Biblio

In this paper, a blockchain based scheme is proposed to provide registration, mutual authentication and data sharing in wireless sensor network. The proposed model consists of three types of nodes: coordinators, cluster heads and sensor nodes. A consortium blockchain is deployed on coordinator nodes. The smart contracts execute on coordinators to record the identities of legitimate nodes. Moreover, they authenticate nodes and facilitate in data sharing. When a sensor node communicate and accesses data of any other sensor node, both nodes mutually authenticate each other. The smart contract of data sharing is used to provide a secure communication and data exchange between sensor nodes. Moreover, the data of all the nodes is stored on the decentralized storage called interplanetary file system. The simulation results show the response time of IPFS and message size during authentication and registration.

Zero- Knowledge Proof is a cryptographic protocol exercised to render privacy and data security by securing the identity of users and using services anonymously. It finds numerous applications; authentication is one of them. A Zero-Knowledge Proof-based authentication system is discussed in this paper. Advanced Encryption Standard (AES) and Secure Remote Password (SRP) protocol have been used to design and build the ZKP based authentication system. SRP is a broadly used Password Authenticated Key Exchange (PAKE) protocol. The proposed method overcomes several drawbacks of traditional and commonly used authentication systems such as a simple username and plaintext password-based system, multi-factor authentication system and others.

The COVID-19 pandemic has impacted the world economy and mainly all activities where social distancing cannot be respected. In order to control this pandemic, screening tests such as PCR have become essential. For example, in the case of a trip, the traveler must carry out a PCR test within 72 hours before his departure and if he is not a carrier of the COVID-19, he can therefore travel by presenting, during check-in and boarding, the negative result sheet to the agent. The latter will then verify the presented sheet by trusting: (a) the medical biology laboratory, (b) the credibility of the traveler for not having changed the PCR result from “positive to negative”. Therefore, this confidence and this verification are made without being based on any mechanism of security and integrity, despite the great importance of the PCR test results to control the COVID-19 pandemic. Consequently, we propose in this paper a blockchain-based decentralized trust architecture that aims to guarantee the integrity, immutability and traceability of COVID-19 test results. Our proposal also aims to ensure the interconnection between several organizations (airports, medical laboratories, cinemas, etc.) in order to access COVID-19 test results in a secure and decentralized manner.

The 5G technology brings the substantial improvement on the quality of services (QoS), such as higher throughput, lower latency, more stable signal and more ultra-reliable data transmission, triggering a revolution for the wireless mobile network. But in a general traffic channel in the 5G-based wireless mobile network, an attacker can detect a message transmitted over a channel, or even worse, forge or tamper with the message. Building a secure channel over the two parties is a feasible solution to this uttermost data transmission security challenge in 5G-based wireless mobile network. However, how to authentication the identities of the both parties before establishing the secure channel to fully ensure the data confidentiality and integrity during the data transmission has still been a open issue. To establish a fully secure channel, in this paper, we propose a strongly secure pairing-free certificateless authenticated key agreement (PF-CL-AKA) protocol with two-way identity-based authentication before extracting the secure session key. Our protocol is provably secure in the Lippold model, which means our protocol is still secure as long as each party of the channel has at least one uncompromised partial private term. Finally, By the theoretical analysis and simulation experiments, we can observe that our scheme is practical for the real-world applications in the 5G-based wireless mobile network.

To ensure a secure Cloud-based Electronic Health Record (EHR) system, we need to encrypt data and impose field-level access control to prevent malicious usage. Since the attributes of the Users will change with time, the encryption policies adopted may also vary. For large EHR systems, it is often necessary to search through the encrypted data in realtime and perform client-side computations without decrypting all patient records. This paper describes our novel cloud-based EHR system that uses Attribute Based Encryption (ABE) combined with Semantic Web technologies to facilitate differential access to an EHR, thereby ensuring only Users with valid attributes can access a particular field of the EHR. The system also includes searchable encryption using keyword index and search trapdoor, which allows querying EHR fields without decrypting the entire patient record. The attribute revocation feature is efficiently managed in our EHR by delegating the revision of the secret key and ciphertext to the Cloud Service Provider (CSP). Our methodology incorporates advanced security features that eliminate malicious use of EHR data and contributes significantly towards ensuring secure digital health systems on the Cloud.

