scholarly journals Privacy-Protection Scheme of a Credit-Investigation System Based on Blockchain

Entropy ◽  
2021 ◽  
Vol 23 (12) ◽  
pp. 1657
Author(s):  
Ke Yuan ◽  
Yingjie Yan ◽  
Tong Xiao ◽  
Wenchao Zhang ◽  
Sufang Zhou ◽  
...  
Keyword(s):  
Privacy Protection ◽  
Service Providers ◽  
Security Analysis ◽  
Cloud Service ◽  
Identity Authentication ◽  
Protection Scheme ◽  
Blockchain Technology ◽  
Searchable Symmetric Encryption ◽  
Verification Time ◽  
Identity Privacy

In response to the rapid growth of credit-investigation data, data redundancy among credit-investigation agencies, privacy leakages of credit-investigation data subjects, and data security risks have been reported. This study proposes a privacy-protection scheme for a credit-investigation system based on blockchain technology, which realizes the secure sharing of credit-investigation data among multiple entities such as credit-investigation users, credit-investigation agencies, and cloud service providers. This scheme is based on blockchain technology to solve the problem of islanding of credit-investigation data and is based on zero-knowledge-proof technology, which works by submitting a proof to the smart contract to achieve anonymous identity authentication, ensuring that the identity privacy of credit-investigation users is not disclosed; this scheme is also based on searchable-symmetric-encryption technology to realize the retrieval of the ciphertext of the credit-investigation data. A security analysis showed that this scheme guarantees the confidentiality, the availability, the tamper-proofability, and the ciphertext searchability of credit-investigation data, as well as the fairness and anonymity of identity authentication in the credit-investigation data query. An efficiency analysis showed that, compared with similar identity-authentication schemes, the proof key of this scheme is smaller, and the verification time is shorter. Compared with similar ciphertext-retrieval schemes, the time for this scheme to generate indexes and trapdoors and return search results is significantly shorter.

scholarly journals Towards Secure Network Computing Services for Lightweight Clients Using Blockchain

2018 ◽  
Vol 2018 ◽  
pp. 1-12 ◽  
Author(s):  
Yang Xu ◽  
Guojun Wang ◽  
Jidian Yang ◽  
Ju Ren ◽  
Yaoxue Zhang ◽  
...  
Keyword(s):  
Service Providers ◽  
Security Analysis ◽  
Service Provisioning ◽  
Network Computing ◽  
Security Risks ◽  
Blockchain Technology ◽  
Computing Services ◽  
Viable Solution ◽  
Secure Network ◽  
Iot Devices

The emerging network computing technologies have significantly extended the abilities of the resource-constrained IoT devices through the network-based service sharing techniques. However, such a flexible and scalable service provisioning paradigm brings increased security risks to terminals due to the untrustworthy exogenous service codes loading from the open network. Many existing security approaches are unsuitable for IoT environments due to the high difficulty of maintenance or the dependencies upon extra resources like specific hardware. Fortunately, the rise of blockchain technology has facilitated the development of service sharing methods and, at the same time, it appears a viable solution to numerous security problems. In this paper, we propose a novel blockchain-based secure service provisioning mechanism for protecting lightweight clients from insecure services in network computing scenarios. We introduce the blockchain to maintain all the validity states of the off-chain services and edge service providers for the IoT terminals to help them get rid of untrusted or discarded services through provider identification and service verification. In addition, we take advantage of smart contracts which can be triggered by the lightweight clients to help them check the validities of service providers and service codes according to the on-chain transactions, thereby reducing the direct overhead on the IoT devices. Moreover, the adoptions of the consortium blockchain and the proof of authority consensus mechanism also help to achieve a high throughput. The theoretical security analysis and evaluation results show that our approach helps the lightweight clients get rid of untrusted edge service providers and insecure services effectively with acceptable latency and affordable costs.

A Markov Prediction-Based Privacy Protection Scheme for Continuous Query

2019 ◽  
Vol 28 (09) ◽  
pp. 1950147
Author(s):  
Lei Zhang ◽  
Jing Li ◽  
Songtao Yang ◽  
Yi Liu ◽  
Xu Zhang ◽  
...  
Keyword(s):  
Privacy Protection ◽  
Location Privacy ◽  
Mathematical Proof ◽  
Security Analysis ◽  
Continuous Query ◽  
The Real ◽  
Protection Scheme ◽  
Whole Process ◽  
Prediction Scheme ◽  
Location Privacy Protection

