scholarly journals VaultPoint: A Blockchain-Based SSI Model that Complies with OAuth 2.0

Electronics ◽  
2020 ◽  
Vol 9 (8) ◽  
pp. 1231
Author(s):  
Seongho Hong ◽  
Heeyoul Kim
Keyword(s):  
User Experience ◽  
Identity Management ◽  
Service Providers ◽  
Security Analysis ◽  
Network Environment ◽  
Blockchain Technology ◽  
Proposed Model ◽  
Authentication And Authorization ◽  
And Control

An identity management including authentication and authorization in a network environment is a critical security factor. Various models for identity management have been developed continually, from the silo model to the federated model and to the recently introduced self-sovereign identity (SSI) model. In particular, SSI makes users manage their own information by themselves independently of any organizations. SSI utilizes the newly emerged blockchain technology and many studies of it are in progress. However, SSI has not had wide public use because of its low compatibility and inconvenience. This is because it involves an unfamiliar user experience and an immature process. To solve this problem, this paper proposes a new blockchain-based SSI model that complies with the popular and mature standard of OAuth 2.0. Using blockchain, the proposed model secures users’ data sovereignty where users can use and control their own information in a decentralized manner, instead of depending on a specific monopolistic service-providers. Users and clients who are familiar with the existing OAuth can easily accept the proposed model and apply it, which makes both usability and scalability of the model excellent. This paper confirmed the feasibility of the proposed model by implementing it and a security analysis was performed. The proposed model is expected to contribute to the expansion of both blockchain technology and SSI.

scholarly journals IMSC-EIoTD: Identity Management and Secure Communication for Edge IoT Devices

Sensors ◽  
2020 ◽  
Vol 20 (22) ◽  
pp. 6546
Author(s):  
Kazi Masum Sadique ◽  
Rahim Rahmani ◽  
Paul Johannesson
Keyword(s):  
Secure Communication ◽  
Identity Management ◽  
Security Protocols ◽  
Spin Model ◽  
The Internet ◽  
Human Society ◽  
Proposed Model ◽  
Authentication And Authorization ◽  
Quality Of Living ◽  
Iot Devices

The Internet of things (IoT) will accommodate several billions of devices to the Internet to enhance human society as well as to improve the quality of living. A huge number of sensors, actuators, gateways, servers, and related end-user applications will be connected to the Internet. All these entities require identities to communicate with each other. The communicating devices may have mobility and currently, the only main identity solution is IP based identity management which is not suitable for the authentication and authorization of the heterogeneous IoT devices. Sometimes devices and applications need to communicate in real-time to make decisions within very short times. Most of the recently proposed solutions for identity management are cloud-based. Those cloud-based identity management solutions are not feasible for heterogeneous IoT devices. In this paper, we have proposed an edge-fog based decentralized identity management and authentication solution for IoT devices (IoTD) and edge IoT gateways (EIoTG). We have also presented a secure communication protocol for communication between edge IoT devices and edge IoT gateways. The proposed security protocols are verified using Scyther formal verification tool, which is a popular tool for automated verification of security protocols. The proposed model is specified using the PROMELA language. SPIN model checker is used to confirm the specification of the proposed model. The results show different message flows without any error.

scholarly journals Formal Verification of Authentication and Service Authorization Protocols in 5G-Enabled Device-to-Device Communications Using ProVerif

Electronics ◽  
2021 ◽  
Vol 10 (13) ◽  
pp. 1608
Author(s):  
Ed Kamya Kiyemba Edris ◽  
Mahdi Aiash ◽  
Jonathan Loo
Keyword(s):  
Service Providers ◽  
Security Analysis ◽  
Mobile Network ◽  
Network Services ◽  
Control Mechanisms ◽  
D2d Communications ◽  
Fifth Generation ◽  
Device To Device ◽  
Pi Calculus ◽  
Authentication And Authorization

Device-to-Device (D2D) communications will be used as an underlay technology in the Fifth Generation mobile network (5G), which will make network services of multiple Service Providers (SP) available anywhere. The end users will be allowed to access and share services using their User Equipments (UEs), and thus they will require seamless and secured connectivity. At the same time, Mobile Network Operators (MNOs) will use the UE to offload traffic and push contents closer to users relying on D2D communications network. This raises security concerns at different levels of the system architecture and highlights the need for robust authentication and authorization mechanisms to provide secure services access and sharing between D2D users. Therefore, this paper proposes a D2D level security solution that comprises two security protocols, namely, the D2D Service security (DDSec) and the D2D Attributes and Capability security (DDACap) protocols, to provide security for access, caching and sharing data in network-assisted and non-network-assisted D2D communications scenarios. The proposed solution applies Identity-based Encryption (IBE), Elliptic Curve Integrated Encryption Scheme (ECIES) and access control mechanisms for authentication and authorization procedures. We formally verified the proposed protocols using ProVerif and applied pi calculus. We also conducted a security analysis of the proposed protocols.