Underwater Acoustic Networks (UANs) have long been recognized as an instrumental technology in various fields, from ocean monitoring to defense settings. Their security, though, has been scarcely investigated despite the strategic areas involved and the intrinsic vulnerability due to the broadcast nature of the wireless medium. In this work, we focus on attacks for which the attacker has partial or total knowledge of the network protocol stack. Our strategy uses a watchdog layer that allows upper layers to gather knowledge of overheard packets. In addition, a reputation system that is able to label nodes as trustful or suspicious is analyzed and evaluated via simulations. The proposed security mechanism has been implemented in the DESERT Underwater framework and a simulation study is conducted to validate the effectiveness of the proposed solution against resource exhaustion and sinkhole attacks.

In the era of big data, more and more users store data in the cloud. Massive amounts of data have brought huge storage costs to cloud storage providers, and data deduplication technology has emerged. In order to protect the confidentiality of user data, user data should be encrypted and stored in the cloud. Therefore, deduplication of encrypted data has become a research hotspot. Cloud storage provides users with data sharing services, and the sharing of encrypted data is another research hotspot. The combination of encrypted data deduplication and sharing will inevitably become a future trend. The current better-performing updateable block-level message-locked encryption (UMLE) deduplication scheme does not support data sharing, and the performance of the encrypted data de-duplication scheme that introduces data sharing is not as good as that of UMLE. This paper introduces the ciphertext policy attribute based encryption (CP-ABE) system sharing mechanism on the basis of UMLE, applies the CP-ABE method to encrypt the master key generated by UMLE, to achieve secure and efficient data deduplication and sharing. In this paper, we propose a permission verification method based on bilinear mapping, and according to the definition of the security model proposed in the security analysis phase, we prove this permission verification method, showing that our scheme is secure. The comparison of theoretical analysis and simulation experiment results shows that this scheme has more complete functions and better performance than existing schemes, and the proposed authorization verification method is also secure.

Smart grid has improved the security, efficiency of the power system and balanced the supply and demand by intelligent management, which enhanced stability and reliability of power grid. The key point to achieve them is real-time data and consumption data sharing by using fine-grained policies. But it will bring the leakage of the privacy of the users and the loss of data control rights of the data owner. The reported solutions can not give the best trade-off among the privacy protection, control over the data shared and confidentiality. In addition, they can not solve the problems of large computation overhead and dynamic management such as users' revocation. This paper aims at these problems and proposes a decentralized attribute-based data sharing scheme. The proposed scheme ensures the secure sharing of data while removing the central authority and hiding user's identity information. It uses attribute-based signcryption (ABSC) to achieve data confidentiality and authentication. Under this model, attribute-based encryption gives the access policies for users and keeps the data confidentiality, and the attribute-based signature is used for authentication of the primary ciphertext-integrity. It is more efficient than "encrypt and then sign" or "sign and then encrypt". In addition, the proposed scheme enables user's revocation and public verifiability. Under the random oracle model, the security and the unforgeability against adaptive chosen message attack are demonstrated.

An important demand of a wearable health observance system is to soundly exchange the Employees' health data and preventing improper use of black devices. In this project we tend to measure planning wearable sensors device sight abnormal and/or unforeseen things by observance physiological parameters alongside different symptoms. Therefore, necessary facilitate is provided in times of urgent would like. To minimize the health hazards and improving the well-being of employees is to be a major critical role in an organization. As per the report by the Indian Labour Organization, the organization spends an average of 3.94% for GDP on employee treatment. The same study revealed that almost 2.78% million deaths occurs every year and 3.74% million occur non-fatal injuries every year at work. So, the organizations are making towards mitigating the facilities to decimating various IoT technologies and the IoT technology are embedded with modern smart systems, it is easy to monitor every employee in an organization, and also it collects and gather the data and send any critical information by the employees.

