scholarly journals Privacy-aware Decentralized and Scalable Access Control Management for IoT Environment

2019 ◽  
Vol 8 (1) ◽  
pp. 71-84 ◽  
Author(s):  
Abrar O. Alkhamisi and Fathy Alboraei Abrar O. Alkhamisi and Fathy Alboraei
Keyword(s):  
Access Control ◽  
Contextual Information ◽  
Vital Role ◽  
Control Mechanisms ◽  
Resource Constrained ◽  
Blockchain Technology ◽  
Smart Contract ◽  
Authentication And Authorization ◽  
Security Concerns ◽  
Iot Devices

In recent years, the Internet of Things (IoT) plays a vital role in our daily activities .Owing to the increased number of vulnerabilities on the IoT devices, security becomes critical in the untrustworthy IoT environment. Access control is one of the top security concerns, however, implementing the traditional access control mechanisms in the resource-constrained nature of the IoT devices is a challenging task. With the emergence of blockchain technology, several recent research works have focused on the adoption of blockchain in IoT to resolve the security concerns. Despite, integrating the blockchain in the resource-constrained IoT context is difficult. To overcome these obstacles, the proposed work presents a privacy-aware IoT security architecture to ensure the access control based on Smart contract for resource-constrained and distributed IoT devices. The design of the proposed architecture incorporates three main components such as the contextual blockchain gateway, decentralized revocation manager, and non-interactive zero-knowledge proof based validation. By modeling the contextual blockchain gateway, the proposed architecture ensures the dynamic authentication and authorization based on the contextual information and access policies. Instead of integrating the blockchain technology into resource-constrained IoT devices, the smart contract-based distributed access control system with the contextual blockchain gateway provides the scalable solution. With the association of decentralized revocation manager in the smart contract, it prevents the resource access from the unauthorized users by dynamically generating and updating the revoked user list of all the nodes in the smart contract. Moreover, the proposed architecture employs the non-interactive zeroknowledge proof cryptographic protocol to ensure the transaction privacy within the smart contract. Consequently, it maintains the trade-off between the transparency and privacy while ensuring the security for the distributed IoT environment.

A Study of Use Cases for Smart Contracts Using Blockchain Technology

2021 ◽  
pp. 1823-1844
Author(s):  
S R Mani Sekhar ◽  
Siddesh G M ◽  
Swapnil Kalra ◽  
Shaswat Anand
Keyword(s):  
Natural Disaster ◽  
Vital Role ◽  
Use Cases ◽  
Use Case ◽  
Smart Contracts ◽  
Digital Identity ◽  
Blockchain Technology ◽  
Smart Contract ◽  
Healthcare Finance ◽  
Natural Disaster Management

Blockchain technology is an emerging and rapidly growing technology in the current world scenario. It is a collection of records connected through cryptography. They play a vital role in smart contracts. Smart contracts are present in blockchains which are self-controlled and trustable. It can be integrated across various domains like healthcare, finance, self-sovereign identity, governance, logistics management and home care, etc. The purpose of this article is to analyze the various use cases of smart contracts in different domains and come up with a model which may be used in the future. Subsequently, a detailed description of a smart contract and blockchain is provided. Next, different case-studies related to five different domains is discussed with the help of use case diagrams. Finally, a solution for natural disaster management has been proposed by integrating smart contract, digital identity, policies and blockchain technologies, which can be used effectively for providing relief to victims during times of natural disaster.

scholarly journals Reliable Task Management Based on a Smart Contract for Runtime Verification of Sensing and Actuating Tasks in IoT Environments

Sensors ◽  
2020 ◽  
Vol 20 (4) ◽  
pp. 1207 ◽  
Author(s):  
Lei Hang ◽  
Do-Hyeun Kim
Keyword(s):  
Access Control ◽  
Comprehensive Evaluation ◽  
Runtime Verification ◽  
Security And Privacy ◽  
Raspberry Pi ◽  
Task Management ◽  
Business Logic ◽  
Blockchain Technology ◽  
Smart Contract ◽  
Networking Technologies

