Secure Smart Cameras by Aggregate-Signcryption with Decryption Fairness for Multi-Receiver IoT Applications

Smart cameras are key sensors in Internet of Things (IoT) applications and often capture highly sensitive information. Therefore, security and privacy protection is a key concern. This paper introduces a lightweight security approach for smart camera IoT applications based on elliptic-curve (EC) signcryption that performs data signing and encryption in a single step. We deploy signcryption to efficiently protect sensitive data onboard the cameras and secure the data transfer from multiple cameras to multiple monitoring devices. Our multi-sender/multi-receiver approach provides integrity, authenticity, and confidentiality of data with decryption fairness for multiple receivers throughout the entire lifetime of the data. It further provides public verifiability and forward secrecy of data. Our certificateless multi-receiver aggregate-signcryption protection has been implemented for a smart camera IoT scenario, and the runtime and communication effort has been compared with single-sender/single-receiver and multi-sender/single-receiver setups.

Download Full-text

A password-authenticated secure channel for App to Java Card applet communication

International Journal of Pervasive Computing and Communications ◽

10.1108/ijpcc-09-2015-0032 ◽

2015 ◽

Vol 11 (4) ◽

pp. 374-397 ◽

Cited By ~ 4

Author(s):

Michael Hölzl ◽

Endalkachew Asnake ◽

Rene Mayrhofer ◽

Michael Roland

Keyword(s):

Mobile Devices ◽

Data Transfer ◽

Computation Time ◽

Security And Privacy ◽

Sensitive Data ◽

Content Type ◽

Fine Grained ◽

Java Card ◽

Dedicated Hardware ◽

Secure Channel

Purpose – The purpose of this paper is to design, implement and evaluate the usage of the password-authenticated secure channel protocol SRP to protect the communication of a mobile application to a Java Card applet. The usage of security and privacy sensitive systems on mobile devices, such as mobile banking, mobile credit cards, mobile ticketing or mobile digital identities has continuously risen in recent years. This development makes the protection of personal and security sensitive data on mobile devices more important than ever. Design/methodology/approach – A common approach for the protection of sensitive data is to use additional hardware such as smart cards or secure elements. The communication between such dedicated hardware and back-end management systems uses strong cryptography. However, the data transfer between applications on the mobile device and so-called applets on the dedicated hardware is often either unencrypted (and interceptable by malicious software) or encrypted with static keys stored in applications. Findings – To address this issue, this paper presents a solution for fine-grained secure application-to-applet communication based on Secure Remote Password (SRP-6a and SRP-5), an authenticated key agreement protocol, with a user-provided password at run-time. Originality/value – By exploiting the Java Card cryptographic application programming interfaces (APIs) and minor adaptations to the protocol, which do not affect the security, the authors were able to implement this scheme on Java Cards with reasonable computation time.

Download Full-text

Practical and Provably Secure Distributed Aggregation: Verifiable Additive Homomorphic Secret Sharing

Cryptography ◽

10.3390/cryptography4030025 ◽

2020 ◽

Vol 4 (3) ◽

pp. 25

Author(s):

Georgia Tsaloli ◽

Gustavo Banegas ◽

Aikaterini Mitrokotsa

Keyword(s):

Secret Sharing ◽

Security And Privacy ◽

Sensitive Information ◽

Signature Scheme ◽

Secret Data ◽

Public Verifiability ◽

Client Side ◽

Homomorphic Signatures ◽

Multiple Clients ◽

Provably Secure

Often clients (e.g., sensors, organizations) need to outsource joint computations that are based on some joint inputs to external untrusted servers. These computations often rely on the aggregation of data collected from multiple clients, while the clients want to guarantee that the results are correct and, thus, an output that can be publicly verified is required. However, important security and privacy challenges are raised, since clients may hold sensitive information. In this paper, we propose an approach, called verifiable additive homomorphic secret sharing (VAHSS), to achieve practical and provably secure aggregation of data, while allowing for the clients to protect their secret data and providing public verifiability i.e., everyone should be able to verify the correctness of the computed result. We propose three VAHSS constructions by combining an additive homomorphic secret sharing (HSS) scheme, for computing the sum of the clients’ secret inputs, and three different methods for achieving public verifiability, namely: (i) homomorphic collision-resistant hash functions; (ii) linear homomorphic signatures; as well as (iii) a threshold RSA signature scheme. In all three constructions, we provide a detailed correctness, security, and verifiability analysis and detailed experimental evaluations. Our results demonstrate the efficiency of our proposed constructions, especially from the client side.

