Biblio

This paper investigates the impact of the delay resulting from a blockchain, a promising security measure, for a hierarchical control system of inverters connected to the grid. The blockchain communication network is designed at the secondary control layer for resilience against cyberattacks. To represent the latency in the communication channel, a model is developed based on the complexity of the blockchain framework. Taking this model into account, this work evaluates the plant’s performance subject to communication delays, introduced by the blockchain, among the hierarchical control agents. In addition, this article considers an optimal model-based control strategy that performs the system’s internal control loop. The work shows that the blockchain’s delay size influences the convergence of the power supplied by the inverter to the reference at the point of common coupling. In the results section, real-time simulations on OPAL-RT are performed to test the resilience of two parallel inverters with increasing blockchain complexity.

Traditional grid-centric data storage methods are vulnerable to network attacks or failures due to downtime, causing problems such as data loss or tampering. The security of data storage can be effectively improved by establishing an alliance chain. However, the existing consortium chain consensus algorithm has low scalability, and the consensus time will explode as the number of nodes increases. This paper proposes an improved consensus algorithm (MSBFT) based on multi-signature to address this problem, which spreads data by establishing a system communication tree, reducing communication and network transmission costs, and improving system scalability. By generating schnorr multi-signature as the shared signature of system nodes, the computational cost of verification between nodes is reduced. At the end of the article, simulations prove the superiority of the proposed method.

Blockchain transactions are signed by private keys. Secure key storage and tamper resistant computing, are critical requirements for deployments of trusted infrastructure. In this paper we identify some threats against blockchain wallets, and we introduce a set of physical and logical countermeasures in order to defeat them. We introduce open software and hardware architectures based on secure elements, which enable detection of cloned device and corrupted software. These technologies are based on resistant computing (javacard), smartcard anti cloning, smartcard self content attestation, applicative firewall, bare metal architecture, remote attestation, dynamic PUF (Physical Unclonable Function), and programming token as root of trust.

To improve efficiency of stegosystem on blockchain and balance the time consumption of Encode and Decode operations, we propose a new blockchain-based steganography scheme, called Keys as Secret Messages (KASM), where a codebook of mappings between bitstrings and public keys can be pre-calculated by both sides with some secret parameters pre-negotiated before covert communication. By applying properties of elliptic curves and pseudorandom number generators, we realize key derivation of codebook item, and we construct the stegosystem with provable security under chosen hiddentext attack. By comparing KASM with Blockchain Covert Channel (BLOCCE) and testing on Bitcoin protocol, we conclude that our proposed stegosystem encodes hiddentexts faster than BLOCCE does and can decode stegotexts in highly acceptable time. The balanced time consumption of Encode and Decode operations of KASM make it applicable in the scene of duplex communication. At the same time, KASM does not leak sender’s private keys, so sender’s digital currencies can be protected.

With the development of cloud computing, a growing number of users use the cloud to store their sensitive data. To protect privacy, users often encrypt their data before outsourcing. Searchable Symmetric Encryption (SSE) enables users to retrieve their encrypted data. Most prior SSE schemes did not focus on malicious servers, and users could not confirm the correctness of the search results. Blockchain-based SSE schemes show the potential to solve this problem. However, the expensive nature of storage overhead on the blockchain presents an obstacle to the implementation of these schemes. In this paper, we propose a lightweight blockchain-based searchable symmetric encryption scheme that reduces the space cost in the scheme by improving the data structure of the encrypted index and ensuring efficient data retrieval. Experiment results demonstrate the practicability of our scheme.

Verifying the integrity of IoT data in cloud-based IoT architectures is crucial for building reliable IoT applications. Traditional data integrity verification methods rely on a Trusted Third Party (TTP) that has issues of risk and operational cost by centralization. Distributed Ledger Technology (DLT) has a high potential to verify IoT data integrity and overcome the problems with TTPs. However, the existing DLTs have low transaction throughput, high computational and storage overhead, and are unsuitable for IoT environments, where a massive scale of data is generated. Recently, Directed Acyclic Graph (DAG) based DLTs have been proposed to address the low transaction throughput of linear DLTs. However, the integration of IoT Gateways (GWs) into the peer to peer (P2P) DLT network is challenging because of their low storage and computational capacity. This paper proposes Lightweight and Scalable DAG based distributed ledger for IoT (LSDI) that can work with resource-constrained IoT GWs to provide fast and scalable IoT data integrity verification. LSDI uses two key techniques: Pruning and Clustering, to reduce 1) storage overhead in IoT GWs by removing sufficiently old transactions, and 2) computational overhead of IoT GWs by partitioning a large P2P network into smaller P2P networks. The evaluation results of the proof of concept implementation showed that the proposed LSDI system achieves high transaction throughput and scalability while efficiently managing storage and computation overhead of the IoT GWs.

