Towards Secure Network Computing Services for Lightweight Clients Using Blockchain

The emerging network computing technologies have significantly extended the abilities of the resource-constrained IoT devices through the network-based service sharing techniques. However, such a flexible and scalable service provisioning paradigm brings increased security risks to terminals due to the untrustworthy exogenous service codes loading from the open network. Many existing security approaches are unsuitable for IoT environments due to the high difficulty of maintenance or the dependencies upon extra resources like specific hardware. Fortunately, the rise of blockchain technology has facilitated the development of service sharing methods and, at the same time, it appears a viable solution to numerous security problems. In this paper, we propose a novel blockchain-based secure service provisioning mechanism for protecting lightweight clients from insecure services in network computing scenarios. We introduce the blockchain to maintain all the validity states of the off-chain services and edge service providers for the IoT terminals to help them get rid of untrusted or discarded services through provider identification and service verification. In addition, we take advantage of smart contracts which can be triggered by the lightweight clients to help them check the validities of service providers and service codes according to the on-chain transactions, thereby reducing the direct overhead on the IoT devices. Moreover, the adoptions of the consortium blockchain and the proof of authority consensus mechanism also help to achieve a high throughput. The theoretical security analysis and evaluation results show that our approach helps the lightweight clients get rid of untrusted edge service providers and insecure services effectively with acceptable latency and affordable costs.

Download Full-text

Privacy-Protection Scheme of a Credit-Investigation System Based on Blockchain

Entropy ◽

10.3390/e23121657 ◽

2021 ◽

Vol 23 (12) ◽

pp. 1657

Author(s):

Ke Yuan ◽

Yingjie Yan ◽

Tong Xiao ◽

Wenchao Zhang ◽

Sufang Zhou ◽

...

Keyword(s):

Privacy Protection ◽

Service Providers ◽

Security Analysis ◽

Cloud Service ◽

Identity Authentication ◽

Protection Scheme ◽

Blockchain Technology ◽

Searchable Symmetric Encryption ◽

Verification Time ◽

Identity Privacy

In response to the rapid growth of credit-investigation data, data redundancy among credit-investigation agencies, privacy leakages of credit-investigation data subjects, and data security risks have been reported. This study proposes a privacy-protection scheme for a credit-investigation system based on blockchain technology, which realizes the secure sharing of credit-investigation data among multiple entities such as credit-investigation users, credit-investigation agencies, and cloud service providers. This scheme is based on blockchain technology to solve the problem of islanding of credit-investigation data and is based on zero-knowledge-proof technology, which works by submitting a proof to the smart contract to achieve anonymous identity authentication, ensuring that the identity privacy of credit-investigation users is not disclosed; this scheme is also based on searchable-symmetric-encryption technology to realize the retrieval of the ciphertext of the credit-investigation data. A security analysis showed that this scheme guarantees the confidentiality, the availability, the tamper-proofability, and the ciphertext searchability of credit-investigation data, as well as the fairness and anonymity of identity authentication in the credit-investigation data query. An efficiency analysis showed that, compared with similar identity-authentication schemes, the proof key of this scheme is smaller, and the verification time is shorter. Compared with similar ciphertext-retrieval schemes, the time for this scheme to generate indexes and trapdoors and return search results is significantly shorter.

Download Full-text

Study of the Security Risks and Measures in Cloud Computing

IMS Manthan (The Journal of Innovations) ◽

10.18701/imsmanthan.v9i1and2.5159 ◽

2015 ◽

Vol 9 (1and2) ◽

Author(s):

Akshay Mehta ◽

Dr. Sanjay Kumar Dubey

Keyword(s):

Cloud Computing ◽

Service Providers ◽

Security And Privacy ◽

It Industry ◽

Security Risks ◽

Resource Pooling ◽

Computing Services ◽

Huge Data ◽

Cloud Computing Services ◽

The Cost

Cloud Computing has emerged very fast in the IT industry. It is based on virtualization technology and provides internet based computing which provides resource pooling, services sharing and on demand access. Its evolution has reduced must of the cost of enterprises as well as of the other industries working with a huge data. With cloud computing emerging at a much faster rate, the situation may soon be changed. But, despite the fact that it provides a number of facilities to the service providers, it has quite a number of issues related to it. The most important issue related to cloud is its security. From the consumer’s perspective, cloud computing security concerns, especially data security and privacy protection issues, remain the primary inhibitor of cloud computing services. Security is the reason that hinders many enterprises to enter into cloud. So this paper gives a detail of the security risks related to cloud and the possible measures which the enterprises need to ensure before entering Cloud Computing.

