BaDS: Blockchain-Based Architecture for Data Sharing with ABS and CP-ABE in IoT

Internet of Things (IoT) and cloud computing are increasingly integrated, in the sense that data collected from IoT devices (generally with limited computational and storage resources) are being sent to the cloud for processing, etc., in order to inform decision making and facilitate other operational and business activities. However, the cloud may not be a fully trusted entity, like leaking user data or compromising user privacy. Thus, we propose a privacy-preserving and user-controlled data sharing architecture with fine-grained access control, based on the blockchain model and attribute-based cryptosystem. Also, the consensus algorithm in our system is the Byzantine fault tolerance mechanism, rather than Proof of Work.

Download Full-text

Enabling Efficient Decentralized and Privacy Preserving Data Sharing in Mobile Cloud Computing

Wireless Communications and Mobile Computing ◽

10.1155/2021/8513869 ◽

2021 ◽

Vol 2021 ◽

pp. 1-15

Author(s):

Jiawei Zhang ◽

Ning Lu ◽

Teng Li ◽

Jianfeng Ma

Keyword(s):

Cloud Computing ◽

Access Control ◽

Mobile Devices ◽

Data Sharing ◽

Mobile Cloud Computing ◽

High Efficiency ◽

Mobile Cloud ◽

User Privacy ◽

Access Policy ◽

Fine Grained

Mobile cloud computing (MCC) is embracing rapid development these days and able to provide data outsourcing and sharing services for cloud users with pervasively smart mobile devices. Although these services bring various conveniences, many security concerns such as illegally access and user privacy leakage are inflicted. Aiming to protect the security of cloud data sharing against unauthorized accesses, many studies have been conducted for fine-grained access control using ciphertext-policy attribute-based encryption (CP-ABE). However, a practical and secure data sharing scheme that simultaneously supports fine-grained access control, large university, key escrow free, and privacy protection in MCC with expressive access policy, high efficiency, verifiability, and exculpability on resource-limited mobile devices has not been fully explored yet. Therefore, we investigate the challenge and propose an Efficient and Multiauthority Large Universe Policy-Hiding Data Sharing (EMA-LUPHDS) scheme. In this scheme, we employ fully hidden policy to preserve the user privacy in access policy. To adapt to large scale and distributed MCC environment, we optimize multiauthority CP-ABE to be compatible with large attribute universe. Meanwhile, for the efficiency purpose, online/offline and verifiable outsourced decryption techniques with exculpability are leveraged in our scheme. In the end, we demonstrate the flexibility and high efficiency of our proposal for data sharing in MCC by extensive performance evaluation.

Download Full-text

Traceable Multiauthority Attribute-Based Encryption with Outsourced Decryption and Hidden Policy for CIoT

Wireless Communications and Mobile Computing ◽

10.1155/2021/6682580 ◽

2021 ◽

Vol 2021 ◽

pp. 1-16

Author(s):

Suhui Liu ◽

Jiguo Yu ◽

Chunqiang Hu ◽

Mengmeng Li

Keyword(s):

Data Sharing ◽

Random Oracle Model ◽

Random Oracle ◽

Fine Grained ◽

Security Issues ◽

Efficient Management ◽

Attribute Based Encryption ◽

High Efficient ◽

Efficient Data ◽

Iot Devices

Cloud-assisted Internet of Things (IoT) significantly facilitate IoT devices to outsource their data for high efficient management. Unfortunately, some unsettled security issues dramatically impact the popularity of IoT, such as illegal access and key escrow problem. Traditional public-key encryption can be used to guarantees data confidentiality, while it cannot achieve efficient data sharing. The attribute-based encryption (ABE) is the most promising way to ensure data security and to realize one-to-many fine-grained data sharing simultaneously. However, it cannot be well applied in the cloud-assisted IoT due to the complexity of its decryption and the decryption key leakage problem. To prevent the abuse of decryption rights, we propose a multiauthority ABE scheme with white-box traceability in this paper. Moreover, our scheme greatly lightens the overhead on devices by outsourcing the most decryption work to the cloud server. Besides, fully hidden policy is implemented to protect the privacy of the access policy. Our scheme is proved to be selectively secure against replayable chosen ciphertext attack (RCCA) under the random oracle model. Some theory analysis and simulation are described in the end.