Blockchain technology is the need of an hour for ensuring security and data privacy. However, very limited tools and documentation are available, therefore, the traditional code-centric implementation of Blockchain is challenging for programmers and developers due to inherent complexities. To overcome these challenges, in this article, a novel and efficient framework is proposed that is based on the Model-Driven Architecture. Particularly, a Meta-model (M2 level Ecore Model) is defined that contains the concepts of Blockchain technology. As a part of tool support, a tree editor (developed using Eclipse Modeling Framework) and a Sirius based graphical modeling tool with a drag-drop palette have been provided to allow modeling and visualization of simple and complex Blockchain-based scenarios for security labs in a very user-friendly manner. A Model to Text (M2T) transformation code has also been written using Acceleo language that transforms the modeled scenarios into java code for Blockchain application in the security lab. The validity of the proposed framework has been demonstrated via a case study. The results prove that our framework can be reliably used and further extended for automation and development of Blockchain-based application for security labs with simplicity.

In the distributed file sharing system, a large number of users share bandwidth, upload resources and store them in a decentralized manner, thus offering both an abundant supply of high-quality resources and high-speed download. However, some users only enjoy the convenient service without uploading or sharing, which is called free riding. Free-riding may discourage other honest users. When free-riding users mount to a certain number, the platform may fail to work. The current available incentive mechanisms, such as reciprocal incentive mechanisms and reputation-based incentive mechanisms, which suffer simple incentive models, inability to achieve incentive circulation and dependence on a third-party trusted agency, are unable to completely solve the free-riding problem.In this paper we build a blockchain-based distributed file sharing platform and design a nested incentive scheme for this platform. The proposed nested incentive mechanism achieves the circulation of incentives in the platform and does not rely on any trusted third parties for incentive distribution, thus providing a better solution to free-riding. Our distributed file sharing platform prototype is built on the current mainstream blockchain. Nested incentive scheme experiments on this platform verify the effectiveness and superiority of our incentive scheme in solving the free-riding problem compared to other schemes.

Modern IoT infrastructure consists of different sub-systems, devices, applications, platforms, varied connectivity protocols with distinct operating environments scattered across different subsystems within the whole network. Each of these subsystems of the global system has its peculiar computational and security challenges. A security loophole in one subsystem has a directly negative impact on the security of the whole system. The nature and intensity of recent cyber-attacks within IoT networks have increased in recent times. Blockchain technology promises several security benefits including a decentralized authentication mechanism that addresses almost readily the challenges with a centralized authentication mechanism that has the challenges of introducing a single point of failure that affects data and system availability anytime such systems are compromised. The different design specifications and the unique functional requirements for most IoT devices require a strong yet universal authentication mechanism for multimedia data that assures an additional security layer to IoT data. In this paper, the authors propose a decentralized authentication to validate data integrity at the IoT node level. The proposed mechanism guarantees integrity, privacy, and availability of IoT node data.

In this paper, we address the problem of privacy-preserving of the consumer's energy measurements in the context of the SG. To this end, we present a blockchain-based approach to preserve the privacy for smart grid users and to detect data forgery, replay attacks, and data injection attacks.

Wearable devices are emerging as effective modalities for the collection of individuals’ data. While this data can be leveraged for use in several areas ranging from health-care to crime investigation, storing and securely accessing such information while preserving privacy and detecting any tampering attempts are significant challenges. This paper describes a decentralized system that ensures an individual’s privacy, maintains an immutable log of any data access, and provides decentralized access control management. Our proposed framework uses a custom permissioned blockchain protocol to securely log data transactions from wearable devices in the blockchain ledger. We have implemented a proof-of-concept for our framework, and our preliminary evaluation is summarized to demonstrate our proposed framework’s capabilities. We have also discussed various application scenarios of our privacy-preserving model using blockchain and proof-of-authority. Our research aims to detect data tampering attempts in data sharing scenarios using a thorough transaction log model.