scholarly journals Towards Secure Network Computing Services for Lightweight Clients Using Blockchain

2018 ◽  
Vol 2018 ◽  
pp. 1-12 ◽  
Author(s):  
Yang Xu ◽  
Guojun Wang ◽  
Jidian Yang ◽  
Ju Ren ◽  
Yaoxue Zhang ◽  
...  
Keyword(s):  
Service Providers ◽  
Security Analysis ◽  
Service Provisioning ◽  
Network Computing ◽  
Security Risks ◽  
Blockchain Technology ◽  
Computing Services ◽  
Viable Solution ◽  
Secure Network ◽  
Iot Devices

The emerging network computing technologies have significantly extended the abilities of the resource-constrained IoT devices through the network-based service sharing techniques. However, such a flexible and scalable service provisioning paradigm brings increased security risks to terminals due to the untrustworthy exogenous service codes loading from the open network. Many existing security approaches are unsuitable for IoT environments due to the high difficulty of maintenance or the dependencies upon extra resources like specific hardware. Fortunately, the rise of blockchain technology has facilitated the development of service sharing methods and, at the same time, it appears a viable solution to numerous security problems. In this paper, we propose a novel blockchain-based secure service provisioning mechanism for protecting lightweight clients from insecure services in network computing scenarios. We introduce the blockchain to maintain all the validity states of the off-chain services and edge service providers for the IoT terminals to help them get rid of untrusted or discarded services through provider identification and service verification. In addition, we take advantage of smart contracts which can be triggered by the lightweight clients to help them check the validities of service providers and service codes according to the on-chain transactions, thereby reducing the direct overhead on the IoT devices. Moreover, the adoptions of the consortium blockchain and the proof of authority consensus mechanism also help to achieve a high throughput. The theoretical security analysis and evaluation results show that our approach helps the lightweight clients get rid of untrusted edge service providers and insecure services effectively with acceptable latency and affordable costs.

scholarly journals Privacy-Protection Scheme of a Credit-Investigation System Based on Blockchain

Entropy ◽  
2021 ◽  
Vol 23 (12) ◽  
pp. 1657
Author(s):  
Ke Yuan ◽  
Yingjie Yan ◽  
Tong Xiao ◽  
Wenchao Zhang ◽  
Sufang Zhou ◽  
...  
Keyword(s):  
Privacy Protection ◽  
Service Providers ◽  
Security Analysis ◽  
Cloud Service ◽  
Identity Authentication ◽  
Protection Scheme ◽  
Blockchain Technology ◽  
Searchable Symmetric Encryption ◽  
Verification Time ◽  
Identity Privacy

In response to the rapid growth of credit-investigation data, data redundancy among credit-investigation agencies, privacy leakages of credit-investigation data subjects, and data security risks have been reported. This study proposes a privacy-protection scheme for a credit-investigation system based on blockchain technology, which realizes the secure sharing of credit-investigation data among multiple entities such as credit-investigation users, credit-investigation agencies, and cloud service providers. This scheme is based on blockchain technology to solve the problem of islanding of credit-investigation data and is based on zero-knowledge-proof technology, which works by submitting a proof to the smart contract to achieve anonymous identity authentication, ensuring that the identity privacy of credit-investigation users is not disclosed; this scheme is also based on searchable-symmetric-encryption technology to realize the retrieval of the ciphertext of the credit-investigation data. A security analysis showed that this scheme guarantees the confidentiality, the availability, the tamper-proofability, and the ciphertext searchability of credit-investigation data, as well as the fairness and anonymity of identity authentication in the credit-investigation data query. An efficiency analysis showed that, compared with similar identity-authentication schemes, the proof key of this scheme is smaller, and the verification time is shorter. Compared with similar ciphertext-retrieval schemes, the time for this scheme to generate indexes and trapdoors and return search results is significantly shorter.

scholarly journals Blockchain-Based Access Control Model to Preserve Privacy for Personal Health Record Systems

2019 ◽  
Vol 2019 ◽  
pp. 1-15 ◽  
Author(s):  
Thein Than Thwin ◽  
Sangsuree Vasupongayya
Keyword(s):  
Access Control ◽  
Personal Health Record ◽  
Security Analysis ◽  
Personal Health ◽  
Health Record ◽  
Privacy Concern ◽  
Record System ◽  
Fine Grained ◽  
Blockchain Technology ◽  
Proposed Model

