Secure and Privacy-Aware Blockchain Design: Requirements, Challenges and Solutions

During the last decade, distributed ledger solutions such as blockchain have gained significant attention due to their decentralized, immutable, and verifiable features. However, the public availability of data stored on the blockchain and its link to users may raise privacy and security issues. In some cases, addressing these issues requires blockchain data to be secured with mechanisms that allow on-demand (as opposed to full) disclosure. In this paper, we give a comprehensive overview of blockchain privacy and security requirements, and detail how existing mechanisms answer them. We provide a taxonomy of current attacks together with related countermeasures. We present a thorough comparative analysis based on various parameters of state-of the-art privacy and security mechanisms, we provide recommendations to design secure and privacy-aware blockchain, and we suggest guidelines for future research.

Download Full-text

Mobile Government Applications Based on Security and Privacy: A Literature Review

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i4.1.19492 ◽

2018 ◽

Vol 7 (4.1) ◽

pp. 51

Author(s):

Ala'a Saeb Al-Sherideh ◽

Roesnita Ismail ◽

Fauziah Abdul Wahid ◽

Norasikin Fabil ◽

Waidah Ismail

Keyword(s):

Literature Review ◽

Mobile Applications ◽

Public Services ◽

Security Requirements ◽

Security And Privacy ◽

Privacy And Security ◽

The Public ◽

Privacy Requirements ◽

Security Issues ◽

The Government

Mobile applications available in anytime and from anywhere. The utilizing of mobile governmental applications is significant to reduce the efforts and time that are required to accomplish the public services by citizens. The main challenges that face the acceptance and adoption of mobile governmental applications are the privacy and security issues. The users, who do not trust the security of mobile governmental applications, may reject the use of these applications which discourages the government to adopt the mobile services. This study focuses in investigating the security and privacy requirements of mobile government applications. Many related works are reviewed and discussed to understand the important security requirements of mobile government applications. The main results indicate that effective privacy and security of mobile government applications should be assured so as to enhance the level of adopting and using these applications. The security requirements involve many considerations such as the hardware characteristics, software characteristics, and communication characteristics. This article mainly gives better understanding of security requirements of mobile government applications.

Download Full-text

Application of Blockchain for Internet of Things: A Bibliometric Analysis

Mathematical Problems in Engineering ◽

10.1155/2021/5547530 ◽

2021 ◽

Vol 2021 ◽

pp. 1-16

Author(s):

Ruijun Duan ◽

Li Guo

Keyword(s):

Internet Of Things ◽

Business Models ◽

Citation Index ◽

Security Requirements ◽

Future Research ◽

Privacy And Security ◽

Bibliometric Method ◽

Research Directions ◽

Security Issues ◽

Future Research Directions

As a disruptive emerging technology, the Internet of things (IoT) has rapidly developed, but its privacy risks and security vulnerabilities are still key challenges. The decentralized and distributed architecture of blockchain has the potential to satisfy IoT privacy and security requirements. This gives birth to the new domain of blockchain for IoT (BIoT). BIoT will cause significant transformations across several industries, paving the way for new business models. Based on the Science Citation Index Expanded (SCIE) and Social Sciences Citation Index (SSCI) databases in Web of Science (WoS) Core Collection, this study aims to explore the research trends and cooperation in the field of BIoT using the bibliometric method. The results indicate that the publications in this field have increased significantly from 2016 to 2020, with China and the USA being the most productive and influential countries. Keyword co-occurrence analysis shows that the most important research topics are as follows: security issues, core technologies, application dimensions, and transaction processes. Text mining analysis indicates that future research directions for BloT will focus more on both computing paradigms and key applications. This study will provide researchers with a greater understanding on the state of the art of BIoT and will serve as a reference for researchers engaging in this field to identify their own future research directions.