The query probability of a location which the user utilizes to request location-based service (LBS) can be used as background knowledge to infer the real location, and then the adversary may invade the privacy of this user. In order to cope with this type of attack, several algorithms had provided query probability anonymity for location privacy protection. However, these algorithms are all efficient just for snapshot query, and simply applying them in the continuous query may bring hazards. Especially that, continuous anonymous locations which provide query probability anonymity in continuous anonymity are incapable of being linked into anonymous trajectories, and then the adversary can identify the real trajectory as well as the real location of each query. In this paper, the query probability anonymity and anonymous locations linkable are considered simultaneously, then based on the Markov prediction, we provide an anonymous location prediction scheme. This scheme can cope with the shortage of the existing algorithms of query probability anonymity in continuous anonymity locations difficult to be linked, and provide query probability anonymity service for the whole process of continuous query, so this scheme can be used to resist the attack of both of statistical attack as well as the infer attack of the linkable. At last, in order to demonstrate the capability of privacy protection in continuous query and the efficiency of algorithm execution, this paper utilizes the security analysis and experimental evaluation to further confirm the performance, and then the process of mathematical proof as well as experimental results are shown.

scholarly journals Heterogeneous Cross-Domain Identity Authentication Scheme Based on Proxy Resignature in Cloud Environment

2020 ◽  
Vol 2020 ◽  
pp. 1-12
Author(s):  
Yongyang Lv ◽  
Wenju Liu ◽  
Ze Wang
Keyword(s):  
Simulation Experiment ◽  
Service Providers ◽  
Cloud Service ◽  
Identity Authentication ◽  
Cloud Environment ◽  
Cross Domain ◽  
Replay Attacks ◽  
Man In The Middle ◽  
Cloud Service Providers ◽  
Computing Performance

Based on proxy resignature, the signature transformation between trust domains of different cryptographic systems is realized with the help of the cloud authentication center, so as to achieve cross-domain access between users and cloud service providers in heterogeneous environment. Hierarchical ID tree realizes the uniqueness of identity in communication, and the security of heterogeneous cross-domain identity authentication is enhanced by the two-factor authentication of “password + key” and temporary identity replacing real identity. The security of the scheme is proved under the CK model, which can anonymously trace entity identity, resist replay attacks, replacement attacks, and man-in-the-middle attacks, and the simulation experiment is carried out. By searching it in related fields, no paper on heterogeneous cross-domain identity authentication based on proxy resignature has been published yet. The results of this paper show that the proposed scheme has better computing performance and higher security.

scholarly journals Password authentication scheme based on smart card and QR code

2021 ◽  
Vol 23 (1) ◽  
pp. 140
Author(s):  
Mushtaq Hasson ◽  
Ali A. Yassin ◽  
Abdulla J. Yassin ◽  
Abdullah Mohammed Rashid ◽  
Aqeel A. Yaseen ◽  
...  
Keyword(s):  
Smart Card ◽  
Key Management ◽  
Service Providers ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Cloud Service ◽  
Cloud Services ◽  
Authentication Scheme ◽  
Qr Code ◽  
Practical Applications

As a hopeful computing paradigm, cloud services are obtainable to end users based on pay-as-you-go service. Security is represented one of the vital issues for the extended adoption of cloud computing, with the object of accessing several cloud service providers, applications, and services by using anonymity features to authenticate the user. We present a good authentication scheme based on quick response (QR) code and smart card. Furthermore, our proposed scheme has several crucial merits such as key management, mutual authentication, one-time password, user anonymity, freely chosen password, secure password changes, and revocation by using QR code. The security of proposed scheme depends on crypto-hash function, QR-code validation, and smart card. Moreover, we view that our proposed scheme can resist numerous malicious attacks and are more appropriate for practical applications than other previous works. The proposed scheme has proved as a strong mutual authentication based on burrows-abadi-needham (BAN) logic and security analysis. Furthermore, our proposed scheme has good results compared with related work.

scholarly journals Blockchain-enabled real-time SLA monitoring for cloud-hosted services

2021 ◽  
Author(s):  
Kashif Mehboob Khan ◽  
Junaid Arshad ◽  
Waheed Iqbal ◽  
Sidrah Abdullah ◽  
Hassan Zaib
Keyword(s):  
Cloud Computing ◽  
Real Time ◽  
Service Providers ◽  
Response Times ◽  
Cloud Service ◽  
Service Level ◽  
Cloud Services ◽  
Blockchain Technology ◽  
Manual Processing ◽  
And Performance

AbstractCloud computing is an important technology for businesses and individual users to obtain computing resources over the Internet on-demand and flexibly. Although cloud computing has been adopted across diverse applications, the owners of time-and-performance critical applications require cloud service providers’ guarantees about their services, such as availability and response times. Service Level Agreements (SLAs) are a mechanism to communicate and enforce such guarantees typically represented as service level objectives (SLOs), and financial penalties are imposed on SLO violations. Due to delays and inaccuracies caused by manual processing, an automatic method to periodically verify SLA terms in a transparent and trustworthy manner is fundamental to effective SLA monitoring, leading to the acceptance and credibility of such service to the customers of cloud services. This paper presents a blockchain-based distributed infrastructure that leverages fundamental blockchain properties to achieve immutable and trustworthy SLA monitoring within cloud services. The paper carries out an in-depth empirical investigation for the scalability of the proposed system in order to address the challenge of transparently enforcing real-time monitoring of cloud-hosted services leveraging blockchain technology. This will enable all the stakeholders to enforce accurate execution of SLA without any imprecisions and delays by maintaining an immutable ledger publicly across blockchain network. The experimentation takes into consideration several attributes of blockchain which are critical in achieving optimum performance. The paper also investigates key characteristics of these factors and their impact to the behaviour of the system for further scaling it up under various cases for increased service utilization.

