Dynamic-IoTrust: A Dynamic Access Control for IoT Based on Smart Contracts

The Internet of things (IoT) is an active, real-world area in need of more investigation. One of the top weaknesses in security challenges that IoTs face, the centralized access control server, which can be a single point of failure. In this paper, Dynamic-IoTrust, a decentralized access control smart contract based aims to overcome distrusted, dynamic, trust and authentication issues for access control in IoT. It also integrates dynamic trust value to evaluate users based on behavior. In particular, the Dynamic-IoTrust contains multiple Main Smart Contract, one Register Contract, and one Judging Contract to achieve efficient distributed access control management. Dynamic-IoTrust provides both static access rights by allowing predefined access control policies and also provides dynamic access rights by checking the trust value and the behavior of the user. The system also provides to detected user misbehavior and make a decision for user trust value and penalty. There are several levels of trusted users to access the IoTs device. Finally, the case study demonstrates the feasibility of the Dynamic-IoTrust model to offer a dynamic decentralized access control system with trust value attribute to evaluate the internal user used IoTs devices.

Analysis of Heterogeneous Data Storage and Access Control Management for Cloud Computing Under M/M/c Queueing Model

This study focuses on challenges faced during optimization of the performance of multiple users under encrypted data storage. Traditional single storage instance schemes are much concerned about the application scenarios rather than data sensitivity. This paper provides an optimization function for analyzing the performance parameters of developed queueing system. On the other hand, simulation results are further examined in order to optimize the average waiting time, average queue length, and total number of data packets. In addition, deduplication check provides more storage by eliminating duplicate files, and the remaining files further get encrypted by two cryptographic algorithms, namely advanced encryption standard (AES) and Rivest–Shamir–Adleman (RSA), respectively. Moreover, this paper emphasises performance of data in terms of storage and security; on the same basis, its comparison and implementation has been done. At last, conclusion is given.

An Autonomous Cybersecurity Framework for Next-generation Digital Service Chains

Today, the digital economy is pushing new business models, based on the creation of value chains for data processing, through the interconnection of processes, products, services, software, and things across different domains and organizations. Despite the growing availability of communication infrastructures, computing paradigms, and software architectures that already effectively support the implementation of distributed multi-domain value chains, a comprehensive architecture is still missing that effectively fulfills all related security issues: mutual trustworthiness of entities in partially unknown topologies, identification and mitigation of advanced multi-vector threats, identity management and access control, management and propagation of sensitive data. In order to fill this gap, this work proposes a new methodological approach to design and implement heterogeneous security services for distributed systems that combine together digital resources and components from multiple domains. The framework is designed to support both existing and new security services, and focuses on three novel aspects: (i) full automation of the processes that manage the whole system, i.e., threat detection, collection of information and reaction to attacks and system anomalies; (ii) dynamic adaptation of operations and security tasks to newest attack patterns, and (iii) real-time adjustment of the level of detail of inspection and monitoring processes. The overall architecture as well as the functions and relationships of its logical components are described in detail, presenting also a concrete use case as an example of application of the proposed framework.

Editorial

Preparation of the 129th volume of our journal fell on a challenging period – the time of the COVID-19 pandemic. Far-reaching restrictions have been imposed on many sectors of the economy. Limitations on mobility have also been introduced. They had a significant impact on the functioning of the global transportation system. Individual branches were affected to a varying degree, probably air transport suffered the most, as the traffic was practically suspended for many weeks. The assessment of the pandemic's real impact on the elements of transportation systems, the development of remedies allowing for their functioning in the new reality, as well as forecasting scenarios for the situation's development – will soon constitute an important area of scientific research. We hope that many of the results of this research will be published in the WUT Journal of Transportation Engineering. The restrictions related to COVID-19 have also affected universities and other research institutions. Nevertheless, the editors of WUT Journal of Transportation Engineer-ing consistently carry out activities aimed at increasing the attractiveness and recognition of the journal. We have developed and implemented a new graphic design for both the cover and individual articles. We have created the journal's pages on social media - on LinkedIn and Facebook. With their help, we will promote the journal among people interested in transportation – researchers, practitioners and students. We encourage you to use these pages. The current volume contains eight articles. Papers related to road transport discuss safety at pedestrian crossings, the possibility of using autonomous vehicles by drivers with motor dysfunctions and risk management of oversize cargo transport. Papers on rail transport discuss the issues of traffic control systems certification in the case of new investment tasks, optimization of railway transition curves shape, as well as the requirements for products used in railway surfaces. The topics of papers on air transport include a review of research methods to assess the level of passenger service at an airport and analysis of access control management to restricted areas and its impact on the airport security system. The papers included in volume 129 are available in a digital format on our website: https://pnpw-transport.publisherspanel.com.

Assessment of the impact of the restricted areas access control management on the airport security system

At present, airports are one of the few transport infrastructure facilities where we can see significant passenger comfort restrictions. In addition to several legal acts regulating precisely the rules of using this form of communication, we also deal with a continuous process of passenger flow management, broadly understood logistics and investment works, which significantly affect the airport's operational readiness. One of the essential elements related to air transport is the need to ensure air operations safety. The requirements and limitations associated with the transporting specific objects and substances and the tools for their detection are quite precisely defined in the applicable legal acts. These activities serve one purpose: to prevent acts of unlawful interference. However, the work indicates another element, perhaps less visible in the entire security control process, but equally crucial for the proper functioning of the security system. It is access control. The work shows the method of access control management in the context of an airport's functioning with many thousands of users. Bearing in mind the need to verify people moving around the airport and immediately react to all kinds of staff and structural rotations that directly affect people's rights to stay in specific airport zones, we can assess airport security level. Notably, the work shows the dependence of the entire airport's safety on managing its single link, which is the airport pass. This article also shows the impact of the automation of the access control management process on work efficiency and the effectiveness in achieving its primary goal, which is to protect the airport against unauthorized entry into the protected area.