Download Full-text

Hierarchical Multi-Blockchain Architecture for Scalable Internet of Things Environment

Electronics ◽

10.3390/electronics9061050 ◽

2020 ◽

Vol 9 (6) ◽

pp. 1050 ◽

Cited By ~ 2

Author(s):

Yustus Eko Oktian ◽

Sang-Gon Lee ◽

Hoon Jae Lee

Keyword(s):

Internet Of Things ◽

High Throughput ◽

Byzantine Fault Tolerance ◽

The Core ◽

Iot Applications ◽

Internet Of Things Environment ◽

Second Tier ◽

Iot Devices ◽

And Storage ◽

Scalable Internet

Many researchers challenge the possibility of using blockchain and smart contracts to disrupt the Internet of Things (IoT) architecture because of their security and decentralization guarantees. However, the state-of-the-art blockchain architecture is not scalable enough to satisfy the requirements of massive data traffics in the IoT environment. The main reason for this issue is one needs to choose the consensus trade-off between either coping with a high throughput or a high number of nodes. Consequently, this issue prevents the applicability of blockchain for IoT use cases. In this paper, we propose a scalable two-tiered hierarchical blockchain architecture for IoT. The first tier is a Core Engine, which is based on a Practical Byzantine Fault Tolerance (PBFT) consensus to cope with a high throughput, that supervises the underlying subordinate engines (sub-engines) as its second tier. This second tier comprises of the Payment, Compute, and Storage Engine, respectively. We can deploy multiple instances of these sub-engines as many as we need and as local as possible near to the IoT domains, where IoT devices reside, to cope with a high number of nodes. Furthermore, to further extend the scalability of the proposed architecture, we also provide additional scalability features on the Core Engine such as request aggregation, request prioritization, as well as sub-engine parallelism. We implement all of our engines and expose them to IoT applications through the Engine APIs. With these APIs, developers can build and run IoT applications in our architecture. Our evaluation results show that our proposed features on the Core Engine can indeed enhance the overall performance of our architecture. Moreover, based on our proof-of-concept IoT car rental application, we also show that the interoperability between sub-engines through the Core Engine is possible, even when the particular sub-engine is under sub-engine parallelism.

Download Full-text

Fine-Grained Access Control Aware Multi-User Data Sharing with Secure Keyword Search

IEICE Transactions on Information and Systems ◽

10.1587/transinf.e97.d.1790 ◽

2014 ◽

Vol E97.D (7) ◽

pp. 1790-1803 ◽

Cited By ~ 5

Author(s):

Fangming ZHAO ◽

Takashi NISHIDE ◽

Kouichi SAKURAI

Keyword(s):

Access Control ◽

Data Sharing ◽

Keyword Search ◽

Fine Grained ◽

User Data

Download Full-text

Blockchain-Empowered Mobile Edge Intelligence, Machine Learning and Secure Data Sharing

10.5772/intechopen.96618 ◽

2021 ◽

Author(s):

Yao Du ◽

Shuxiao Miao ◽

Zitian Tong ◽

Victoria Lemieux ◽

Zehua Wang

Keyword(s):

Machine Learning ◽

Data Sharing ◽

Research Field ◽

Edge Computing ◽

Training Data ◽

Learning Approaches ◽

Mobile Edge Computing ◽

User Privacy ◽

Secure Data ◽

Iot Devices

Driven by recent advancements in machine learning, mobile edge computing (MEC) and the Internet of things (IoT), artificial intelligence (AI) has become an emerging technology. Traditional machine learning approaches require the training data to be collected and processed in centralized servers. With the advent of new decentralized machine learning approaches and mobile edge computing, the IoT on-device data training has now become possible. To realize AI at the edge of the network, IoT devices can offload training tasks to MEC servers. However, those distributed frameworks of edge intelligence also introduce some new challenges, such as user privacy and data security. To handle these problems, blockchain has been considered as a promising solution. As a distributed smart ledger, blockchain is renowned for high scalability, privacy-preserving, and decentralization. This technology is also featured with automated script execution and immutable data records in a trusted manner. In recent years, as quantum computers become more and more promising, blockchain is also facing potential threats from quantum algorithms. In this chapter, we provide an overview of the current state-of-the-art in these cutting-edge technologies by summarizing the available literature in the research field of blockchain-based MEC, machine learning, secure data sharing, and basic introduction of post-quantum blockchain. We also discuss the real-world use cases and outline the challenges of blockchain-empowered intelligence.

