Biblio
Filters: Author is Jaroucheh, Zakwan [Clear All Filters]
Privacy-preserving and Trusted Threat Intelligence Sharing using Distributed Ledgers. 2021 14th International Conference on Security of Information and Networks (SIN). 1:1—6.
.
2021. Threat information sharing is considered as one of the proactive defensive approaches for enhancing the over-all security of trusted partners. Trusted partner organizations can provide access to past and current cybersecurity threats for reducing the risk of a potential cyberattack—the requirements for threat information sharing range from simplistic sharing of documents to threat intelligence sharing. Therefore, the storage and sharing of highly sensitive threat information raises considerable concerns regarding constructing a secure, trusted threat information exchange infrastructure. Establishing a trusted ecosystem for threat sharing will promote the validity, security, anonymity, scalability, latency efficiency, and traceability of the stored information that protects it from unauthorized disclosure. This paper proposes a system that ensures the security principles mentioned above by utilizing a distributed ledger technology that provides secure decentralized operations through smart contracts and provides a privacy-preserving ecosystem for threat information storage and sharing regarding the MITRE ATT&CK framework.
Blockchain-Based Authentication and Registration Mechanism for SIP-Based VoIP Systems. 2021 5th Cyber Security in Networking Conference (CSNet). :63–70.
.
2021. The Session Initiation Protocol (SIP) is the principal signalling protocol in Voice over IP (VoIP) systems, responsible for initialising, terminating, and maintaining sessions amongst call parties. However, the problem with the SIP protocol is that it was not designed to be secure by nature as the HTTP digest authentication used in SIP is insecure, making it vulnerable to a variety of attacks. The current solutions rely on several standardised encryption protocols, such as TLS and IPsec, to protect SIP registration messages. However, the current centralised solutions do not scale well and cause algorithm overload when encoding and decoding SIP messages. In trying to rectify this issue, we propose in this paper a blockchain-based lightweight authentication mechanism, which involves a decentralised identity model to authenticate the SIP client to the SIP server. Our mechanism uses a smart contract on the Ethereum blockchain to ensure trust, accountability and preserves user privacy. We provided a proof-of-concept implementation to demonstrate our work. Further analysis of this approach's usability, mainly CPU and memory usage, was conducted comparing to IPsec and TLS. Then we discussed our system's security and presented a security analysis. Our analysis proves that our approach satisfies the SIP protocol security requirements.
Blockchain-Based Platform for Secure Sharing and Validation of Vaccination Certificates. 2021 14th International Conference on Security of Information and Networks (SIN). 1:1–8.
.
2021. The COVID-19 pandemic has recently emerged as a worldwide health emergency that necessitates coordinated international measures. To contain the virus's spread, governments and health organisations raced to develop vaccines that would lower Covid-19 morbidity, relieve pressure on healthcare systems, and allow economies to open. Following the COVID-19 vaccine, the vaccination certificate has been adopted to help the authorities formulate policies by controlling cross-border travelling. To address serious privacy concerns and eliminate the need for third parties to retain the trust and govern user data, in this paper, we leverage blockchain technologies in developing a secure and verifiable vaccination certificate. Our approach has the advantage of utilising a hybrid approach that implements different advanced technologies, such as the self-sovereignty concept, smart contracts and interPlanetary File System (IPFS). We rely on verifiable credentials paired with smart contracts to make decisions about who can access the system and provide on-chain verification and validation of the user and issuer DIDs. The approach was further analysed, with a focus on performance and security. Our analysis shows that our solution satisfies the security requirements for immunisation certificates.
A Decentralised Authentication and Access Control Mechanism for Medical Wearable Sensors Data. 2021 IEEE International Conference on Omni-Layer Intelligent Systems (COINS). :1—7.
.
2021. Recent years have seen an increase in medical big data, which can be attributed to a paradigm shift experienced in medical data sharing induced by the growth of medical technology and the Internet of Things. The evidence of this potential has been proved during the recent covid-19 pandemic, which was characterised by the use of medical wearable devices to help with the medical data exchange between the healthcare providers and patients in a bid to contain the pandemic. However, the use of these technologies has also raised questions and concerns about security and privacy risks. To assist in resolving this issue, this paper proposes a blockchain-based access control framework for managing access to users’ medical data. This is facilitated by using a smart contract on the blockchain, which allows for delegated access control and secure user authentication. This solution leverages blockchain technology’s inherent autonomy and immutability to solve the existing access control challenges. We have presented the solution in the form of a medical wearable sensor prototype and a mobile app that uses the Ethereum blockchain in a real data sharing control scenario. Based on the empirical results, the proposed solution has proven effective. It has the potential to facilitate reliable data exchange while also protecting sensitive health information against potential threats. When subjected to security analysis and evaluation, the system exhibits performance improvements in data privacy levels, high security and lightweight access control design compared to the current centralised access control models.