With the gradual popularization of Internet-of-Things (IoT) applications and the development of wireless networking technologies, the use of heterogeneous devices and runtime verification of task fulfillment with different constraints are required in real-world IoT scenarios. As far as IoT systems are concerned, most of them are built on centralized architectures, which reveal various assailable points in data security and privacy threats. Hence, this paper aims to investigate these issues by delegating the responsibility of a verification monitor from a centralized architecture to a decentralized manner using blockchain technology. We present a smart contract-based task management scheme to provide runtime verification of device behaviors and allows trustworthy access control to these devices. The business logic of the proposed system is specified by the smart contract, which automates all time-consuming processes cryptographically and correctly. The usability of the proposed solution is further demonstrated by implementing a prototype application in which the Hyperledger Fabric is utilized to implement the business logic for runtime verification and access control with one desktop and one Raspberry Pi. A comprehensive evaluation experiment is conducted, and the results indicate the effectiveness and efficiency of the proposed system.

Towards the Integration of Blockchain and IoT for Security Challenges in IoT

2020 ◽  
pp. 45-67 ◽  
Author(s):  
K. Dinesh Kumar ◽  
Venkata Rathnam T. ◽  
Venkata Ramana R. ◽  
M. Sudhakara ◽  
Ravi Kumar Poluru
Keyword(s):  
Internet Of Things ◽  
Security Management ◽  
Vital Role ◽  
Management Systems ◽  
Iot Security ◽  
Communication Architecture ◽  
Secure Systems ◽  
Security Issues ◽  
Blockchain Technology ◽  
Iot Devices

Internet of things (IoT) technology plays a vital role in the current technologies because IoT develops a network by integrating different kinds of objects and sensors to create the communication among objects directly without human interaction. With the presence of internet of things technology in our daily comes smart thinking and various advantages. At the same time, secure systems have been a most important concern for the protection of information systems and networks. However, adopting traditional security management systems in the internet of things leads several issues due to the limited privacy and policies like privacy standards, protocol stacks, and authentication rules. Usually, IoT devices has limited network capacities, storage, and computing processors. So they are having more chances to attacks. Data security, privacy, and reliability are three main challenges in the IoT security domain. To address the solutions for the above issues, IoT technology has to provide advanced privacy and policies in this large incoming data source. Blockchain is one of the trending technologies in the privacy management to provide the security. So this chapter is focused on the blockchain technologies which can be able to solve several IoT security issues. This review mainly focused on the state-of-the-art IoT security issues and vulnerabilities by existing review works in the IoT security domains. The taxonomy is presented about security issues in the view of communication, architecture, and applications. Also presented are the challenges of IoT security management systems. The main aim of this chapter is to describe the importance of blockchain technology in IoT security systems. Finally, it highlights the future directions of blockchain technology roles in IoT systems, which can be helpful for further improvements.

scholarly journals A Non-Interactive Attribute-Based Access Control Scheme by Blockchain for IoT

Electronics ◽  
2021 ◽  
Vol 10 (15) ◽  
pp. 1855
Author(s):  
Qiliang Yang ◽  
Mingrui Zhang ◽  
Yanwei Zhou ◽  
Tao Wang ◽  
Zhe Xia ◽  
...  
Keyword(s):  
Access Control ◽  
High Efficiency ◽  
Denial Of Service ◽  
Control Mechanisms ◽  
Access Policy ◽  
Blockchain Technology ◽  
Access Problem ◽  
Data User ◽  
Control Scheme ◽  
Attribute Based Access Control

As an important method of protecting data confidentiality in the Internet of Things (IoT), access control has been widely concerned. Because attribute-based access control mechanisms are dynamic, it is not only suitable to solve the dynamic access problem in IoT, but also to deal with the dynamic caused by node movement and access data change. The traditional centralized attribute-based access control mechanism has some problems: due to the large number of devices in IoT, the central trusted entity may become the bottleneck of the whole system. Moreover, when a central trusted entity is under distributed denial-of-service (DDoS) attack, the entire system may crash. Blockchain is a good way to solve the above problems. Therefore, we developed a non-interactive, attribute-based access control scheme that applies blockchain technology in IoT scenarios by using PSI technology. In addition, the attributes of data user and data holder are hidden, which protects the privacy of both parties’ attributes and access policy. Furthermore, the experimental results indicate that our scheme has high efficiency.