Download Full-text

Rogue Device Mitigation in the Internet of Things: A Blockchain-Based Access Control Approach

Mobile Information Systems ◽

10.1155/2020/8831976 ◽

2020 ◽

Vol 2020 ◽

pp. 1-13

Author(s):

Uzair Javaid ◽

Furqan Jameel ◽

Umair Javaid ◽

Muhammad Toaha Raza Khan ◽

Riku Jäntti

Keyword(s):

Internet Of Things ◽

Access Control ◽

Security Analysis ◽

Superior Performance ◽

Control Approach ◽

Everyday Objects ◽

Blockchain Technology ◽

Control Scheme ◽

Technological Developments ◽

Iot Devices

Recent technological developments in wireless and sensor networks have led to a paradigm shift in interacting with everyday objects, which nurtured the concept of Internet of Things (IoT). However, low-powered nature of IoT devices generally becomes a hindrance that makes them vulnerable to a wide array of attacks. Among these, the emergence of rogue devices is quickly becoming a major security concern. Rogue devices are malicious in nature which typically execute different kinds of cyberattacks by exploiting the weaknesses of access control schemes in IoT environments. Therefore, access control is one of the crucial aspects of an IoT ecosystem that defines an entry point for a device or a user in the network. This paper investigates this issue and presents an access control scheme by integrating an IoT network with blockchain technology, thereby arguing to replace the traditional centralized IoT-server architecture with a decentralized one. The blockchain is used with smart contracts to establish a secure platform for device registration. Due to this reason, the IoT devices are first required to register themselves and access the network via contracts thereafter. Moreover, the contracts host a device registry, the access control list, to grant or deny access to devices. This allows the proposed scheme to authorize registered devices only and block unregistered ones, which facilitates the mitigation of rogue devices. To demonstrate the feasibility and improvements of the proposed scheme, security analysis along with in-depth performance evaluation are conducted, where the obtained results indicate its applicability. A case study is also formulated with a comparative analysis that confirms the superior performance of the proposed scheme for low-powered IoT systems.

Download Full-text

Scalable and Secure Internet of Things Connectivity

Electronics ◽

10.3390/electronics8070752 ◽

2019 ◽

Vol 8 (7) ◽

pp. 752 ◽

Cited By ~ 6

Author(s):

Ye-Jin Choi ◽

Hee-Jung Kang ◽

Il-Gu Lee

Keyword(s):

Internet Of Things ◽

Industrial Revolution ◽

Human Life ◽

Security Threats ◽

Multiple Objects ◽

Security Risks ◽

Blockchain Technology ◽

Iot Devices ◽

The Internet Of Things ◽

User Intervention

The Internet of things (IoT) technology, which is currently considered the new growth engine of the fourth industrial revolution, affects our daily life and has been applied to various industrial fields. Studies on overcoming the limitations of scalability and stability in a centralized IoT operating environment by employing distributed blockchain technology have been actively conducted. However, the nature of IoT that ensures connectivity with multiple objects at any time and any place increases security threats. Further, it extends the influence of the cyber world into the physical domain, resulting in serious damage to human life and property. Therefore, we aim to study a method to increase the security of IoT devices and effectively extend them simultaneously. To this end, we analyze the authentication methods and limitations of traditional IoT devices and examine cases for improving IoT environments by using blockchain technology. Accordingly, we propose a framework that allows IoT devices to be securely connected and extended to other devices by automatically evaluating security using blockchain technology and the whitelist. The method proposed in this paper restricts the extension of devices vulnerable to security risks by imposing penalties and allows only devices with high security to be securely and quickly authenticated and extended without user intervention. In this study, we applied the proposed method to IoT network simulation environments and observed that the number of devices vulnerable to security was reduced by 48.5% compared with traditional IoT environments.