People are dependent on Trusted Third Party (TTP) administration based Centralized systems for content sharing having a deficit of security, faith, immutability, and clearness. This work has proposed a file-sharing environment based on Blockchain by clouting the Interplanetary File System (IPFS) and Public Key Infrastructure (PKI) systems, advantages for overcoming these troubles. The smart contract is implemented to control the access privilege and the modified version of IPFS software is utilized to enforce the predefined access-control list. An application framework on a secure decentralized file sharing system is presented in combination with IPFS and PKI to secure file sharing. PKI having public and private keys is used to enable encryption and decryption of every file transaction and authentication of identities through Metamask to cryptographically recognize account ownership in the Blockchain system. A gas consumption-based result analysis is done in the private Ethereum network and it attains transparency, security managed access, and quality of data indicating better efficacy of this work.

Summary form only given, as follows. The complete presentation was not made available for publication as part of the conference proceedings. What is “hardware” security? The network designer relies on the security of the router box. The software developer relies on the TPM (Trusted Platform Module). The circuit designer worries about side-channel attacks. At the same time, electronics shrink: sensor nodes, IOT devices, smart devices are becoming more and more available. Adding security and cryptography to these often very resource constraint devices is a challenge. This presentation will focus on Physically Unclonable Functions and True Random Number Generators, two roots of trust, and their security testing.

This study offers an alternative to current implementations of key exchange by utilizing NFC technologies within android mobile devices. Supporting key exchange protocols along with cryptographic algorithms are offered, which meet current security standards whilst maintaining a short key length for optimal transfer between devices. Peer-to-peer and Host Card Emulation operational modes are observed to determine the best suited approach for key exchange. The proposed model offers end to end encryption between Client-Client as opposed to the usual Client-Server encryption offered by most Instant Messaging applications.

In the growth of financial industries, the electronic payments system is a newest topic, which is to be replaced in the near future by electronic or online transaction. With the advancement of the technology, there is a strong need to build and enforce safe authentication schemes to protect user sensitive information against security threats. Protection is becoming increasingly important for companies today, and so the need for authentication is more essential than before. In single-factor authentication, there are many security problems such as password schemes. Additionally, invaders will try various ways of stealing passwords including, dictionary attacks, brute force attack, password divination, shoulder surfing, etc. This paper provides a multi-authentication system for electronic payments to address the problem. The proposed technique here combines password, biometric and OTP verification for a more reliable user authentication using a multi-factor authentication. The proposed system has three phases, namely: registration phase, an authentication phase, and transaction phase. Our proposed approach has been found to boost security efficacy for various forms of assault and authentication layers dependent on password based attacks.

The Internet of Drones (IoD) is a distributed network control system that mainly manages unmanned aerial vehicle access to controlled airspace and provides navigation between so-called nodes. Securing the transmission of real-time information from the nodes in these applications is essential. The limited drone nodes, data storage, computing and communication capabilities necessitate the need to design an effective and secure authentication scheme. Recently, research has proposed remote user authentication and the key agreement on IoD and claimed that their schemes satisfied all security issues in these networks. However, we found that their schemes may lead to losing access to the drone system due to the corruption of using a key management system and make the system completely unusable. To solve this drawback, we propose a lightweight and anonymous two-factor authentication scheme for drones. The proposed scheme is based on an asymmetric cryptographic method to provide a secure system and is more suitable than the other existing schemes by securing real-time information. Moreover, the comparison shows that the proposed scheme minimized the complexity of communication and computation costs.

Mobile Ad-hoc Networks (MANET) is an autonomous network consisting of movable devices that can form a network using wireless media. MANET routing protocols can be used for selecting an efficient and shortest path for data transmission between nodes in a smart environment formed by the Internet of Things (IoT). Networking in such MANET-enabled IoT system is based on the routing protocols of MANET, data sensing from things, and data handling and processing using IoT. This paper studies proactive approach-based secure routing protocols for MANET-enabled IoT and analyses these protocols to identify security issues in it. Since this fusion network is resource-constrained in nature, each of the studied protocol is evaluated to check if it is lightweight or not. Also, the solution to defend against active attacks in this network is discussed.

