Biblio

With the development of IT technology and the generalization of the Internet of Things, smart grid systems combining IoT for efficient power grid construction are being widely deployed. As a form of development for this, edge computing and blockchain technology are being combined with the smart grid. Wang et al. proposed a user authentication scheme to strengthen security in this environment. In this paper, we describe the scheme proposed by Wang et al. and security faults. The first is that it is vulnerable to a side-channel attack, an impersonation attack, and a key material change attack. In addition, their scheme does not guarantee the anonymity of a participant in the smart grid system.

Fog Computing was envisioned to solve problems like high latency, mobility, bandwidth, etc. that were introduced by Cloud Computing. Fog Computing has enabled remotely connected IoT devices and sensors to be managed efficiently. Nonetheless, the Fog-Cloud paradigm suffers from various security and privacy related problems. Blockchain ensures security in a trustless way and therefore its applications in various fields are increasing rapidly. In this work, we propose a Fog-Cloud architecture that enables Blockchain to ensure security, scalability, and privacy of remotely connected IoT devices. Furthermore, our proposed architecture also efficiently manages common problems like ever-increasing latency and energy consumption that comes with the integration of Blockchain in Fog-Cloud architecture.

Verifying the integrity of IoT data in cloud-based IoT architectures is crucial for building reliable IoT applications. Traditional data integrity verification methods rely on a Trusted Third Party (TTP) that has issues of risk and operational cost by centralization. Distributed Ledger Technology (DLT) has a high potential to verify IoT data integrity and overcome the problems with TTPs. However, the existing DLTs have low transaction throughput, high computational and storage overhead, and are unsuitable for IoT environments, where a massive scale of data is generated. Recently, Directed Acyclic Graph (DAG) based DLTs have been proposed to address the low transaction throughput of linear DLTs. However, the integration of IoT Gateways (GWs) into the peer to peer (P2P) DLT network is challenging because of their low storage and computational capacity. This paper proposes Lightweight and Scalable DAG based distributed ledger for IoT (LSDI) that can work with resource-constrained IoT GWs to provide fast and scalable IoT data integrity verification. LSDI uses two key techniques: Pruning and Clustering, to reduce 1) storage overhead in IoT GWs by removing sufficiently old transactions, and 2) computational overhead of IoT GWs by partitioning a large P2P network into smaller P2P networks. The evaluation results of the proof of concept implementation showed that the proposed LSDI system achieves high transaction throughput and scalability while efficiently managing storage and computation overhead of the IoT GWs.

Integrating blockchain into Internet of Things (IoT) systems can offer many advantages to users and organizations. It provides the IoT network with the capability to distribute computation over many devices and improves the network's security by enhancing information integrity, ensuring accountability, and providing a way to implement better access control. The consensus mechanism is an essential part of any IoT-blockchain platform. In this paper, a novel consensus mechanism based on Proof-of-Authority (PoA) and Proof-of-Work (PoW) is proposed. The security advantages provided by PoW have been realized, and its long confirmation time can be mitigated by combining it with PoA in a single consensus mechanism called Honesty-based Distributed Proof-of-Authority (HDPoA) via scalable work. The measured results of transaction confirmation time and power consumption, and the analyses of security aspects have shown that HDPoA is a suitable and secure protocol for deployment within blockchain-based IoT applications.

The energy sector is facing increasing risks, mainly concerning fraudulent activities and cyberattacks. This paradigm shift in risks would require innovative solutions. This paper proposes an innovative architecture based on Distributed Ledger Technologies (Blockchain) and Triple Entry Accounting (X-Accounting). The proposed architecture focusing on new applications of payment and billing would improve accountability and compliance as well as security and reliability. Future research can extend this architecture to other energy technologies and systems like EMS/SCADA and associated applications.

Vehicular Ad Hoc Network (VANET) is a pervasive network, where vehicles communicate with nearby vehicles and infrastructure nodes, such as Road-side unit (RSU). Information sharing among vehicles is an essential component of an intelligent transportation system (ITS), but security and privacy concerns must be taken into consideration. Security of the network can be improved by granting access only to authenticated vehicles and restricting or revoking access for vehicles involved in misbehavior. In this paper, we present a novel blockchain based approach to authenticate vehicles and notify other vehicles about any unauthorized messages in real time. This helps protect other vehicles in the network from making critical decisions based on false or inaccurate information. In the proposed architecture, vehicles communicate with each other using pseudonyms or pseudo IDs and the Blockchain is used to securely maintain the real identity of all vehicles, which can be linked to the pseudo IDs if needed. The goal is to protect privacy or individual vehicles, while still ensuring accountability in case of misbehavior. The performance of the proposed approach is evaluated for different vehicle and attacker densities, and results demonstrate it has lower authentication delay and communication overhead compared to existing approaches.