scholarly journals A Research on impact of Blockchain in Healthcare

2019 ◽  
Vol 8 (9S2) ◽  
pp. 35-40
Keyword(s):  
Third Party ◽  
Security And Privacy ◽  
Privacy Concerns ◽  
Blockchain Technology ◽  
Location Sharing ◽  
Authentication And Authorization ◽  
Promising Solution ◽  
Iot Devices ◽  
Remote Patient ◽  
Education Science

Blockchain refers to a distributed ledger technology that represents an innovation in recording and sharing information without the need for a trusted third party. Blockchain technology offers new tools for security and privacy concerns. Marching towards digitization and analytics, this technology emerges as a promising solution for authentication and authorization issues. It sounds so amazing that this technology that originated with cryptocurrencies could not only be applied in digital contracts, financial and public records, and property ownership but also in medicine, education, science and so on. The use case of this technology springs up in every possible direction. This article first analyses the need for this breakthrough technology and explains how this technology works. This work presents a review on various types of blockchain, the consensus mechanisms used, their advantages and limitations. It provides an overview on the various use cases of this technology. This work mainly focuses on its application in Healthcare. The goal of this article is to analyze the usage of Blockchain technology in various fields of Healthcare such as Electronic Health Record, Health Insurance, Biomedical Research, Drug Supply, Medical Education, Remote Patient Monitoring, Interoperability, Location Sharing etc., It investigates the current research trends and finds the gaps and limitations of these approaches. Moreover, it proposes some enhancements to fill in the gaps in the present approach. This work also analyses the importance of Wearable Internet of Things (IoT) devices in HealthCare and the integration of these devices with Blockchain. Finally, this work concludes by comparing Blockchain 3.0 with previous versions.

scholarly journals An ECDSA Approach to Access Control in Knowledge Management Systems Using Blockchain

Information ◽  
2020 ◽  
Vol 11 (2) ◽  
pp. 111 ◽  
Author(s):  
Gabriel Nyame ◽  
Zhiguang Qin ◽  
Kwame Opuni-Boachie Obour Agyekum ◽  
Emmanuel Boateng Sifah
Keyword(s):  
Knowledge Management ◽  
Access Control ◽  
User Authentication ◽  
Knowledge Management System ◽  
System Model ◽  
Management Systems ◽  
Role Based Access Control ◽  
Blockchain Technology ◽  
Smart Contract ◽  
Role Based

Access control has become problematic in several organizations because of the difficulty in establishing security and preventing malicious users from mimicking roles. Moreover, there is no flexibility among users in the participation in their roles, and even controlling them. Several role-based access control (RBAC) mechanisms have been proposed to alleviate these problems, but the security has not been fully realized. In this work, however, we present an RBAC model based on blockchain technology to enhance user authentication before knowledge is accessed and utilized in a knowledge management system (KMS). Our blockchain-based system model and the smart contract ensure that transparency and knowledge resource immutability are achieved. We also present smart contract algorithms and discussions about the model. As an essential part of RBAC model applied to KMS environment, trust is ensured in the network. Evaluation results show that our system is efficient.

scholarly journals Rogue Device Mitigation in the Internet of Things: A Blockchain-Based Access Control Approach

2020 ◽  
Vol 2020 ◽  
pp. 1-13
Author(s):  
Uzair Javaid ◽  
Furqan Jameel ◽  
Umair Javaid ◽  
Muhammad Toaha Raza Khan ◽  
Riku Jäntti
Keyword(s):  
Internet Of Things ◽  
Access Control ◽  
Security Analysis ◽  
Superior Performance ◽  
Control Approach ◽  
Everyday Objects ◽  
Blockchain Technology ◽  
Control Scheme ◽  
Technological Developments ◽  
Iot Devices