Internet security is constantly at risk as a result of the fast developing and highly sophisticated exploitation methods. These attacks use numerous media to take advantage of the most vulnerable of Internet users. Phishing, spam calling, unsecure content and other means of intrusion threaten Internet users every day. In order to maintain the security and privacy of sensitive user data, the user must pay for services that include the storage and generation of secure passwords, monitoring internet traffic to discourage navigation to malicious websites, among other services. Some people do not have the money to purchase privacy protection services and others find convoluted euphemisms baked into privacy policies quite confusing. In response to this problem, we developed an Internet security software package, Secure Suite, which we provide as open source and hence free of charge. Users can easily deploy and manage Secure Suite. It is composed of a password manager, a malicious URL detection service, dubbed MalURLNet, a URL extender, data visualization tools, a browser extension to interact with the web app, and utility tools to maintain data integrity. MalURLNet is one of the main components of Secure Suite. It utilizes deep learning and other open-source software to mitigate security threats by identifying malicious URLs. We exhaustively tested our proposed MalURLNet service. Our studies show that MalURLNet outperforms four other well-known URL classifiers in terms of accuracy, loss, precision, recall, and F1-Score.

Based on the structure of turbo-polar codes, a secure symmetric encryption scheme is proposed to enhance information transmission security in this paper. This scheme utilizes interleaving at information bits and puncturing at parity bits for several times in the encoder. Correspondingly, we need to do the converse interleaving and fill zeros accurately at punctured position. The way of interleaving and puncturing is controlled by the private key of symmetric encryption, making sure the security of the system. The security of Secure Turbo-Polar Codes (STPC) is analyzed at the end of this paper. Simulation results are given to shown that the performance and complexity of Turbo-Polar Codes have little change after symmetric encryption. We also investigate in depth the influence of different remaining parity bit ratios on Frame Error Rate (FER). At low Signal to Noise Rate (SNR), we find it have about 0.6dB advantage when remaining parity bit ratio is between 1/20 and 1/4.

In the fast growing world using new Cloud computing technology. In the terms of Sensitive Data Access from the remote cloud computing storage with different users using security measures to avoid the unauthorized users. Even though so many uses in the Cloud, it leads to lot of issues such as in the Data Access of the sensitive data and encryption still remain challenging. To overcome with these issues, In this novel paper focus on multiple attribute-based encryption which features the data access in secured way with different users in the Cloud Data. The proposed system enables on secure Data Access by using the MABE scheme.

With the development in IC technology, testing the designs is becoming more and more complex. In the design, process testing consumes 60-80% of the time. The basic testing principle is providing the circuit under test (CUT) with input patterns, observing output responses, and comparing against the desired response called the golden response. As the density of the device are rising leads to difficulty in examining the sub-circuit of the chip. So, testing of design is becoming a time-consuming and costly process. Attaching additional logic to the circuit resolves the issue by testing itself. BIST is a relatively a design for testability technique to facilitate thorough testing of ICs and it comprises the test pattern generator, circuit under test, and output response analyzer. Quick diagnosis and very high fault coverage can be ensured by BIST. As complexity in the circuit is increasing, testing urges TPGs (Test Pattern Generators) to generate the test patterns for the CUT to sensitize the faults. TPGs are vulnerable to malicious activities such as scan-based side-channel attacks. Secret data saved on the chip can be extracted by an attacker by scanning out the test outcomes. These threats lead to the emergence of securing TPGs. This work demonstrates providing a secured test pattern generator for BIST circuits by locking the logic of TPG with a password or key generated by the key generation circuit. Only when the key is provided test patterns are generated. This provides versatile protection to TPG from malicious attacks such as scan-based side-channel attacks, Intellectual Property (IP) privacy, and IC overproduction.

The Internet of Things (IoT) is a technology that allows connection between devices using the internet to collect and exchange data with each other. Privacy and security have become the most pressing issues in the IoT network, especially in the smart home. Nevertheless, there are still many smart home devices that have not implemented security and privacy policies. This study proposes a remote sensor control system built on ESP32 to implement a smart home through the Message Queuing Telemetry Transport(MQTT) protocol by applying the Advanced Encryption Standard (AES) algorithm with a 256-bit key. It addresses security issues in the smart home by encrypting messages sent from users to sensors. Besides ESP32, the system implementation also uses Raspberry Pi and smartphone with Android applications. The network was analyzed using Wireshark, and it showed that the message sent was encrypted. This implementation could prevent brute force attacks, with the result that it could guarantee the confidentiality of a message. Meanwhile, from several experiments conducted in this study, the difference in the average time of sending encrypted and unencrypted messages was not too significant, i.e., 20 ms.