Named Data Networking (NDN) is an emerging network architecture, which is built by keeping data as its pivotal point. The in-network cache, one of the important characteristics, makes data packets to be available from multiple locations on the Internet. Hence data access control and their enforcement mechanisms become even more critical in the NDNs. In this paper, we propose a novel encryption-based data access control scheme using Role-Based Encryption (RBE). The inheritance property of our scheme provides a natural way to achieve efficient data access control over hierarchical content. This in turn makes our scheme suitable for large scale real world content-centric applications and services such as Netflix. Further, the proposed scheme introduces an anonymous signature-based authentication mechanism to reject bogus data requests nearer to the source, thereby preventing them from entering the network. This in turn helps to mitigate better denial of service attacks. In addition, the signature mechanism supports unlinkability, which is essential to prevent leakages of individual user's access patterns. Another major feature of the proposed scheme is that it provides accountability of the Internet Service Providers (ISPs) using batch signature verification. Moreover, we have developed a transparent and secure dispute resolution and payment mechanism using smart-contract and blockchain technologies. We present a formal security analysis of our scheme to show it is provably secure against Chosen Plaintext Attacks. We also demonstrate that our scheme supports more functionalities than the existing schemes and its performance is better in terms of computation, communication and storage.

The traditional Proof of Existence blockchain service on the Bitcoin network can be used to verify the existence of any research data at a specific point of time, and to validate the data integrity, without revealing its content. Several variants of the blockchain service exist to certify the existence of data relying on cryptographic fingerprinting, thus enabling an efficient verification of the authenticity of such certifications. However, nowadays research data is continuously changing and being modified through different processing steps in most scientific research workflows such that certifications of individual data objects seem to be constantly outdated in this setting. This paper describes how the blockchain and distributed ledger technology can be used to form a new certification model, that captures the research process as a whole in a more meaningful way, including the description of the used data through its different stages and the associated computational pipeline, code for analysis and the experimental design. The scientific blockchain infrastructure bloxberg, together with a deep learning based analysis from the behavioral science field are used to show the applicability of the approach.

In today's digital era, data is most important in every phase of work. The storage and processing on data with security is the need of each and every application field. Data need to be tamper resistant due to possibility of alteration. Data can be represented and stored in heterogeneous format. There are chances of attack on information which is vital for particular organization. With rapid increase in cyber crime, attackers behave maliciously to alter those data. But it is having great impact on forensic evidences which is required for provenance. Therefore, it is required to maintain the reliability and provenance of digital evidences as it travels through various stages during forensic investigation. In this approach, there is a forensic chain in which generated report passes through various levels or intermediaries such as pathology laboratory, doctor, police department etc. To build the transparent system with immutability of forensic evidences, blockchain technology is more suitable. Blockchain technology provides the transfer of assets or evidence reports in transparent environment without central authority. In this paper blockchain based secure system for forensic evidences is proposed. The proposed system is implemented on Ethereum platform. The tampering of forensic evidence can be easily traced at any stage by anyone in the forensic chain. The security enhancement of forensic evidences is achieved through implementation on Ethereum platform with high integrity, traceability and immutability.

In this work a data provenance system for grid-oriented applications is presented. The proposed Keyless Infrastructure Security Solution (KISS) provides mechanisms to store and maintain digital data fingerprints that can later be used to validate and assert data provenance using a time-based, hash tree mechanism. The developed solution has been designed to satisfy the stringent requirements of the modern power grid including execution time and storage necessities. Its applicability has been tested using a lab-scale, proof-of-concept deployment that secures an energy management system against the attack sequence observed on the 2016 Ukrainian power grid cyberattack. The results demonstrate a strong potential for enabling data provenance in a wide array of applications, including speed-sensitive applications such as those found in control room environments.