Cyber-Physical Systems (CPS) underpin global critical infrastructure, including power, water, gas systems and smart grids. CPS, as a technology platform, is unique as a target for Advanced Persistent Threats (APTs), given the potentially high impact of a successful breach. Additionally, CPSs are targets as they produce significant amounts of heterogeneous data from the multitude of devices and networks included in their architecture. It is, therefore, essential to develop efficient privacy-preserving techniques for safeguarding system data from cyber attacks. This paper introduces a comprehensive review of the current privacy-preserving techniques for protecting CPS systems and their data from cyber attacks. Concepts of Privacy preservation and CPSs are discussed, demonstrating CPSs' components and the way these systems could be exploited by either cyber and physical hacking scenarios. Then, classification of privacy preservation according to the way they would be protected, including perturbation, authentication, machine learning (ML), cryptography and blockchain, are explained to illustrate how they would be employed for data privacy preservation. Finally, we show existing challenges, solutions and future research directions of privacy preservation in CPSs.

Sharding is considered to be the most promising solution to overcome and to improve the scalability limitations of blockchain networks. By doing this, the transaction throughput increases, at the same time compromises the security of blockchain networks. In this paper, a probability distribution model is proposed to analyze this trade-off between scalability and security of sharding-based blockchain networks. For this purpose hypergeometric distribution and Chebyshev's Inequality are mainly used. The upper bounds of hypergeometric distributed transaction processing and failure probabilities for shards are mainly evaluated. The model validation is accomplished with Class A (Omniledger, Elastico, Harmony, and Zilliqa), and Class B (RapidChain) sharding protocols. This validation shows that Class B protocols have a better performance compared to Class A protocols. The proposed model observes the transaction processing and failure probabilities are increased when shard size is reduced or the number of shards increased in sharding-based blockchain networks. This trade-off between the scalability and the security decides on the shard size of the blockchain network based on the real-world application and the blockchain platform. This explains the scalability trilemma in blockchain networks claiming that decentralization, scalability, and security cannot be met at primary grounds. In conclusion, this paper presents a comprehensive analysis providing essential directions to develop sharding protocols in the future to enhance the performance and the best-cost benefit of sharing-based blockchains by improving the scalability and the security at the same time.

Our proposal aims to help solving a trust problem between licensors and licensees that occurs during the active life of license agreements. We particularly focus on licensing of proprietary intellectual property (IP) that is embedded in Internet of Things (IoT) devices and services (e.g. patented technologies). To achieve this we propose to encode the logic of license agreements into smart licenses (SL). We define a SL as a `digital twin' of a licensing contract, i.e. one or more smart contracts that represent the full or relevant parts of a licensing agreement in machine readable and executable code. As SL are self enforcing, the royalty computation and execution of payments can be fully automated in a tamper free and trustworthy way. This of course, requires to employ a Distributed Ledger Technology (DLT). Such an Automated Licensing Payment System (ALPS) can thus automate an established business process and solve a longstanding trust issue in licensing markets. It renders traditional costly audits obsolete, lowers entry barriers for those who want to participate in licensing markets, and enables novel business models too complex with traditional approaches.

With the development of technology, the structure of power grid becomes more and more complex, and the amount of data collected is also increasing. In the existing smart power grid, the data collected by sensors need to be uploaded and stored to the trusted central node, but the centralized storage method is easy to cause the malicious attack of the central node, resulting in single point failure, data tampering and other security problems. In order to solve these information security problems, this paper proposes a new data security storage framework based on private blockchain. By using the improved raft algorithm, partial decentralized data storage is used instead of traditional centralized storage. It also introduces in detail the working mechanism of the smart grid data security storage framework, including the process of uploading collected data, data verification, and data block consensus. The security analysis shows the effectiveness of the proposed data storage framework.

