Biblio

The Internet of Vehicles (IoV) has a tremendous prospect for numerous vehicular applications. IoV enables vehicles to transmit data to improve roadway safety and efficiency. Data security is essential for increasing the security and privacy of vehicle and roadway infrastructures in IoV systems. Several researchers proposed numerous solutions to address security and privacy issues in IoV systems. However, these issues are not proper solutions that lack data authentication and verification protocols. In this paper, a blockchain-enabled automated data management system for vehicles has been proposed and demonstrated. This work enables automated data verification and authentication using smart contracts. Certified organizations can only access vehicle data uploaded by the vehicle user to the Interplanetary File System (IPFS) server through that vehicle user’s consent. The proposed system increases the security of vehicles and data. Vehicle privacy is also maintained here by increasing data privacy.

In the traditional Internet of Vehicles, communication data is easily tampered with and easily leaked. In order to improve the trust evaluation mechanism of the Internet of Vehicles and establish a trust relationship between vehicles, a blockchain-based Internet of Vehicles trust evaluation (BBTE) scheme is proposed. First, the scheme uses the roadside unit RSU to calculate the trust value of vehicle nodes and maintain the generation, verification and storage of blocks, so as to realize distributed data storage and ensure that data cannot be tampered with. Secondly, an efficient trust evaluation method is designed. The method integrates four trust decision factors: initial trust, historical experience trust, recommendation trust and RSU observation trust to obtain the overall trust value of vehicle nodes. In addition, in the process of constructing the recommendation trust method, the recommendation trust is divided into three categories according to the interaction between the recommended vehicle node and the communicator, use CRITIC to obtain the optimal weights of three recommended trusts, and use CRITIC to obtain the optimal weights of four trust decision-making factors to obtain the final trust value. Finally, the NS3 simulation platform is used to verify the security and accuracy of the trust evaluation method, and to improve the identification accuracy and detection rate of malicious vehicle nodes. The experimental analysis shows that the scheme can effectively deal with the gray hole attack, slander attack and collusion attack of other vehicle nodes, improve the security of vehicle node communication interaction, and provide technical support for the basic application of Internet of Vehicles security.

With the development of urbanization, the number of vehicles is gradually increasing, and vehicles are gradually developing in the direction of intelligence. How to ensure that the data of intelligent vehicles is not tampered in the process of transmission to the cloud is the key problem of current research. Therefore, we have established a data security transmission system based on blockchain. First, we collect and filter vehicle data locally, and then use blockchain technology to transmit key data. Through the smart contract, the key data is automatically and accurately transmitted to the surrounding node vehicles, and the vehicles transmit data to each other to form a transaction and spread to the whole network. The node data is verified through the node data consensus protocol of intelligent vehicle data security transmission system, and written into the block to form a blockchain. Finally, the vehicle user can query the transaction record through the vehicle address. The results show that we can safely and accurately transmit and query vehicle data in the blockchain database.

In order to meet the needs of intellectual property protection and controlled sharing of scientific research sensitive data, a mechanism is proposed for security protection throughout “transfer, store and use” process of sensitive data which based on blockchain. This blockchain bottom layer security is reinforced. First, the encryption algorithm used is replaced by the national secret algorithm and the smart contract is encapsulated as API at the gateway level. Signature validation is performed when the API is used to prevent illegal access. Then the whole process of data up-chain, storage and down-chain is encrypted, and a mechanism of data structure query and data query condition construction based on blockchain smart is provided to ensure that the data is “usable and invisible”. Finally, data access control is ensured through role-based and hierarchical protection, and the blockchain base developed has good extensibility, which can meet the requirement of sensitive data security protection in scientific research filed and has broad application prospects.

[Purpose/meaning] In this paper, a unified scheme based on blockchain technology to realize the three modules of intellectual property confirmation, utilization, and protection of rights at the application layer is constructed, to solve the problem of unbalanced and inadequate resource distribution and development level in the field of industrial intellectual property. [Method/process] Based on the application of the core technology of blockchain in the field of intellectual property, this paper analyzes the pain points in the current field of intellectual property, and selects matching blockchain types according to the protection of intellectual property and the different decisions involved in the transaction process, to build a heterogeneous multi-chain model based on blockchain technology. [Conclusion] The heterogeneous multi-chain model based on Polkadot[1] network is proposed to realize the intellectual property protection scheme of a heterogeneous multi-chain model, to promote collaborative design and product development between regions, and to make up for the shortcomings of technical exchange, and weaken the phenomenon of "information island" in a certain extent. [Limitation/deficiency] The design of smart contracts in the field of intellectual property, the development of cross-chain protocols, and the formulation of national standards for blockchain technology still need to be developed and improved. At the same time, the intellectual property protection model designed in this paper needs to be verified in the application of practical cases.