Cloud storage technology enables users to outsource local data to cloud service provider (CSP). In spite of its copious advantages, how to ensure the integrity of data has always been a significant issue. A variety of provable data possession (PDP) scheme have been proposed for cloud storage scenarios. However, the participation of centralized trusted third-party auditor (TPA) in most of the previous work has brought new security risks, because the TPA is prone to the single point of failure. Furthermore, the existing schemes do not consider the fair arbitration and lack an effective method to punish the malicious behavior. To address the above challenges, we propose a novel blockchain-based decentralized data integrity auditing scheme without the need for a centralized TPA. By using smart contract technique, our scheme supports automatic compensation mechanism. DO and CSP must first pay a certain amount of ether for the smart contract as deposit. The CSP gets the corresponding storage fee if the integrity auditing is passed. Otherwise, the CSP not only gets no fee but has to compensate DO whose data integrity is destroyed. Security analysis shows that the proposed scheme can resist a variety of attacks. Also, we implement our scheme on the platform of Ethereum to demonstrate the efficiency and effectiveness of our scheme.

To improve efficiency of stegosystem on blockchain and balance the time consumption of Encode and Decode operations, we propose a new blockchain-based steganography scheme, called Keys as Secret Messages (KASM), where a codebook of mappings between bitstrings and public keys can be pre-calculated by both sides with some secret parameters pre-negotiated before covert communication. By applying properties of elliptic curves and pseudorandom number generators, we realize key derivation of codebook item, and we construct the stegosystem with provable security under chosen hiddentext attack. By comparing KASM with Blockchain Covert Channel (BLOCCE) and testing on Bitcoin protocol, we conclude that our proposed stegosystem encodes hiddentexts faster than BLOCCE does and can decode stegotexts in highly acceptable time. The balanced time consumption of Encode and Decode operations of KASM make it applicable in the scene of duplex communication. At the same time, KASM does not leak sender’s private keys, so sender’s digital currencies can be protected.

In recent years, the commodities industry has grown rapidly under the stimulus of domestic demand and the expansion of cross-border trade. It has also been combined with the rapid development of e-commerce technology in the same period to form a flexible and efficient e-commerce system for bulk commodities. However, the hasty combination of both has inspired a lack of effective regulatory measures in the bulk industry, leading to constant industry chaos. Among them, the problem of lagging evidence in regulatory platforms is particularly prominent. Based on this, we design a blockchain-based evidential and secure bulk-commodity supervisory system (abbr. BeBus). Setting different privacy protection policies for each participant in the system, the solution ensures effective forensics and tamper-proof evidence to meet the needs of the bulk business scenario.

Blockchain technology (BCT) has paved a way for new potentials of handling serious data privacy, integrity and security issues in healthcare. To curb the increasing challenges in healthcare industry, healthcare organizations need to apply blockchain technology to better improve patient safety and protect patients records from counterfeiting and fraud. The purpose of this research paper was to define BCT can assist in improving pharmaceutical industries in Saudi Arabia upon utilization of its application. This study adopted quantitative methods to gather the study data. Based on healthcare leaders perception and Internet connection, lack of cooperation, and economic inequality were found to be leading factors hindering the application of blockchain technology in the pharmaceutical industries, Saudi Arabia. Factors facilitating the application of blockchain technology in the pharmaceutical industries, Saudi Arabia were found as system robustness of BCT, increased data safety and decentralization, need for enhanced supply chain management and interoperability, and government laws and policies. Adopting interventions that are targeted to specific patient population medications, effective delivery systems, transit provider reimbursement far from intensity and volume of services towards value and quality was found to compromise the pre-existent challenges and real capacity in healthcare system. Although the relationship between implementation of blockchain technology and cost spending is negative in the short-term, in the long run, the relationship is positive Blockchain helps in managing multiple levels in a more secure way, reduces paper work and amplifies verification inefficiency.

With the development of various technologies, the modern industry has been promoted to a new era known as Industry 4.0. Within such paradigm, smart factories are becoming widely recognized as the fundamental concept. These systems generate and exchange vast amounts of privacy-sensitive data, which makes them attractive targets of attacks and unauthorized access. To improve privacy and security within such environments, a more decentralized approach is seen as the solution to allow their longterm growth. Currently, the blockchain technology represents one of the most suitable candidate technologies able to support distributed and secure ecosystem for Industry 4.0 while ensuring reliability, information integrity and access authorization. Blockchain based access control frameworks address encountered challenges regarding the confidentiality, traceability and notarization of access demands and procedures. However significant additional fears are raised about entities' privacy regarding access history and shared policies. In this paper, our main focus is to ensure strong privacy guarantees over the access control related procedures regarding access requester sensitive attributes and shared access control policies. The proposed scheme called PDAMF based on ring signatures adds a privacy layer for hiding sensitive attributes while keeping the verification process transparent and public. Results from a real implementation plus performance evaluation prove the proposed concept and demonstrate its feasibility.