Download Full-text

IoT Adaptive Dynamic Blockchain Networking Method Based on Discrete Heartbeat Signals

Sensors ◽

10.3390/s20226503 ◽

2020 ◽

Vol 20 (22) ◽

pp. 6503

Author(s):

Xueyang Hu ◽

Yili Zheng ◽

Yu Su ◽

Rui Guo

Keyword(s):

Consensus Algorithm ◽

Byzantine Fault Tolerance ◽

Herd Effect ◽

Adaptive Dynamic ◽

Blockchain Technology ◽

New Development ◽

Physical Assets ◽

Iot Devices ◽

Short Network ◽

Digital Assets

The combination of blockchain technology and Internet of Things (IoT) technology has brought many significant advantages and new development directions. With the development of embedded technology and 5G communication technology, the performance limitations and network limitations that are traditionally believed to restrict the application of blockchain technology to IoT devices have been broken. The development of “blockchain + 5G + IoT” provides reliable data from the source for the blockchain, linking the credible mapping of physical assets and digital assets. However, at the beginning of the blockchain design, the application of the IoT was not fully considered, so there have been some obvious defects in applying the blockchain technology in the IoT. In the Byzantine fault tolerance (BFT) consensus algorithm of traditional blockchain, the entire blockchain network will become paralyzed when more than 1/3 of the nodes in the network are offline. However, in IoT applications, this situation is likely to occur and greatly limits the security and stability of the application of blockchain technology in the IoT. In order to solve this problem, we proposed an IoT adaptive dynamic blockchain networking method based on discrete heartbeat signals. The feature of the method is to set a different monitoring time for each group of nodes, that is, discrete heartbeat signals monitoring. When the number of nodes gradually decreases, the IoT adaptive dynamic blockchain network can dynamically adapt to this process. Even when more than 1/3 of the IoT are offline, the adaptive dynamic IoT blockchain network can maintain stable running. This method also has the advantages of a short network expectation recovery time and avoids instantaneous system paralysis caused by the thundering herd effect. This research improves the security and stability of the application of blockchain technology in the IoT, and provides the necessary technical foundation for the better combination of blockchain technology and IoT technology.

Download Full-text

Fusion Chain: A Decentralized Lightweight Blockchain for IoT Security and Privacy

Electronics ◽

10.3390/electronics10040391 ◽

2021 ◽

Vol 10 (4) ◽

pp. 391

Author(s):

Dongjun Na ◽

Sejin Park

Keyword(s):

Data Privacy ◽

Single Point ◽

Consensus Algorithm ◽

Security And Privacy ◽

Public Key ◽

Byzantine Fault Tolerance ◽

Blockchain Technology ◽

Private Data ◽

Security Problem ◽

Iot Devices

As the use of internet of things (IoT) devices increases, the importance of security has increased, because personal and private data such as biometrics, images, photos, and voices can be collected. However, there is a possibility of data leakage or manipulation by monopolizing the authority of the data, since such data are stored in a central server by the centralized structure of IoT devices. Furthermore, such a structure has a potential security problem, caused by an attack on the server due to single point vulnerability. Blockchain’s, through their decentralized structure, effectively solve the single point vulnerability, and their consensus algorithm allows network participants to verify data without any monopolizing. Therefore, blockchain technology becomes an effective solution for solving the security problem of the IoT’s centralized method. However, current blockchain technology is not suitable for IoT devices. Blockchain technology requires large storage space for the endless append-only block storing, and high CPU processing power for performing consensus algorithms, while its opened block access policy exposes private data to the public. In this paper, we propose a decentralized lightweight blockchain, named Fusion Chain, to support IoT devices. First, it solves the storage size issue of the blockchain by using the interplanetary file system (IPFS). Second, it does not require high computational power by using the practical Byzantine fault tolerance (PBFT) consensus algorithm. Third, data privacy is ensured by allowing only authorized users to access data through public key encryption using PKI. Fusion Chain was implemented from scratch written using Node.js and golang. The results show that the proposed Fusion Chain is suitable for IoT devices. According to our experiments, the size of the blockchain dramatically decreased, and only 6% of CPU on an ARM core, and 49 MB of memory, is used on average for the consensus process. It also effectively protects privacy data by using a public key infrastructure (PKI).

Download Full-text

A Blockchain-Based CP-ABE Scheme with Partially Hidden Access Structures

Security and Communication Networks ◽

10.1155/2021/4132597 ◽

2021 ◽

Vol 2021 ◽

pp. 1-16

Author(s):

Yang Ba ◽

Xuexian Hu ◽

Yue Chen ◽

Zenghang Hao ◽

Xuewei Li ◽

...