Data Partitioning and Reduplication for Providing Integrity to Data in the Cloud

2020 ◽  
Vol 17 (9) ◽  
pp. 4070-4074
Author(s):  
H. M. Nishkala ◽  
S. H. Anu ◽  
D. A. Bindushree ◽  
S. L. Manoj
Keyword(s):  
Data Security ◽  
Privacy Protection ◽  
Service Providers ◽  
Cloud Service ◽  
Major Elements ◽  
Data Partitioning ◽  
Security And Privacy ◽  
Data Loss ◽  
Cloud Data ◽  
Cloud Service Providers

Cloud Computing is a boon to the field of information and technology. The two major elements of client worries are Data security and Privacy Protection. Data may be revised and improved when client stores the information in the cloud so there might be danger of data loss. Therefore client information is moved to the data hub which cannot be controlled by the clients. Hence high safety efforts are required to secure data inside the cloud. Here data is divided into fragments and they are converted into encrypted file. This encrypted file is issued to arbitrarily chosen cloud service providers by the cloud data owners. Even after the successful attack, attackers do not get the meaning full information. If cloud data clients access to get any document that relating to encrypted file is regenerated from the fragments and clients must download it. When the applicant coordinates the strategy with the original details, then only file can be decoded. Therefore it demonstrates that prospective strategy improves the data integrity and confidentiality.

scholarly journals Design and Implementation of Data Sharing Traceability System Based on Blockchain Smart Contract

2021 ◽  
Vol 2021 ◽  
pp. 1-14
Author(s):  
Yang Kang ◽  
Qiang Li
Keyword(s):  
Data Sharing ◽  
Service Providers ◽  
Distributed Storage ◽  
Cloud Service ◽  
Fair Exchange ◽  
Traceability System ◽  
Blockchain Technology ◽  
Multigroup Data ◽  
Feasible Solutions ◽  
Internet Of Things Technology

“Traceability” is an important method often used in modern supply management. The traceability system is a system based on the Internet of Things technology. In this process, users will share resources through cloud service providers, so how to ensure data security is also one of the issues we consider. Blockchain technology is an emerging technology in the field of information technology. Its decentralized nature, distributed storage, and difficult data modification provide us with fair exchange and sharing of data. Feasible solutions: in this article, we have studied the key issues of fair exchange and safe sharing of data based on blockchain and designed a multigroup data sharing scheme based on alliance chain. To solve the various existing traceability systems problem, this paper designs a new traceability system based on blockchain technology and implements a system prototype to verify the feasibility of the system.

scholarly journals VaultPoint: A Blockchain-Based SSI Model that Complies with OAuth 2.0

Electronics ◽  
2020 ◽  
Vol 9 (8) ◽  
pp. 1231
Author(s):  
Seongho Hong ◽  
Heeyoul Kim
Keyword(s):  
User Experience ◽  
Identity Management ◽  
Service Providers ◽  
Security Analysis ◽  
Network Environment ◽  
Blockchain Technology ◽  
Proposed Model ◽  
Authentication And Authorization ◽  
And Control

An identity management including authentication and authorization in a network environment is a critical security factor. Various models for identity management have been developed continually, from the silo model to the federated model and to the recently introduced self-sovereign identity (SSI) model. In particular, SSI makes users manage their own information by themselves independently of any organizations. SSI utilizes the newly emerged blockchain technology and many studies of it are in progress. However, SSI has not had wide public use because of its low compatibility and inconvenience. This is because it involves an unfamiliar user experience and an immature process. To solve this problem, this paper proposes a new blockchain-based SSI model that complies with the popular and mature standard of OAuth 2.0. Using blockchain, the proposed model secures users’ data sovereignty where users can use and control their own information in a decentralized manner, instead of depending on a specific monopolistic service-providers. Users and clients who are familiar with the existing OAuth can easily accept the proposed model and apply it, which makes both usability and scalability of the model excellent. This paper confirmed the feasibility of the proposed model by implementing it and a security analysis was performed. The proposed model is expected to contribute to the expansion of both blockchain technology and SSI.

Sign in / Sign up

Export Citation Format

Share Document