Download Full-text

A Theoretical Framework of the Relationship between Public Accounting Firms and Their Auditors

Behavioral Research in Accounting ◽

10.2308/bria.2005.17.1.1 ◽

2005 ◽

Vol 17 (1) ◽

pp. 1-22 ◽

Cited By ~ 27

Author(s):

Elizabeth Dreike Almer ◽

Julia L. Higgs ◽

Karen L. Hooks

Keyword(s):

Future Research ◽

Public Accounting ◽

Accounting Firms ◽

The Public ◽

Sociology Of Professions ◽

Rich Description ◽

Public Accounting Firms ◽

Current Article ◽

The Relationship ◽

Significant Attention

The behavior of auditors in the context of their employment by public accounting firms has received significant attention in the accounting literature. The current article extends this literature by providing a framework that identifies what auditing professionals contribute and receive as a result of their work efforts, as well as related influences. Using agency theory modified with fundamental ideas from the sociology of professions literature, we develop a model of the auditor-public accounting firm employment relationship. This framework is grounded in a timely, contextually rich description of the public accounting work environment, and the pressures and incentives faced by auditors. Propositions for future research are suggested that arise from understanding the auditor-firm relationship.

Download Full-text

A New Secure and Anonymous Metering Scheme for Smart Grid Communications

Energies ◽

10.3390/en12244751 ◽

2019 ◽

Vol 12 (24) ◽

pp. 4751 ◽

Cited By ~ 2

Author(s):

Shaohao Xie ◽

Fangguo Zhang ◽

Huizhi Lin ◽

Yangtong Tian

Keyword(s):

Smart Grid ◽

Security Requirements ◽

Smart Meter ◽

Privacy And Security ◽

Trusted Platform Module ◽

Fine Grained ◽

Smart Grid Communications ◽

Security Issues ◽

Trusted Platform ◽

Smart Grid Communication

The smart meter is one of the most important components of the smart grid, which enables bi-directional communication between electric power providers and in-home appliances. However, the fine-grained metering mechanism that reports real-time electricity usage to the provider may result in some privacy and security issues for the owner of the smart meter. In this paper, we propose a new secure and anonymous smart metering scheme based on the technique of direct anonymous attestation and identity-based signatures. We utilize the trusted platform module to realize the tamper resistance of the smart meter. Moreover, our scheme is able to detect malfunctioning meters in which data is reported more than once in a time period. Finally, the performance and security results show that our proposed scheme is efficient and satisfies the security requirements of the smart grid communication system.

Download Full-text

Mobile and Wearable Sensing for the Monitoring of Diabetes-related Parameters: Systematic Review (Preprint)

10.2196/preprints.25138 ◽

2020 ◽

Author(s):

Ciro Rodriguez-Leon ◽

Claudia Villalonga ◽

Manuel Munoz-Torres ◽

Jonatan R Ruiz ◽

Oresti Banos

Keyword(s):

Diabetes Mellitus ◽

Systematic Review ◽

Web Of Science ◽

Wearable Devices ◽

Future Research ◽

Health State ◽

Eligibility Criteria ◽

Privacy And Security ◽

Security Issues ◽

Care Services

BACKGROUND Diabetes mellitus is a metabolic disorder suffered by hundreds of millions of people worldwide and causing several million deaths every year. Such a dramatic scenario puts quite some pressure on administrations, care services and the scientific community to seek novel solutions that may help controlling and dealing effectively with this condition and its consequences. OBJECTIVE This study is aimed at reviewing the literature on the use of modern mobile and wearable technology for monitoring parameters that condition the development and/or evolution of diabetes mellitus. METHODS A systematic review of articles published between January 2010 and July 2020 was performed following PRISMA guidelines. Manuscripts indexed in Web of Science and SCOPUS databases were included if they involved the measurement of diabetes-related parameters, such as blood glucose level, performed physical activity or feet condition, via wearable or mobile devices. RESULTS The search yielded 1587 articles. Altogether, 26 publications met the eligibility criteria and were included in the review. Studies used predominantly wearable devices for monitoring diabetes-related parameters. The accelerometer was by far the most used sensor, followed by the glucose monitor and the heart rate monitor. Most studies applied some kind of processing to the collected data mainly consisting of statistical analysis or machine learning for activity recognition, finding associations among health outcomes, and diagnosing conditions related to diabetes. Privacy or security issues were seldom addressed, and if so, at a rather insufficient level. CONCLUSIONS The use of mobile and wearable devices for the monitoring of diabetes-related parameters shows early promise. Its development can benefit diabetes patients, healthcare professionals and researchers. To evolve this area future research must pay special attention to privacy and security issues, the use of new emerging sensor technologies, and the combination of mobile and clinical data for a holistic and seamless understanding of the patient's health state.