Download Full-text

Enhancement of an Optimized Key for Database Sanitization to Ensure the Security and Privacy of an Autism Dataset

Symmetry ◽

10.3390/sym13101912 ◽

2021 ◽

Vol 13 (10) ◽

pp. 1912

Author(s):

Md. Mokhlesur Rahman ◽

Ravie Chandren Muniyandi ◽

Shahnorbanun Sahran ◽

Suziyani Mohamed

Keyword(s):

Data Security ◽

Daily Basis ◽

Data Encryption ◽

Security And Privacy ◽

Sensitive Information ◽

Sensitive Data ◽

Data Sanitization ◽

Algorithmic Framework ◽

Computational Resources ◽

Disk Encryption

Interrupting, altering, or stealing autism-related sensitive data by cyber attackers is a lucrative business which is increasing in prevalence on a daily basis. Enhancing the security and privacy of autism data while adhering to the symmetric encryption concept is a critical challenge in the field of information security. To identify autism perfectly and for its data protection, the security and privacy of these data are pivotal concerns when transmitting information over the Internet. Consequently, researchers utilize software or hardware disk encryption, data backup, Data Encryption Standard (DES), TripleDES, Advanced Encryption Standard (AES), Rivest Cipher 4 (RC4), and others. Moreover, several studies employ k-anonymity and query to address security concerns, but these necessitate a significant amount of time and computational resources. Here, we proposed the sanitization approach for autism data security and privacy. During this sanitization process, sensitive data are concealed, which avoids the leakage of sensitive information. An optimal key was generated based on our improved meta-heuristic algorithmic framework called Enhanced Combined PSO-GWO (Particle Swarm Optimization-Grey Wolf Optimization) framework. Finally, we compared our simulation results with traditional algorithms, and it achieved increased output effectively. Therefore, this finding shows that data security and privacy in autism can be improved by enhancing an optimal key used in the data sanitization process to prevent unauthorized access to and misuse of data.

Download Full-text

A Secured Public Auditing Protocol with Dynamic Structure for Cloud Data

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.a1019.1191s19 ◽

2019 ◽

Vol 9 (1S) ◽

pp. 81-85

Keyword(s):

Data Security ◽

Information Hiding ◽

Research Work ◽

Dynamic Structure ◽

Data Integrity ◽

Third Party ◽

Security And Privacy ◽

Sensitive Information ◽

Sensitive Data ◽

Cloud Data

At present Cloud computing is a very successful paradigm for data computing and storage. It Increases the concerns about data security and privacy in the cloud. Paper covers cloud security and privacy research, while focusing on the works that protect data confidentiality and privacy for sensitive data being stored and queried in the cloud. As Survey enlist all the research carried out related to data security and users privacy preserving techniques in detail. Data sharing can be achieved with sensitive information hiding with remote data integrity auditing, propose a new concept called identity based shared data integrity auditing with sensitive information hiding for secure cloud storage. Initially every data would be outsourced to the cloud only after authorized or activated by the proxy. The key would be generated to the file randomly by the key generation Centre. The transaction details such as key mismatch, file upload and download, hacking details would be shown to the proxy and cloud server. If the match occurs, automatically file would be recovered by the user even if hacker access or tamper the file. The main motive is to ensure that when the cloud properly stores the user’s sanitized data, the proof it generates can pass the verification of the third party auditor. And the paper provides various research work done in the field

Download Full-text

Security and privacy concerned association rule mining technique for the accurate frequent pattern identification

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i1.1.8908 ◽

2017 ◽

Vol 7 (1.1) ◽

pp. 19

Author(s):

T. Nusrat Jabeen ◽

M. Chidambaram ◽

G. Suseendran

Keyword(s):

Association Rule ◽

Association Rule Mining ◽

Frequent Pattern ◽

Security And Privacy ◽

Sensitive Information ◽

Simulation Environment ◽

Rule Mining ◽

Mining Technique ◽

Diffie Hellman

Security and privacy has emerged to be a serious concern in which the business professional don’t desire to share their classified transaction data. In the earlier work, secured sharing of transaction databases are carried out. The performance of those methods is enhanced further by bringing in Security and Privacy aware Large Database Association Rule Mining (SPLD-ARM) framework. Now the Improved Secured Association Rule Mining (ISARM) is introduced for the horizontal and vertical segmentation of huge database. Then k-Anonymization methods referred to as suppression and generalization based Anonymization method is employed for privacy guarantee. At last, Diffie-Hellman encryption algorithm is presented in order to safeguard the sensitive information and for the storage service provider to work on encrypted information. The Diffie-Hellman algorithm is utilized for increasing the quality of the system on the overall by the generation of the secured keys and thus the actual data is protected more efficiently. Realization of the newly introduced technique is conducted in the java simulation environment that reveals that the newly introduced technique accomplishes privacy in addition to security.