Federated Learning (FL) is a multiparty learning computing approach that can aid privacy-preservation machine learning. However, FL has several potential security and privacy threats. First, the existing FL requires a central coordinator for the learning process which brings a single point of failure and trust issues for the shared trained model. Second, during the learning process, intentionally unreliable model updates performed by Byzantine colluding parties can lower the quality and convergence of the shared ML models. Therefore, discovering verifiable local model updates (i.e., integrity or correctness) and trusted parties in FL becomes crucial. In this paper, we propose a resilient and verifiable FL algorithm based on a reputation scheme to cope with unreliable parties. We develop a selection algorithm for task publisher and blockchain-based multiparty learning architecture approach where local model updates are securely exchanged and verified without the central party. We also proposed a novel auditing scheme to ensure our proposed approach is resilient up to 50% Byzantine colluding attack in a malicious scenario.

{On considering workplace thefts as a major problem, there is a requirement of designing a vandal proof door hardware and locking mechanism for ensuring the security of our property. So the door lock system with extra security features with a user friendly cost is suggested in this paper. When a stranger comes at the door, he/she has to pass three security levels for unlocking the solenoid locks present at the door and if he fails to do so, the door will remain locked. These three levels are of three extraordinary security features as one of them is using Fingerprint sensor, second is using a knocking pattern, and the last lock is unlocked by the preset pin/pattern entered by the user. Since, in addition to these features, there is one more option for the case of appearing of guest at the door and that is the Image capturing using web-camera present at the door and here the owner of the house is able to unlock all the locks if he wants the guest to enter the home. This all will be monitored by Node MCU}.

Named Data Networking (NDN) is an emerging network architecture, which is built by keeping data as its pivotal point. The in-network cache, one of the important characteristics, makes data packets to be available from multiple locations on the Internet. Hence data access control and their enforcement mechanisms become even more critical in the NDNs. In this paper, we propose a novel encryption-based data access control scheme using Role-Based Encryption (RBE). The inheritance property of our scheme provides a natural way to achieve efficient data access control over hierarchical content. This in turn makes our scheme suitable for large scale real world content-centric applications and services such as Netflix. Further, the proposed scheme introduces an anonymous signature-based authentication mechanism to reject bogus data requests nearer to the source, thereby preventing them from entering the network. This in turn helps to mitigate better denial of service attacks. In addition, the signature mechanism supports unlinkability, which is essential to prevent leakages of individual user's access patterns. Another major feature of the proposed scheme is that it provides accountability of the Internet Service Providers (ISPs) using batch signature verification. Moreover, we have developed a transparent and secure dispute resolution and payment mechanism using smart-contract and blockchain technologies. We present a formal security analysis of our scheme to show it is provably secure against Chosen Plaintext Attacks. We also demonstrate that our scheme supports more functionalities than the existing schemes and its performance is better in terms of computation, communication and storage.

Most present reconfiguration methods in sharding blockchains rely on a secure randomness, whose generation might be complicated. Besides, a reference committee is usually in charge of the reconfiguration, making the process not decentralized. To address the above issues, this paper proposes a secure and decentralized shard reconfiguration protocol, which allows each shard to complete the selection and confirmation of its own shard members in turn. The PoW mining puzzle is calculated using the public key hash value in the member list confirmed by the last shard. Through the mining and shard member list commitment process, each shard can update its members safely and efficiently once in a while. Furthermore, it is proved that our protocol satisfies the safety, consistency, liveness, and decentralization properties. The honest member proportion in each confirmed shard member list is guaranteed to exceed a certain safety threshold, and all honest nodes have an identical view on the list. The reconfiguration is ensured to make progress, and each node has the same right to participate in the process. Our secure and decentralized shard reconfiguration protocol could be applied to all committee-based sharding blockchains.

In this paper, a blockchain based scheme is proposed to provide registration, mutual authentication and data sharing in wireless sensor network. The proposed model consists of three types of nodes: coordinators, cluster heads and sensor nodes. A consortium blockchain is deployed on coordinator nodes. The smart contracts execute on coordinators to record the identities of legitimate nodes. Moreover, they authenticate nodes and facilitate in data sharing. When a sensor node communicate and accesses data of any other sensor node, both nodes mutually authenticate each other. The smart contract of data sharing is used to provide a secure communication and data exchange between sensor nodes. Moreover, the data of all the nodes is stored on the decentralized storage called interplanetary file system. The simulation results show the response time of IPFS and message size during authentication and registration.