Download Full-text

FORECASTING COSTS OF CYBER ATTACKS USING ESTIMATION THE GLOBAL COST OF CYBER RISK CALCULATOR V 1.2

Selected papers of the International Scientific Conference “Contemporary Issues in Business, Management and Economics Engineering 2021” ◽

10.3846/cibmee.2021.618 ◽

2021 ◽

Author(s):

Julija Gavėnaitė-Sirvydienė ◽

Algita Miečinskienė

Keyword(s):

Cyber Security ◽

Cyber Attacks ◽

Future Research ◽

Risk Calculator ◽

Estimation Model ◽

The Public ◽

Security Issues ◽

Baltic Countries ◽

Global Cost ◽

Cyber Risk

Purpose – due to the constant increase of cyber-attacks not only the measures of identifying and controlling cyber risks are created, but also the methods of estimating possible cyber-attacks financial costs should be developed to increase business preparedness. The purpose of this research is to forecast potential costs of cyber-attacks in Baltic countries. Research methodology – to achieve the aim of the article and prepare a prognosis of possible cyber-attacks costs the Estimation the Global Costs of Cyber Risk Calculator V 1.2 tool was used. Findings – estimated costs of cyber-attacks in Lithuania, Latvia and Estonia are highest in the public business and ser-vices sector and also in the defense sector. According to conducted calculations the costs of cyber-attacks in Lithuania will reach 1% of GDP of Lithuania by 2026. Research limitations – in this research the costs of cyber-attacks are estimated regarding industries of business but not excluding specific cyber threats. Therefore, for the future research possibilities could be the analyses of specific cyber risks and their impact to various business sectors. Practical implications – the results of the research may be useful in practical approach for preparing the risk manage-ment tools, evaluating possible damage and effect of cyber-attacks to business, also increasing preparedness level and business resilience. Originality/Value – this estimation model has been not used to evaluate and discuss cyber-risks costs in Lithuania among previous researches, therefore the topic and conducted results are original and significantly relevant for further analyses of cyber security issues in Lithuania.

Download Full-text

Securing Environmental IoT Data Using Masked Authentication Messaging Protocol in a DAG-Based Blockchain: IOTA Tangle

Future Internet ◽

10.3390/fi13120312 ◽

2021 ◽

Vol 13 (12) ◽

pp. 312

Author(s):

Pranav Gangwani ◽

Alexander Perez-Pons ◽

Tushar Bhardwaj ◽

Himanshu Upadhyay ◽

Santosh Joshi ◽

...

Keyword(s):

Communication Protocol ◽

Data Communication ◽

Sensor Data ◽

Privacy And Security ◽

Adoption Of Technology ◽

Storage And Retrieval ◽

Security Issues ◽

Distributed Ledger ◽

Digital Monitoring ◽

Iot Devices

The demand for the digital monitoring of environmental ecosystems is high and growing rapidly as a means of protecting the public and managing the environment. However, before data, algorithms, and models can be mobilized at scale, there are considerable concerns associated with privacy and security that can negatively affect the adoption of technology within this domain. In this paper, we propose the advancement of electronic environmental monitoring through the capability provided by the blockchain. The blockchain’s use of a distributed ledger as its underlying infrastructure is an attractive approach to counter these privacy and security issues, although its performance and ability to manage sensor data must be assessed. We focus on a new distributed ledger technology for the IoT, called IOTA, that is based on a directed acyclic graph. IOTA overcomes the current limitations of the blockchain and offers a data communication protocol called masked authenticated messaging for secure data sharing among Internet of Things (IoT) devices. We show how the application layer employing the data communication protocol, MAM, can support the secure transmission, storage, and retrieval of encrypted environmental sensor data by using an immutable distributed ledger such as that shown in IOTA. Finally, we evaluate, compare, and analyze the performance of the MAM protocol against a non-protocol approach.