Personal health record system (PHR system) stores health-related information of an individual. PHR system allows the data owner to manage and share his/her data with selected individuals. The originality or tamper resistance feature is crucial for PHR system because of the irreversible consequence of incorrect information. Blockchain technology becomes a potential solution due to its immutability and irreversibility properties. Unfortunately, some technical impediments such as limited storage, privacy concern, consent irrevocability, inefficient performance, and energy consumption exist. This work aims to handle these blockchain drawbacks and propose a blockchain-based PHR model. The proposed model is built using the blockchain technology to support a tamper resistance feature. Proxy reencryption and other cryptographic techniques are employed to preserve privacy. Features of the proposed model include fine-grained and flexible access control, revocability of consent, auditability, and tamper resistance. A detailed security analysis shows that the proposed model is provably secure for privacy and tamper resistance. The performance analysis shows that the proposed model achieves a better overall performance compared with the existing approach in the literature. Thus the proposed model is more suitable for the PHR system usage.

scholarly journals Transfer of Secret Data using Re-encryption Technique with Hyperledger Fabric based on Blockchain Technology

2021 ◽  
Vol 9 (VI) ◽  
pp. 3582-3588
Author(s):  
Bhagyashri H. Adhau
Keyword(s):  
Personal Health Record ◽  
Security Analysis ◽  
Security And Privacy ◽  
Sensitive Information ◽  
Secret Data ◽  
Record System ◽  
Blockchain Technology ◽  
Proposed Model ◽  
The One ◽  
Cryptographic Techniques

The Personal health record system (PHR system) which stores health-records patient's information. PHR system allows the one Hospital to manage and share his/her data with selected other individuals. The originality or tamper resistance feature is crucial for PHR system because it contains sensitive information about patients. Blockchain technology with the personal blockchain becomes a potential, great solution due to its immutability properties. Unfortunately. This work aims to propose a blockchain-based PHR model. The proposed model is built using the Hyper-ledger Fabric concept to support a tamper resistance feature. Re-encryption and other cryptographic techniques Such as Advanced Encryption Standard and Hashing algorithms are employed to preserve privacy. The proposed model include flexible access control, security concerns, auditability. A detailed security analysis of our model shows that the it is provably secure for Security and privacy preserving.

scholarly journals Cloud Health Resource Sharing Based on Consensus-Oriented Blockchain Technology: Case Study on a Breast Tumor Diagnosis Service (Preprint)

2019 ◽  
Author(s):  
Xiaobao Zhu ◽  
Jing Shi ◽  
Cuiyuan Lu
Keyword(s):  
Resource Sharing ◽  
Breast Tumor ◽  
Service Providers ◽  
Cloud Service ◽  
Tumor Diagnosis ◽  
Consensus Algorithm ◽  
Health Resource ◽  
Blockchain Technology ◽  
Proposed Model

BACKGROUND In recent years, researchers have made significant efforts in advancing blockchain technology. This technology, with distinct features of decentralization and security, can be applied to many fields. In areas of health data and resource sharing, applications of blockchain technology are also emerging. OBJECTIVE In this study, we propose a cloud health resource-sharing model based on consensus-oriented blockchain technology and have developed a simulation study on breast tumor diagnosis. METHODS The proposed platform is built on a consortium or federated blockchain that possesses features of both centralization and decentralization. The consensus mechanisms generate operating standards for the proposed model. Open source Ethereum code is employed to provide the blockchain environment. Proof of Authority is selected as the consensus algorithm of block generation. RESULTS Based on the proposed model, a simulation case study for breast tumor classification is constructed. The simulation includes 9893 service requests from 100 users; 22 service providers are equipped with 22 different classification methods. Each request is fulfilled by a service provider recommended by the weighted k-nearest neighbors (KNN) algorithm. The majority of service requests are handled by 9 providers, and provider service evaluation scores tend to stabilize. Also, user priority on KNN weights significantly affects the system operation outcome. CONCLUSIONS The proposed model is feasible based on the simulation case study for the cloud service of breast tumor diagnosis and has the potential to be applied to other applications.

A Circular Business Model for Cloud Computing Services Providers

10.31355/33 ◽  
2018 ◽  
Vol 2 ◽  
pp. 105-120
Author(s):  
Hamed Motaghi ◽  
Saeed Nosratabadi ◽  
Thabit Qasem Atobishi
Keyword(s):  
Cloud Computing ◽  
Business Model ◽  
Circular Economy ◽  
Service Providers ◽  
Sustainable Consumption ◽  
Future Research ◽  
Extensive Literature ◽  
Computing Services ◽  
Proposed Model ◽  
Cloud Computing Service