Download Full-text

VaultPoint: A Blockchain-Based SSI Model that Complies with OAuth 2.0

Electronics ◽

10.3390/electronics9081231 ◽

2020 ◽

Vol 9 (8) ◽

pp. 1231

Author(s):

Seongho Hong ◽

Heeyoul Kim

Keyword(s):

User Experience ◽

Identity Management ◽

Service Providers ◽

Security Analysis ◽

Network Environment ◽

Blockchain Technology ◽

Proposed Model ◽

Authentication And Authorization ◽

And Control

An identity management including authentication and authorization in a network environment is a critical security factor. Various models for identity management have been developed continually, from the silo model to the federated model and to the recently introduced self-sovereign identity (SSI) model. In particular, SSI makes users manage their own information by themselves independently of any organizations. SSI utilizes the newly emerged blockchain technology and many studies of it are in progress. However, SSI has not had wide public use because of its low compatibility and inconvenience. This is because it involves an unfamiliar user experience and an immature process. To solve this problem, this paper proposes a new blockchain-based SSI model that complies with the popular and mature standard of OAuth 2.0. Using blockchain, the proposed model secures users’ data sovereignty where users can use and control their own information in a decentralized manner, instead of depending on a specific monopolistic service-providers. Users and clients who are familiar with the existing OAuth can easily accept the proposed model and apply it, which makes both usability and scalability of the model excellent. This paper confirmed the feasibility of the proposed model by implementing it and a security analysis was performed. The proposed model is expected to contribute to the expansion of both blockchain technology and SSI.

Download Full-text

Cloud Security Using Ear Biometrics

Web-Based Services ◽

10.4018/978-1-4666-9466-8.ch037 ◽

2016 ◽

pp. 823-848 ◽

Cited By ~ 1

Author(s):

Santosh Kumar ◽

Ali Imam Abidi ◽

Sanjay Kumar Singh

Keyword(s):

Cloud Computing ◽

Data Storage ◽

Service Providers ◽

Rapid Development ◽

Cloud Security ◽

Cloud Services ◽

Network Computing ◽

Cloud Data ◽

Computing Services ◽

Cloud Data Storage

Cloud computing has created much enthusiasm in the IT world, institutions, business groups and different organizations and provided new techniques to cut down resource costs and increase its better utilization. It is a major challenge for cloud consumers and service providers equally. Establishing one's identity has become complicated in a vastly interconnected cloud computing network. The need of a consistent cloud security technique has increased in the wake of heightened concerns about security. The rapid development in cloud data storage, network computing services, accessing the cloud services from vendors has made cloud open to security threats. In this chapter, we have proposed an approach based on Ear Biometric for cloud security of individual consumers and vendors. This approaches started to get acceptance as a genuine method for determining an individual's identity. This chapter provides with the stepping stone for future researches to unveil how biometrics can change the cloud security scenario as we know it.

Download Full-text

Cloud Security Using Ear Biometrics

Handbook of Research on Security Considerations in Cloud Computing - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-4666-8387-7.ch003 ◽

2015 ◽

pp. 39-64

Author(s):

Santosh Kumar ◽

Ali Imam Abidi ◽

Sanjay Kumar Singh

Keyword(s):

Cloud Computing ◽

Data Storage ◽

Service Providers ◽

Rapid Development ◽

Cloud Security ◽

Cloud Services ◽

Network Computing ◽

Cloud Data ◽

Computing Services ◽

Cloud Data Storage

Download Full-text

Security Audit of a Blockchain-Based Industrial Application Platform

Algorithms ◽

10.3390/a14040121 ◽

2021 ◽

Vol 14 (4) ◽

pp. 121

Author(s):

Jan Stodt ◽

Daniel Schönle ◽

Christoph Reich ◽

Fatemeh Ghovanlooy Ghajar ◽

Dominik Welte ◽

...