Securing data, management of the authorised access of the user and maintaining the privacy of the data are some of the problems relating with the stored data in the database. The security of the data stored is considered as the major concern which is to be managed in a very serious manner as the users are sensitive about their shared data. The user's data can be protected by the process of cryptography which is considered as the conventional method. Advanced Encryption Standard (AES), Data Encryption Standard(DES), Two Fish, Rivest Shamir Adleman Algorithm (RSA), Attribute Based Encryption (ABE), Blowfish algorithms are considered as some of the cryptographic algorithms. These algorithms are classified into symmetric and asymmetric algorithms. Same key is used for the encryption and decoding technique in symmetric key cryptographic algorithm whereas two keys are used for the asymmetric ones. In this paper, the implementation of one of the asymmetric algorithm RSA with the educational dataset is done. To secure the distributed database, the extended version of the RSA algorithm is implemented as the proposed work.

The research proposal discloses a novel drone-based ad-hoc network that leverages acoustic information for power plant surveillance and utilizes a secure blockchain model for protecting the integrity of drone communication over the network. The paper presents a vision for the drone-based networks, wherein drones are employed for monitoring the complex power plant machinery. The drones record acoustic information generated by the power plants and detect anomalies or deviations in machine behavior based on collected acoustic data. The drones are linked to distributed network of computing devices in possession with the plant stakeholders, wherein each computing device maintains a chain of data blocks. The chain of data blocks represents one or more transactions associated with power plants, wherein transactions are related to high risk auditory data set accessed by the drones in an event of anomaly or machine failure. The computing devices add at least one data block to the chain of data blocks in response to valid transaction data, wherein the transaction data is validated by the computing devices owned by power plant personnel.

The energy sector is facing increasing risks, mainly concerning fraudulent activities and cyberattacks. This paradigm shift in risks would require innovative solutions. This paper proposes an innovative architecture based on Distributed Ledger Technologies (Blockchain) and Triple Entry Accounting (X-Accounting). The proposed architecture focusing on new applications of payment and billing would improve accountability and compliance as well as security and reliability. Future research can extend this architecture to other energy technologies and systems like EMS/SCADA and associated applications.

Integrating blockchain into Internet of Things (IoT) systems can offer many advantages to users and organizations. It provides the IoT network with the capability to distribute computation over many devices and improves the network's security by enhancing information integrity, ensuring accountability, and providing a way to implement better access control. The consensus mechanism is an essential part of any IoT-blockchain platform. In this paper, a novel consensus mechanism based on Proof-of-Authority (PoA) and Proof-of-Work (PoW) is proposed. The security advantages provided by PoW have been realized, and its long confirmation time can be mitigated by combining it with PoA in a single consensus mechanism called Honesty-based Distributed Proof-of-Authority (HDPoA) via scalable work. The measured results of transaction confirmation time and power consumption, and the analyses of security aspects have shown that HDPoA is a suitable and secure protocol for deployment within blockchain-based IoT applications.

The concept of usage control goes beyond traditional access control by regulating not only the retrieval but also the processing of data. To be able to remotely enforce usage control policy the processing party requires a trusted execution environ-ment such as Intel SGX which creates so-called enclaves. In this paper we introduce Multi Enclave based Code from Template (MECT), an SGX-based architecture for trusted remote policy enforcement. MECT uses a multi-enclave approach in which an enclave generation service dynamically generates enclaves from pre-defined code and dynamic policy parameters. This approach leads to a small trusted computing base and highly simplified attestation while preserving functionality benefits. Our proof of concept implementation consumes customisable code from templates. We compare the implementation with other architectures regarding the trusted computing base, flexibility, performance, and modularity. This comparison highlights the security benefits for remote attestation of MECT.