NOTE: THIS ARTICLE WAS PUBLISHED WITH THE INFORMING SCIENCE INSTITUTE. Aim/Purpose................................................................................................................................................................................................. The main objective of the current study is to develop a business model for service providers of cloud computing which is designed based on circular economy principles and can ensure the sustainable consumption. Background Even though the demand for cloud computing technology is increasing day by day in all over the world, the current the linear economy principles are incapable to ensure society development needs. To consider the benefit of the society and the vendors at the same time, the principles of circular economy can address this issue. Methodology................................................................................................................................................................................................. An extensive literature review on consumption, sustainable consumption, circular economic, business model, and cloud computing were conducted. the proposed model of Osterwalder, Pigneur and Tucci (2005) is admitted designing the circular business model. Contribution................................................................................................................................................................................................. The proposed model of the study is the contribution of this study where provides the guidelines for the cloud computing service providers to achieve both their economic profits and the society’ needs. Findings Finding reveals that if the cloud computing service providers design their business model based on the “access” principle of circular economy, they can meet their economic profits and the society’ needs at a same time. Recommendations for Practitioners.............................................................................................................................................................. It is recommended to the startup and the existing businesses to utilize the proposed model of this study to reach a sustainable development. Recommendation for Researchers................................................................................................................................................................ It proposes a new circular business model and its linkages with community building. Impact on Society............................................................................................................................................................................................ The proposed model of the study provides guidelines to the cloud computing service providers to design a business model which is able not only to meet their economic profit, but also to meet the society’s and customers’ benefits. Future Research............................................................................................................................................................................................... Future researches can build on this research model which proposed in this study to examine the limitations of this model by using empirical researches.

HIV digital vaccine strategy: An application of blockchain technology in preventing the spread of HIV (Preprint)

2019 ◽  
Author(s):  
Jia Liu ◽  
Zhe Wang ◽  
Dingyong Sun ◽  
Xiying Wang
Keyword(s):  
High Risk ◽  
Vaccine Strategy ◽  
Surveillance Network ◽  
High Risk Sexual Behavior ◽  
Blockchain Technology ◽  
Control And Prevention ◽  
Heavy Burden ◽  
Promising Solution ◽  
Susceptible Populations ◽  
And Control

UNSTRUCTURED The HIV epidemic imposes a heavy burden on societal development. Presently, the protection of susceptible populations is the most feasible method for eliminating the spread of HIV. Governments and other relevant industries are actively attempting to solve the problem. In view of the unavailability of biological vaccines, the best measures that can currently be applied are identification of HIV-infected persons and provision of treatment and behavioral intervention. This paper proposes a HIV digital vaccine strategy based on blockchain technology. In the proposed strategy, a decentralized surveillance network is jointly constructed using HIV high-risk individuals as application nodes and accredited testing agencies as authentication nodes. Following testing at the authentication nodes, the results are uploaded to the blockchain, which results in HIV high-risk individuals being able to determine the HIV infection status of each other in a convenient, anonymous, and credible manner. This reduces the occurrence of high-risk sexual behavior and effectively protects susceptible populations. The proposed strategy is a promising solution to prevent the spread of HIV. The performance of the decentralized surveillance network may lead to the restructuring of current government-funded infectious disease prevention and control modes that are centered on centers for disease control and prevention and hospitals to introduce revolutionary changes in public health systems globally.

Money Code Space

2020 ◽  
Author(s):  
Jack Parkin
Keyword(s):  
Open Source Software ◽  
Global Economy ◽  
Research Problem ◽  
Blockchain Technology ◽  
Distributed Ledger ◽  
Start Up ◽  
Challenging Research ◽  
Digital Politics ◽  
Financial Transactions ◽  
And Control

Newly emerging cryptocurrencies and blockchain technology present a challenging research problem in the field of digital politics and economics. Bitcoin—the first widely implemented cryptocurrency and blockchain architecture—seemingly separates itself from the existing territorial boundedness of nation-state money via a process of algorithmic decentralisation. Proponents declare that the utilisation of cryptography to advance financial transactions will disrupt the modern centralised structures by which capitalist economies are currently organised: corporations, governments, commercial banks, and central banks. Allegedly, software can create a more stable and democratic global economy; a world free from hierarchy and control. In Money Code Space, Jack Parkin debunks these utopian claims by approaching distributed ledger technologies as a spatial and social problem where power forms unevenly across their networks. First-hand accounts of online communities, open-source software governance, infrastructural hardware operations, and Silicon Valley start-up culture are used to ground understandings of cryptocurrencies in the “real world.” Consequently, Parkin demonstrates how Bitcoin and other blockchains are produced across a multitude of tessellated spaces from which certain stakeholders exercise considerable amounts of power over their networks. While money, code, and space are certainly transformed by distributed ledgers, algorithmic decentralisation is rendered inherently paradoxical because it is predicated upon centralised actors, practices, and forces.

Sign in / Sign up

Export Citation Format

Share Document