Keyword(s):

Access Control ◽

Data Sharing ◽

Data Storage ◽

Private Information ◽

Single Point ◽

Third Party ◽

Access Structure ◽

User Privacy ◽

Fine Grained ◽

Access Structures

Data sharing has become a key technology to break down data silos in the big data era. Ciphertext-policy attribute-based encryption (CP-ABE) is widely used in secure data-sharing schemes to realize flexible and fine-grained access control. However, in traditional CP-ABE schemes, the access structure is directly shared along with the ciphertext, potentially leading to users’ private information leakage. Outsourcing data to a centralized third party can easily result in privacy leakage and single-point bottlenecks, and the lack of transparency in data storage and sharing casts doubts whether users’ data are safe. To address these issues, we propose a blockchain-based CP-ABE scheme with partially hidden access structures (BCP-ABE-PHAS) to achieve fine-grained access control while ensuring user privacy. First, we propose an efficient CP-ABE scheme with partially hidden access structures, where the ciphertext size is constant. To assist data decryption, we design a garbled Bloom filter to help users quickly locate the position of wildcards in the access structure. Then, to improve storage efficiency and system scalability, we propose a data storage scheme that combines blockchain technology and the interplanetary file system, ensuring data integrity. Finally, we employ smart contracts for a transparent data storage and sharing process without third-party participation. Security analysis and performance evaluation show that the proposed BCP-ABE-PHAS scheme can preserve policy privacy with efficient storage and low computational overhead.

Download Full-text

A New User-controlled and Efficient Encrypted Data Sharing Model in Cloud Storage

Recent Patents on Engineering ◽

10.2174/1872212113666190215143537 ◽

2019 ◽

Vol 13 (4) ◽

pp. 356-363

Author(s):

Yuezhong Wu ◽

Wei Chen ◽

Shuhong Chen ◽

Guojun Wang ◽

Changyun Li

Keyword(s):

Data Sharing ◽

Data Security ◽

Cloud Storage ◽

Screening Program ◽

Original Data ◽

Third Party ◽

Active System ◽

Encrypted Data ◽

Active User ◽

User Data

Background: Cloud storage is generally used to provide on-demand services with sufficient scalability in an efficient network environment, and various encryption algorithms are typically applied to protect the data in the cloud. However, it is non-trivial to obtain the original data after encryption and efficient methods are needed to access the original data. Methods: In this paper, we propose a new user-controlled and efficient encrypted data sharing model in cloud storage. It preprocesses user data to ensure the confidentiality and integrity based on triple encryption scheme of CP-ABE ciphertext access control mechanism and integrity verification. Moreover, it adopts secondary screening program to achieve efficient ciphertext retrieval by using distributed Lucene technology and fine-grained decision tree. In this way, when a trustworthy third party is introduced, the security and reliability of data sharing can be guaranteed. To provide data security and efficient retrieval, we also combine active user with active system. Results: Experimental results show that the proposed model can ensure data security in cloud storage services platform as well as enhance the operational performance of data sharing. Conclusion: The proposed security sharing mechanism works well in an actual cloud storage environment.

Download Full-text

Tracing or Tracking? A Preliminary Analysis of COVID-19 Outbreak Tracker Apps on Android and User Privacy (Preprint)

10.2196/preprints.19662 ◽

2020 ◽

Author(s):

Alex Akinbi ◽

Ehizojie Ojie

Keyword(s):

Preliminary Analysis ◽

Service Providers ◽

User Participation ◽

Memory Storage ◽

Phone Call ◽

Contact Tracing ◽

Privacy Rights ◽

User Privacy ◽

Android Apps ◽

User Data

BACKGROUND Technology using digital contact tracing apps has the potential to slow the spread of COVID-19 outbreaks by recording proximity events between individuals and alerting people who have been exposed. However, there are concerns about the abuse of user privacy rights as such apps can be repurposed to collect private user data by service providers and governments who like to gather their citizens’ private data. OBJECTIVE The objective of our study was to conduct a preliminary analysis of 34 COVID-19 trackers Android apps used in 29 individual countries to track COVID-19 symptoms, cases, and provide public health information. METHODS We identified each app’s AndroidManifest.xml resource file and examined the dangerous permissions requested by each app. RESULTS The results in this study show 70.5% of the apps request access to user location data, 47% request access to phone activities including the phone number, cellular network information, and the status of any ongoing calls. 44% of the apps request access to read from external memory storage and 2.9% request permission to download files without notification. 17.6% of the apps initiate a phone call without giving the user option to confirm the call. CONCLUSIONS The contributions of this study include a description of these dangerous permissions requested by each app and its effects on user privacy. We discuss principles that must be adopted in the development of future tracking and contact tracing apps to preserve the privacy of users and show transparency which in turn will encourage user participation.

Download Full-text