Smart contracts are an attractive aspect of blockchain technology. A smart contract is a piece of executable code that runs on top of the blockchain and is used to facilitate, execute, and enforce agreements between untrustworthy parties without the need for a third party. This paper offers a review of the literature on smart contract applications in intellectual property management. The goal is to look at technology advancements and smart contract deployment in this area. The theoretical foundation of many papers published in recent years is used as a source of theoretical and implementation research for this purpose. According to the literature review we conducted, smart contracts function automatically, control, or document legally significant events and activities in line with the contract agreement's terms. This is a relatively new technology that is projected to deliver solutions for trust, security, and transparency across a variety of areas. An exploratory strategy was used to perform this literature review.

This paper deals with how to implement a system that extends insider threat behavior data using private blockchain technology to overcome the limitations of insider threat datasets. Currently, insider threat data is completely undetectable in existing datasets for new methods of insider threat due to the lack of insider threat scenarios and abstracted event behavior. Also, depending on the size of the company, it was difficult to secure a sample of data with the limit of a small number of leaks among many general users in other organizations. In this study, we consider insiders who pose a threat to all businesses as public enemies. In addition, we proposed a system that can use a private blockchain to expand insider threat behavior data between network participants in real-time to ensure reliability and transparency.

Digital identity management system is the securi-ty infrastructure of computer and internet applications. However, currently, most of the digital identity management systems are faced with problems such as the difficulty of cross-domain authentication and interoperation, the lack of credibility of identity authentication, the weakness of the security of identity data. Although the advantages of block-chain technology have attached the attentions of experts and scholars in the field of digital identity management and many digital identity management systems based on block-chain have been built, the systems still can't completely solve the problems mentioned above. Therefore, in this pa-per, an effective digital identity management system model is proposed which combines technologies of self-sovereign identity and oracle with blockchain so as to pave a way in solving the problems mentioned above and constructing a secure and reliable digital identity management system.

Identity Management Systems (IdMS) have seemingly evolved in recent years, both in terms of modelling approach and in terms of used technology. The early centralized, later federated and user-centric Identity Management (IdM) was finally replaced by Self-Sovereign Identity (SSI). Solutions based on Distributed Ledger Technology (DLT) appeared, with prominent examples of uPort, Sovrin or ShoCard. In effect, users got more freedom in creation and management of their identities. IdM systems became more distributed, too. However, in the area of interoperability, dynamic and ad-hoc identity management there has been almost no significant progress. Quest for the best IdM system which will be used by all entities and organizations is deemed to fail. The environment of IdM systems is, and in the near future will still be, heterogenous. Therefore a person will have to manage her or his identities in multiple IdM systems. In this article authors argument that future-proof IdM systems should be able to interoperate with each other dynamically, i.e. be able to discover existence of different identities of a person across multiple IdM systems, dynamically build trust relations and be able to translate identity assertions and claims across various IdM domains. Finally, authors introduce identity relationship model and corresponding identity discovery algorithm, propose IdMS-agnostic identity discovery service design and its implementation with use of Ethereum and Smart Contracts.

Data privacy is a key concern for smart contracts handling sensitive data. The existing work zkay addresses this concern by allowing developers without cryptographic expertise to enforce data privacy. However, while zkay avoids fundamental limitations of other private smart contract systems, it cannot express key applications that involve operations on foreign data.We present ZeeStar, a language and compiler allowing non-experts to instantiate private smart contracts and supporting operations on foreign data. The ZeeStar language allows developers to ergonomically specify privacy constraints using zkay’s privacy annotations. The ZeeStar compiler then provably realizes these constraints by combining non-interactive zero-knowledge proofs and additively homomorphic encryption.We implemented ZeeStar for the public blockchain Ethereum. We demonstrated its expressiveness by encoding 12 example contracts, including oblivious transfer and a private payment system like Zether. ZeeStar is practical: it prepares transactions for our contracts in at most 54.7s, at an average cost of 339k gas.

With the advent of the era of big data, the files that need to be stored in the storage system will increase exponentially. Cloud storage has become the most popular data storage method due to its powerful convenience and storage capacity. However, in order to save costs, some cloud service providers, Malicious deletion of the user's infrequently accessed data causes the user to suffer losses. Aiming at data integrity and privacy issues, a blockchain-based cloud storage integrity verification scheme for recoverable data is proposed. The scheme uses the Merkle tree properties, anonymity, immutability and smart contracts of the blockchain to effectively solve the problems of cloud storage integrity verification and data damage recovery, and has been tested and analyzed that the scheme is safe and effective.