Download Full-text

Comprehensive Study on Incorporation of Blockchain Technology With IoT Enterprises

Advances in Data Mining and Database Management - Opportunities and Challenges for Blockchain Technology in Autonomous Vehicles ◽

10.4018/978-1-7998-3295-9.ch002 ◽

2021 ◽

pp. 22-33

Author(s):

Ashok Kumar Yadav

Keyword(s):

Process Management ◽

Single Point ◽

Future Research ◽

Portable Devices ◽

Privacy And Security ◽

Consensus Algorithms ◽

Security Issues ◽

Blockchain Technology ◽

Computation Process ◽

Security Challenges

Unprecedented advancement in wireless technology, storage, and computing power of portable devices with the gigabyte speed of internet connectivity enables the possibility of communication among machine to machine. IoT has a different way to connect many nodes simultaneously to store, access, and share the information to improve the quality of life by the elimination of the involvement of human. Irrespective of unlimited benefit, IoT has so many issues that arise to eclipse IoT in reality because of its centralized model. Scalability, reliability, privacy, and security challenges are rising because of the huge numbers of IoT nodes, centralized architecture, and complex networks. Centralized architecture may lead to problems like a single point of failure, single way traffic, huge infrastructure cost, privacy, security, and single source of trust. Therefore, to overcome the issues of the centralized infrastructure of the IoT, the authors diverted to decentralized infrastructure. It may be the best decision in terms of performance, reliability, security, privacy, and trust. Blockchain is an influential latest decentralization technology to decentralize computation, process management, and trust. A combination of blockchain with IoT may have the potential to solve scalability, reliability, privacy, and security issues of IoT. This chapter has an overview of some important consensus algorithms, IoT challenges, integration of the blockchain with IoT, its challenges, and future research issues of a combination of blockchain and IoT are also discussed.

Download Full-text

Addressing Security Issues and Standards in Internet of Things

Emerging Trends and Applications in Cognitive Computing - Advances in Computational Intelligence and Robotics ◽

10.4018/978-1-5225-5793-7.ch010 ◽

2019 ◽

pp. 224-257 ◽

Cited By ~ 1

Author(s):

Sushruta Mishra ◽

Soumya Sahoo ◽

Brojo Kishore Mishra

Keyword(s):

Internet Of Things ◽

Real Life ◽

Future Internet ◽

Security And Privacy ◽

Future Research ◽

Privacy And Security ◽

Privacy Concerns ◽

Security Issues ◽

Novel Approach ◽

Trusted Platform

In the IoTs era, the short-range mobile transceivers will be implanted in a variety of daily requirements. In this chapter, a detail survey in several security and privacy concerns related to internet of things (IoTs) by defining some open challenges are discussed. The privacy and security implications of such an evolution should be carefully considered to the promising technology. The protection of data and privacy of users has been identified as one of the key challenges in the IoT. In this chapter, the authors present internet of things with architecture and design goals. They survey security and privacy concerns at different layers in IoTs. In addition, they identify several open issues related to the security and privacy that need to be addressed by research community to make a secure and trusted platform for the delivery of future internet of things. The authors also discuss applications of IoTs in real life. A novel approach based on cognitive IoT is presented, and a detailed study is undertaken. In the future, research on the IoTs will remain a hot issue.

Download Full-text

Blockchain Platforms and Access Control Classification for IoT Systems

Symmetry ◽

10.3390/sym12101663 ◽

2020 ◽

Vol 12 (10) ◽

pp. 1663

Author(s):

Adam Ibrahim Abdi ◽

Fathy Elbouraey Eassa ◽

Kamal Jambi ◽

Khalid Almarhabi ◽

Abdullah Saad AL-Malaise AL-Ghamdi

Keyword(s):

Access Control ◽

Single Point ◽

Security And Privacy ◽

Future Research ◽

Control Mechanisms ◽

Privacy And Security ◽

Security Issues ◽

Massive Growth ◽

Blockchain Technology ◽

Comparison Table

The Internet of Things paradigm is growing rapidly. In fact, controlling this massive growth of IoT globally raises new security and privacy issues. The traditional access control mechanisms provide security to IoT systems such as DAC (discretionary access control) and mandatory access control (MAC). However, these mechanisms are based on central authority management, which raises some issues such as absence of scalability, single point of failure, and lack of privacy. Recently, the decentralized and immutable nature of blockchain technology integrated with access control can help to overcome privacy and security issues in the IoT. This paper presents a review of different access control mechanisms in IoT systems. We present a comparison table of reviewed access control mechanisms. The mechanisms’ scalability, distribution, security, user-centric, privacy and policy enforcing are compared. In addition, we provide access control classifications. Finally, we highlight challenges and future research directions in developing decentralized access control mechanisms for IoT systems.

Download Full-text