Keyword(s):

Industrial Revolution ◽

Security Analysis ◽

Use Case ◽

Fourth Industrial Revolution ◽

Blockchain Technology ◽

Increase Productivity ◽

Iot Devices ◽

A Company ◽

The Internet Of Things ◽

Very High

In recent years, both the Internet of Things (IoT) and blockchain technologies have been highly influential and revolutionary. IoT enables companies to embrace Industry 4.0, the Fourth Industrial Revolution, which benefits from communication and connectivity to reduce cost and to increase productivity through sensor-based autonomy. These automated systems can be further refined with smart contracts that are executed within a blockchain, thereby increasing transparency through continuous and indisputable logging. Ideally, the level of security for these IoT devices shall be very high, as they are specifically designed for this autonomous and networked environment. This paper discusses a use case of a company with legacy devices that wants to benefit from the features and functionality of blockchain technology. In particular, the implications of retrofit solutions are analyzed. The use of the BISS:4.0 platform is proposed as the underlying infrastructure. BISS:4.0 is intended to integrate the blockchain technologies into existing enterprise environments. Furthermore, a security analysis of IoT and blockchain present attacks and countermeasures are presented that are identified and applied to the mentioned use case.

Download Full-text

A Circular Business Model for Cloud Computing Services Providers

International Journal of Community Development and Management Studies ◽

10.31355/33 ◽

2018 ◽

Vol 2 ◽

pp. 105-120

Author(s):

Hamed Motaghi ◽

Saeed Nosratabadi ◽

Thabit Qasem Atobishi

Keyword(s):

Cloud Computing ◽

Business Model ◽

Circular Economy ◽

Service Providers ◽

Sustainable Consumption ◽

Future Research ◽

Extensive Literature ◽

Computing Services ◽

Proposed Model ◽

Cloud Computing Service

NOTE: THIS ARTICLE WAS PUBLISHED WITH THE INFORMING SCIENCE INSTITUTE. Aim/Purpose................................................................................................................................................................................................. The main objective of the current study is to develop a business model for service providers of cloud computing which is designed based on circular economy principles and can ensure the sustainable consumption. Background Even though the demand for cloud computing technology is increasing day by day in all over the world, the current the linear economy principles are incapable to ensure society development needs. To consider the benefit of the society and the vendors at the same time, the principles of circular economy can address this issue. Methodology................................................................................................................................................................................................. An extensive literature review on consumption, sustainable consumption, circular economic, business model, and cloud computing were conducted. the proposed model of Osterwalder, Pigneur and Tucci (2005) is admitted designing the circular business model. Contribution................................................................................................................................................................................................. The proposed model of the study is the contribution of this study where provides the guidelines for the cloud computing service providers to achieve both their economic profits and the society’ needs. Findings Finding reveals that if the cloud computing service providers design their business model based on the “access” principle of circular economy, they can meet their economic profits and the society’ needs at a same time. Recommendations for Practitioners.............................................................................................................................................................. It is recommended to the startup and the existing businesses to utilize the proposed model of this study to reach a sustainable development. Recommendation for Researchers................................................................................................................................................................ It proposes a new circular business model and its linkages with community building. Impact on Society............................................................................................................................................................................................ The proposed model of the study provides guidelines to the cloud computing service providers to design a business model which is able not only to meet their economic profit, but also to meet the society’s and customers’ benefits. Future Research............................................................................................................................................................................................... Future researches can build on this research model which proposed in this study to examine the limitations of this model by using empirical researches.

Download Full-text

A Mechanism to Secure the Transaction of IoT Devices Using Blockchain Technology

SSRN Electronic Journal ◽

10.2139/ssrn.3734799 ◽

2020 ◽

Author(s):

Mahesh Arse ◽

Jigyasu Dubey

Keyword(s):

Blockchain Technology ◽

Iot Devices

Download Full-text