Blockchain-based cryptocurrencies offer an appealing alternative to Fiat currencies, due to their decentralized and borderless nature. However the decentralized settings make the authentication process more challenging: Standard cryptographic methods often rely on the ability of users to reliably store a (large) secret information. What happens if one user's key is lost or stolen? Blockchain systems lack of fallback mechanisms that allow one to recover from such an event, whereas the traditional banking system has developed and deploys quite effective solutions. In this work, we develop new cryptographic techniques to integrate security policies (developed in the traditional banking domain) in the blockchain settings. We propose a system where a smart contract is given the custody of the user's funds and has the ability to invoke a two-factor authentication (2FA) procedure in case of an exceptional event (e.g., a particularly large transaction or a key recovery request). To enable this, the owner of the account secret-shares the answers of some security questions among a committee of users. When the 2FA mechanism is triggered, the committee members can provide the smart contract with enough information to check whether an attempt was successful, and nothing more. We then design a protocol that securely and efficiently implements such a functionality: The protocol is round-optimal, is robust to the corruption of a subset of committee members, supports low-entropy secrets, and is concretely efficient. As a stepping stone towards the design of this protocol, we introduce a new threshold homomorphic encryption scheme for linear predicates from bilinear maps, which might be of independent interest. To substantiate the practicality of our approach, we implement the above protocol as a smart contract in Ethereum and show that it can be used today as an additional safeguard for suspicious transactions, at minimal added cost. We also implement a second scheme where the smart contract additionally requests a signature from a physical hardware token, whose verification key is registered upfront by the owner of the funds. We show how to integrate the widely used universal two-factor authentication (U2F) tokens in blockchain environments, thus enabling the deployment of our system with available hardware.

In the past few years, the blockchain emerged as peer-to-peer distributed ledger technology for recording transactions, maintained by many peers without any central trusted regulatory authority through distributed public-key cryptography and consensus mechanism. It has not only given the birth of cryptocurrencies, but it also resolved various security, privacy and transparency issues of decentralized systems. This article discussed the blockchain basics overview, architecture, and blockchain security components such as hash function, Merkle tree, digital signature, and Elliptic curve cryptography (ECC). In addition to the core idea of blockchain, we focus on ECC's significance in the blockchain. We also discussed why RSA and other key generation mechanisms are not suitable for blockchain-based IoT applications. We also analyze many possible blockchain-based applications where ECC algorithm is better than other algorithms concerning security and privacy assurance. At the end of the article, we will explain the comparative analysis of ECC and RSA.

The Bitcoin blockchain is managed by an underlying peer-to-peer network. This network is responsible for the propagation of transactions carried out by users via the blocks (which contain the validated transactions), and to ensure consensus between the different nodes. The quality and safety of this network are therefore particularly essential. In this work, we present an open dataset on the peers composing the Bitcoin P2P Network that was made following a well defined and reproducible methodology. We also provide a first analysis of the dataset on three criteria: the number of public nodes and their client version and geographical distribution.

Blockchain is opening up new avenues for the development of new sorts of digital services. In this article, we'll employ the transparent Blockchain method to propose a system for collecting data from many sources and databases for use in local and national elections. The Blockchain-based system will be safe, trustworthy, and private. It will assist to know the overall count of the candidates who participated and it functions in the same way as people's faith in their governments does. Blockchain technology is the one that handles the actual vote. We use the secure hash algorithm for resolving this problem and tried to bring a solution through the usage of this booming technology. A centralized database in a blockchain system keeps track of the secure electronic interactions of users in a peer-to-peer network.

An electronic medical record (EMR) is the digital medical data of a patient, and they are healthcare system's most valuable asset. In this paper, we introduce a decentralized network using blockchain technology and smart contracts as a solution to manage and secure medical records storing, and transactions between medical healthcare providers. Ethereum blockchain is employed to build the blockchain. Solidity object-oriented language was utilized to implement smart contracts to digitally facilitate and verify transactions across the network (creating records, access requests, permitting access, revoking access, rejecting access). This will mitigate prevailing issues of current systems and enhance their performance, since current EMRs are stored on a centralized database, which cannot guarantee data integrity and security, consequently making them susceptible to malicious attacks. Our proposed system approach is of vital importance considering that healthcare providers depend on various tests in making a decision about a patient's diagnosis, and the respective plan of treatment they will go through. These tests are not shared with other providers, while data is scattered on various systems, as a consequence of these ensuing scenarios, patients suffer of the resulting care provided. Moreover, blockchain can meliorate the motley serious challenges caused by future use of IoT devices that provide real-time data from patients. Therefore, integrating the two technologies will produce decentralized IoT based healthcare systems.

