence technique can mitigate the risks of MIA attacks while ensuring an acceptable accuracy of the model. Indeed, using CNN model training on two datasets CIFAR-10 and CIFAR-100, we empirically verify the ability of our defence strategy to decrease the impact of MIA on our model and we compare results of five different classifiers. Moreover, we present a solution to achieve a trade-off between the performance of the model and the mitigation of MIA attack

Nuclear Alpha-Particle Condensates

The $\alpha$-particle condensate in nuclei is a novel state described by a product state of $\alpha$'s, all with their c.o.m. in the lowest 0S orbit. We demonstrate that a typical $\alpha$-particle condensate is the Hoyle state ($E_{x}=7.65$ MeV, $0^+_2$ state in $^{12}$C), which plays a crucial role for the synthesis of $^{12}$C in the universe. The influence of antisymmentrization in the Hoyle state on the bosonic character of the $\alpha$ particle is discussed in detail. It is shown to be weak. The bosonic aspects in the Hoyle state, therefore, are predominant. It is conjectured that $\alpha$-particle condensate states also exist in heavier $n\alpha$ nuclei, like $^{16}$O, $^{20}$Ne, etc. For instance the $0^+_6$ state of $^{16}$O at $E_{x}=15.1$ MeV is identified from a theoretical analysis as being a strong candidate of a $4\alpha$ condensate. The calculated small width (34 keV) of $0^+_6$, consistent with data, lends credit to the existence of heavier Hoyle-analogue states. In non-self-conjugated nuclei such as $^{11}$B and $^{13}$C, we discuss candidates for the product states of clusters, composed of $\alpha$'s, triton's, and neutrons etc. The relationship of $\alpha$-particle condensation in finite nuclei to quartetting in symmetric nuclear matter is investigated with the help of an in-medium modified four-nucleon equation. A nonlinear order parameter equation for quartet condensation is derived and solved for $\alpha$ particle condensation in infinite nuclear matter. The strong qualitative difference with the pairing case is pointed out.Comment: 71 pages, 41 figures, review article, to be published in "Cluster in Nuclei (Lecture Notes in Physics) - Vol.2 -", ed. by C. Beck, (Springer-Verlag, Berlin, 2011

Effects of olive oil and its minor phenolic constituents on obesity-induced cardiac metabolic changes

<p>Abstract</p> <p>Background</p> <p>Olive oil and its minor constituents have been recommended as important dietary therapeutic interventions in preventive medicine. However, a question remains to be addressed: what are the effects of olive oil and its phenolic compounds on obesity-induced cardiac metabolic changes?</p> <p>Methods</p> <p>Male Wistar rats were divided into two groups (<it>n </it>= 24/group): (C) receiving standard-chow; (Ob) receiving hypercaloric-chow. After 21 days C and Ob groups were divided into four subgroups (<it>n </it>= 6/group):(C) standard-chow and saline; (C-Olive)standard-chow and olive-oil (3.0 g/kg.day); (C-Oleuropein)standard-chow and oleuropein (0.023 mg/kg/day); (C-Cafeic) standard-chow and cafeic-acid (2.66 mg/kg/day); (Ob)receiving hypercaloric-chow and saline;(Ob-Olive) hypercaloric-chow and olive-oil;(Ob-Oleuropein) hypercaloric-chow and oleuropein;(Ob-Cafeic) hypercaloric-chow and cafeic-acid. Treatments were given twice a week during 21 days.</p> <p>Results</p> <p>After 42 days, obesity was evidenced in Ob rats from enhanced body-weight, surface-area, and body-mass-index. Energy-expenditure, oxygen consumption(VO₂) and fat-oxidation were lower in Ob-group than in C. Despite no morphometric changes, Ob-Olive, Ob-Oleuropein and Ob-Cafeic groups had higher VO₂, fat-oxidation, myocardial beta-hydroxyacyl coenzyme-A dehydrogenase and lower respiratory-quotient than Ob. Citrate-synthase was highest in Ob-Olive group. Myocardial lipid-hydroperoxide(LH) and antioxidant enzymes were unaffected by olive-oil and its compounds in obesity condition, whereas LH was lower and total-antioxidant-substances were higher in C-Olive and C-Oleuropein than in C.</p> <p>Conclusions</p> <p>The present study demonstrated for the first time that olive-oil, oleuropein and cafeic-acid enhanced fat-oxidation and optimized cardiac energy metabolism in obesity conditions. Olive oil and its phenolic compounds improved myocardial oxidative stress in standard-fed conditions.</p

Measurements of iron concentration in kaolinites considering disorder broadening of EPR lines.

Only one part of the EPR lines of a kaolinite spectrum of structural Fe 3+ is clearly observable because of the overlapping of other lines with other spectra. For this reason, to determine the structural Fe 3+ concentration we used the line near g=9, although it is not intense. A standard is needed: powders of ZnS containing given concentrations of Mn 2+ (isoelectronic to Fe 3+) were used for this purpose. Using the simulations of the EPR spectra, the concentration (number of Fe 3+ per Al 3+) is determined; it is in the range 10 -5 to 10 -4 for our samples. Considering that the crystal-field disorder around Fe 3+ is responsible for line broadening, we looked for a possible effect of the broadening on the intensity of the EPR spectra. This effect is taken as a distribution of the parameter ?= B 2 2/ B 2 0. The influence of the parameter ? and its statistical distribution on the position, shape, width and intensity of the EPR line has been calculated using simulation procedures. The correction due to the disorder on the calculated concentration is of the same order of magnitude as the precision measurement. This method can be applied for other kaolinites by comparing the area of their g=9 lines with known ones