Download Full-text

FPGA Based Embedded Implementation of Video Summary Generation Scheme in Smart Camera

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.403-408.516 ◽

2011 ◽

Vol 403-408 ◽

pp. 516-521 ◽

Cited By ~ 2

Author(s):

Sanjay Singh ◽

Srinivasa Murali Dunga ◽

AS Mandal ◽

Chandra Shekhar ◽

Santanu Chaudhury

Keyword(s):

Detection Algorithm ◽

Smart Camera ◽

Camera System ◽

Smart Cameras ◽

Embedded Platform ◽

Video Summary ◽

Embedded Design ◽

Multiple Frames ◽

Computationally Intensive ◽

Embedded Implementation

In any remote surveillance scenario, smart cameras have to take intelligent decisions to generate summary frames to minimize communication and processing overhead. Video summary generation, in the context of smart camera, is the process of merging the information from multiple frames. A summary generation scheme based on clustering based change detection algorithm has been implemented in our smart camera system for generating frames to deliver requisite information. In this paper we propose an embedded platform based framework for implementing summary generation scheme using HW-SW Co-Design based methodology. The complete system is implemented on Xilinx XUP Virtex-II Pro FPGA board. The overall algorithm is running on PowerPC405 and some of the blocks which are computationally intensive and more frequently called are implemented in hardware using VHDL. The system is designed using Xilinx Embedded Design Kit (EDK).

Download Full-text

Background Use of Sensitive Information to Aid in Analysis of Non-sensitive Data on Threats and Vulnerabilities

Intelligence and Security Informatics - Lecture Notes in Computer Science ◽

10.1007/11427995_92 ◽

2005 ◽

pp. 652-653

Author(s):

Richard. A. Smith

Keyword(s):

Sensitive Information ◽

Sensitive Data

Download Full-text

Aggregate-Signcryption for Securing Smart Camera IoT Applications

2018 Global Internet of Things Summit (GIoTS) ◽

10.1109/giots.2018.8534434 ◽

2018 ◽

Cited By ~ 2

Author(s):

Subhan Ullah ◽

Federico Russo ◽

Lucio Marcenaro ◽

Bernhard Rinner

Keyword(s):

Smart Camera ◽

Iot Applications

Download Full-text

Privacy and Security Issues in Online Social Networks

Future Internet ◽

10.3390/fi10120114 ◽

2018 ◽

Vol 10 (12) ◽

pp. 114 ◽

Cited By ~ 14

Author(s):

Shaukat Ali ◽

Naveed Islam ◽

Azhar Rauf ◽

Ikram Din ◽

Mohsen Guizani ◽

...

Keyword(s):

Social Networks ◽

Online Social Networks ◽

Virtual Communities ◽

Service Providers ◽

Security And Privacy ◽

Security Issue ◽

Sensitive Data ◽

Privacy And Security ◽

Security Issues ◽

Social Sphere

The advent of online social networks (OSN) has transformed a common passive reader into a content contributor. It has allowed users to share information and exchange opinions, and also express themselves in online virtual communities to interact with other users of similar interests. However, OSN have turned the social sphere of users into the commercial sphere. This should create a privacy and security issue for OSN users. OSN service providers collect the private and sensitive data of their customers that can be misused by data collectors, third parties, or by unauthorized users. In this paper, common security and privacy issues are explained along with recommendations to OSN users to protect themselves from these issues whenever they use social media.

Download Full-text

SEF4CPSIoT Software Engineering Framework for Cyber-Physical and IoT Systems

International Journal of Hyperconnectivity and the Internet of Things ◽

10.4018/ijhiot.2021010101 ◽

2021 ◽

Vol 5 (1) ◽

pp. 1-24

Author(s):

Muthu Ramachandran

Keyword(s):

Software Engineering ◽

Smart Home ◽

Cyber Physical Systems ◽

Classification Model ◽

Security And Privacy ◽

Physical Systems ◽

Iot Applications ◽

Communications Technologies ◽

Efficient Control ◽

Efficient Integration

Cyber-physical systems (CPS) have emerged to address the need for more efficient integration of modern advancement in cyber and wireless communications technologies such as 5G with physical objects. In addition, CPSs systems also needed to efficient control of security and privacy when we compare them with internet of things (IoT). In recent years, we experienced lack of security concerns with smart home IoT applications such as home security camera, etc. Therefore, this paper proposes a systematic software engineering framework for CPS and IoT systems. This paper also proposed a comprehensive requirements engineering framework for CPS-IoT applications which can also be specified using BPMN modelling and simulation to verify and validate CPS-IoT requirements with smart contracts. In this context, one of the key contribution of this paper is the innovative and generic requirements classification model for CPS-IoT application services, and this can also be applied to other emerging technologies such as fog, edge, cloud, and blockchain computing.

Download Full-text