With the tremendous growth of IoT application, providing security to IoT systems has become more critical. In this paper, a technique is presented to ensure the safety of Internet of Things (IoT) devices. This technique ensures hardware and software security of IoT devices. Blockchain technology is used for software security and hardware logics are used for hardware security. For enabling a Blockchain, Ethereum Network is used for secure peer-to-peer transmission. A prototype model is also used using two IoT nodes to demonstrate the security logic.

As an innovative type of decentralized model, blockchain is a growing list of blocks linked by cryptography. Blockchain incorporates anonymity protocol, distributed data storage, consensus algorithm, and smart contract. The anonymity protocols in blockchain are significant in that they could protect users from leaking their personal information. In this paper, we will conduct a detailed review and comparison of anonymity protocols used in three famous cryptocurrencies, namely Bitcoin, Zcash, and Ethereum.

In the context of Industrial Internet logo analysis, this paper analyzes the feasibility and outstanding advantages of the blockchain technology applied to supply chain data supervision combining the pain spots of traditional supply chain management system and the technical superiority. Although blockchain technology has uprooted some deep-entrenched problems of supply chain data management system, it brings new issues to government supervision in the meanwhile. Upon the analysis of current development and the new problems of blockchain-based supply chain data management system, a new parent-children blockchain-based supply chain data supervision system is proposed, which targets to overcome the dilemma faced by the governmental regulation of supply chain. Firstly, with the characteristics of blockchain including decentralization, non-tampering and non-repudiation, the system can solve the problem puzzling the traditional database about untruthful and unreliable data, and has advantages in managing supply chain and realizing product traceability. The authenticity and reliability of data on the chain also make it easier for the government to investigate and affix the responsibility of vicious incidents. At the same time, the system adopts the parent-children chain structure and the storage mode combining on-chain and off-chain resources to overcome the contradiction between information disclosure requirements of the government and privacy protection requirements of enterprises, which can better meet the needs of various users. Moreover, the application of smart contracts can replace a large number of the manual work like repetitive data analysis, which can make analysis results more accurate and avoid human failure.

Wearable devices are emerging as effective modalities for the collection of individuals’ data. While this data can be leveraged for use in several areas ranging from health-care to crime investigation, storing and securely accessing such information while preserving privacy and detecting any tampering attempts are significant challenges. This paper describes a decentralized system that ensures an individual’s privacy, maintains an immutable log of any data access, and provides decentralized access control management. Our proposed framework uses a custom permissioned blockchain protocol to securely log data transactions from wearable devices in the blockchain ledger. We have implemented a proof-of-concept for our framework, and our preliminary evaluation is summarized to demonstrate our proposed framework’s capabilities. We have also discussed various application scenarios of our privacy-preserving model using blockchain and proof-of-authority. Our research aims to detect data tampering attempts in data sharing scenarios using a thorough transaction log model.

Recent years have seen an increase in medical big data, which can be attributed to a paradigm shift experienced in medical data sharing induced by the growth of medical technology and the Internet of Things. The evidence of this potential has been proved during the recent covid-19 pandemic, which was characterised by the use of medical wearable devices to help with the medical data exchange between the healthcare providers and patients in a bid to contain the pandemic. However, the use of these technologies has also raised questions and concerns about security and privacy risks. To assist in resolving this issue, this paper proposes a blockchain-based access control framework for managing access to users’ medical data. This is facilitated by using a smart contract on the blockchain, which allows for delegated access control and secure user authentication. This solution leverages blockchain technology’s inherent autonomy and immutability to solve the existing access control challenges. We have presented the solution in the form of a medical wearable sensor prototype and a mobile app that uses the Ethereum blockchain in a real data sharing control scenario. Based on the empirical results, the proposed solution has proven effective. It has the potential to facilitate reliable data exchange while also protecting sensitive health information against potential threats. When subjected to security analysis and evaluation, the system exhibits performance improvements in data privacy levels, high security and lightweight access control design compared to the current centralised access control models.