Recent technological developments in wireless and sensor networks have led to a paradigm shift in interacting with everyday objects, which nurtured the concept of Internet of Things (IoT). However, low-powered nature of IoT devices generally becomes a hindrance that makes them vulnerable to a wide array of attacks. Among these, the emergence of rogue devices is quickly becoming a major security concern. Rogue devices are malicious in nature which typically execute different kinds of cyberattacks by exploiting the weaknesses of access control schemes in IoT environments. Therefore, access control is one of the crucial aspects of an IoT ecosystem that defines an entry point for a device or a user in the network. This paper investigates this issue and presents an access control scheme by integrating an IoT network with blockchain technology, thereby arguing to replace the traditional centralized IoT-server architecture with a decentralized one. The blockchain is used with smart contracts to establish a secure platform for device registration. Due to this reason, the IoT devices are first required to register themselves and access the network via contracts thereafter. Moreover, the contracts host a device registry, the access control list, to grant or deny access to devices. This allows the proposed scheme to authorize registered devices only and block unregistered ones, which facilitates the mitigation of rogue devices. To demonstrate the feasibility and improvements of the proposed scheme, security analysis along with in-depth performance evaluation are conducted, where the obtained results indicate its applicability. A case study is also formulated with a comparative analysis that confirms the superior performance of the proposed scheme for low-powered IoT systems.

scholarly journals New Method of Prime Factorisation-Based Attacks on RSA Authentication in IoT

Cryptography ◽  
2019 ◽  
Vol 3 (3) ◽  
pp. 20 ◽  
Author(s):  
Venkatraman ◽  
Overmars
Keyword(s):  
Smart Cities ◽  
Security Requirements ◽  
Resource Constrained ◽  
Euler’S Method ◽  
Binary Arithmetic ◽  
Cryptographic Keys ◽  
Authentication And Authorization ◽  
Potential Benefits ◽  
Iot Devices ◽  
And Performance

The potential benefits of the Internet of Things (IoT) are hampered by malicious interventions of attackers when the fundamental security requirements such as authentication and authorization are not sufficiently met and existing measures are unable to protect the IoT environment from data breaches. With the spectrum of IoT application domains increasing to include mobile health, smart homes and smart cities in everyday life, the consequences of an attack in the IoT network connecting billions of devices will become critical. Due to the challenges in applying existing cryptographic standards to resource constrained IoT devices, new security solutions being proposed come with a tradeoff between security and performance. While much research has focused on developing lightweight cryptographic solutions that predominantly adopt RSA (Rivest–Shamir–Adleman) authentication methods, there is a need to identify the limitations in the usage of such measures. This research paper discusses the importance of a better understanding of RSA-based lightweight cryptography and the associated vulnerabilities of the cryptographic keys that are generated using semi-primes. In this paper, we employ mathematical operations on the sum of four squares to obtain one of the prime factors of a semi-prime that could lead to the attack of the RSA keys. We consider the even sum of squares and show how a modified binary greatest common divisor (GCD) can be used to quickly recover one of the factors of a semi-prime. The method presented in this paper only uses binary arithmetic shifts that are more suitable for the resource-constrained IoT landscape. This is a further improvement on previous work based on Euler’s method which is demonstrated using an illustration that allows for the faster testing of multiple sums of squares solutions more quickly.

scholarly journals Trusted and Efficient Cross-Domain Access Control System Based on Blockchain

2020 ◽  
Vol 2020 ◽  
pp. 1-13
Author(s):  
Shuang Sun ◽  
Shudong Chen ◽  
Rong Du
Keyword(s):  
Control System ◽  
Access Control ◽  
Single Server ◽  
Control Mechanisms ◽  
Blockchain Technology ◽  
Cross Domain ◽  
Role Mapping ◽  
Mapping Technology ◽  
Access Control System ◽  
Access Policies

In a distributed system, cross-domain access control is an important mechanism to realize secure data sharing among multiple domains. Most of the existing cross-domain access control mechanisms are generally based on a single-server architecture, which has limitations in terms of security and reliability (the access decision may be incorrect) and completeness and confidentiality (the access records can be modified). Blockchain technology with decentralization, verifiability, and immutability properties can solve these problems. Motivated by these facts, in this article, we construct a trusted and efficient cross-domain access control system based on blockchain. Consequently, we integrate blockchain and role mapping technology to provide reliable and verifiable cross-domain access process. We use blockchain to record user roles, role mapping rules, access policies, and audit records, realizing user self-validation, and access nonreputation. Considering the low throughput of the blockchain, we design an efficient smart contract to make the access decision based on the access history of users. Finally, a performance evaluation of the system is presented to demonstrate the feasibility of the proposed system.

Sign in / Sign up

Export Citation Format

Share Document