The COVID-19 pandemic has impacted the world economy and mainly all activities where social distancing cannot be respected. In order to control this pandemic, screening tests such as PCR have become essential. For example, in the case of a trip, the traveler must carry out a PCR test within 72 hours before his departure and if he is not a carrier of the COVID-19, he can therefore travel by presenting, during check-in and boarding, the negative result sheet to the agent. The latter will then verify the presented sheet by trusting: (a) the medical biology laboratory, (b) the credibility of the traveler for not having changed the PCR result from “positive to negative”. Therefore, this confidence and this verification are made without being based on any mechanism of security and integrity, despite the great importance of the PCR test results to control the COVID-19 pandemic. Consequently, we propose in this paper a blockchain-based decentralized trust architecture that aims to guarantee the integrity, immutability and traceability of COVID-19 test results. Our proposal also aims to ensure the interconnection between several organizations (airports, medical laboratories, cinemas, etc.) in order to access COVID-19 test results in a secure and decentralized manner.

People are dependent on Trusted Third Party (TTP) administration based Centralized systems for content sharing having a deficit of security, faith, immutability, and clearness. This work has proposed a file-sharing environment based on Blockchain by clouting the Interplanetary File System (IPFS) and Public Key Infrastructure (PKI) systems, advantages for overcoming these troubles. The smart contract is implemented to control the access privilege and the modified version of IPFS software is utilized to enforce the predefined access-control list. An application framework on a secure decentralized file sharing system is presented in combination with IPFS and PKI to secure file sharing. PKI having public and private keys is used to enable encryption and decryption of every file transaction and authentication of identities through Metamask to cryptographically recognize account ownership in the Blockchain system. A gas consumption-based result analysis is done in the private Ethereum network and it attains transparency, security managed access, and quality of data indicating better efficacy of this work.

The research proposal discloses a novel drone-based ad-hoc network that leverages acoustic information for power plant surveillance and utilizes a secure blockchain model for protecting the integrity of drone communication over the network. The paper presents a vision for the drone-based networks, wherein drones are employed for monitoring the complex power plant machinery. The drones record acoustic information generated by the power plants and detect anomalies or deviations in machine behavior based on collected acoustic data. The drones are linked to distributed network of computing devices in possession with the plant stakeholders, wherein each computing device maintains a chain of data blocks. The chain of data blocks represents one or more transactions associated with power plants, wherein transactions are related to high risk auditory data set accessed by the drones in an event of anomaly or machine failure. The computing devices add at least one data block to the chain of data blocks in response to valid transaction data, wherein the transaction data is validated by the computing devices owned by power plant personnel.

The energy sector is facing increasing risks, mainly concerning fraudulent activities and cyberattacks. This paradigm shift in risks would require innovative solutions. This paper proposes an innovative architecture based on Distributed Ledger Technologies (Blockchain) and Triple Entry Accounting (X-Accounting). The proposed architecture focusing on new applications of payment and billing would improve accountability and compliance as well as security and reliability. Future research can extend this architecture to other energy technologies and systems like EMS/SCADA and associated applications.

Integrating blockchain into Internet of Things (IoT) systems can offer many advantages to users and organizations. It provides the IoT network with the capability to distribute computation over many devices and improves the network's security by enhancing information integrity, ensuring accountability, and providing a way to implement better access control. The consensus mechanism is an essential part of any IoT-blockchain platform. In this paper, a novel consensus mechanism based on Proof-of-Authority (PoA) and Proof-of-Work (PoW) is proposed. The security advantages provided by PoW have been realized, and its long confirmation time can be mitigated by combining it with PoA in a single consensus mechanism called Honesty-based Distributed Proof-of-Authority (HDPoA) via scalable work. The measured results of transaction confirmation time and power consumption, and the analyses of security aspects have shown that HDPoA is a suitable and secure protocol for deployment within blockchain-based IoT applications.