With the rapid development of cloud storage technology, an increasing number of enterprises and users choose to store data in the cloud, which can reduce the local overhead and ensure safe storage, sharing, and deletion. In cloud storage, safe data deletion is a critical and challenging problem. This paper proposes an assured data deletion scheme based on multi-authoritative users in the semi-trusted cloud storage scenario (MAU-AD), which aims to realize the secure management of the key without introducing any trusted third party and achieve assured deletion of cloud data. MAU-AD uses access policy graphs to achieve fine-grained access control and data sharing. Besides, the data security is guaranteed by mutual restriction between authoritative users, and the system robustness is improved by multiple authoritative users jointly managing keys. In addition, the traceability of misconduct in the system can be realized by blockchain technology. Through simulation experiments and comparison with related schemes, MAU-AD is proven safe and effective, and it provides a novel application scenario for the assured deletion of cloud storage data.

Social Internet of Vehicle (SIoV) has emerged as one of the most promising applications for vehicle communication, which provides safe and comfortable driving experience. It reduces traffic jams and accidents, thereby saving public resources. However, the wrongly communicated messages would cause serious issues, including life threats. So it is essential to ensure the reliability of the message before acting on considering that. Existing works use cryptographic primitives like threshold authentication and ring signatures, which incurs huge computation and communication overheads, and the ring signature size grew linearly with the threshold value. Our objective is to keep the signature size constant regardless of the threshold value. This work proposes MuSigRDT, a multisignature contract based data transmission protocol using Schnorr digital signature. MuSigRDT provides incentives, to encourage the vehicles to share correct information in real-time and participate honestly in SIoV. MuSigRDT is shown to be secure under Universal Composability (UC) framework. The MuSigRDT contract is deployed on Ethereum's Rinkeby testnet.

User privacy is an attractive and valuable task to the success of blockchain systems. However, user privacy protection's performance and data capacity have not been well studied in existing access control models of blockchain systems because of traceability and openness of the P2P network. This paper focuses on investigating performance and data capacity from a blockchain infrastructure perspective, which adds secondary encryption to shield confidential information in a non-invasive way. First, we propose an efficient asymmetric encryption scheme by combining homomorphic encryption and state-of-the-art multi-signature key aggregation to preserve privacy. Second, we use smart contracts and CA infrastructure to achieve attribute-based access control. Then, we use the non-interactive zero-knowledge proof scheme to achieve secondary confidentiality explicitly. Finally, experiments show our scheme succeeds better performance in data capacity and system than other schemes. This scheme improves availability and robust scalability, solves the problem of multi-signature key distribution and the unlinkability of transactions. Our scheme has established a sound security cross-chain system and privacy confidentiality mechanism and that has more excellent performance and higher system computing ability than other schemes.

IoT has been an efficient technology for interconnecting different physical objects with the internet. Several cyber-attacks have resulted in compromise in security. Blockchain distributed ledger provide immutability that can answer IoT security concerns. The paper aims at highlighting the challenges & problems currently associated with IoT implementation in real world and how these problems can be minimized by implementing Blockchain based solutions and smart contracts. Blockchain helps in creation of new highly robust IoT known as Blockchain of Things(BCoT). We will also examine presently employed projects working with integrating Blockchain & IoT together for creating desired solutions. We will also try to understand challenges & roadblocks preventing the further implementation of both technologies merger.

Virtual power plants are among the promising ways that variable generation and flexible demand may be optimally balanced in the future. The virtual power plant is an important branch of the energy internet, and it plays an important role in the aggregation of distributed power generation resources and the establishment of virtual power resource transactions. However, in the existing virtual power plant model, the following problems are becoming increasingly prominent, such as safeguard, credit rating system, privacy protection, benefit distribution. Firstly, the operation and transaction mechanism of the virtual power plant was introduced. Then, the blockchain technology is introduced into the virtual power plant transaction to make it more conducive to the information transparent, stable dispatch system, data security, and storage security. Finally, the operation and transaction system based on blockchain technology for the virtual power plant was design.

Blockchain smart contracts are prevalent nowadays as numerous applications are developed based on this feature. Though smart contracts are important and widely used, they contain certain vulnerabilities. This paper discusses various security issues that arise in smart contract applications. They are categorized in the smart contract platform, the applications that integrate with the Blockchain, and the vulnerabilities in smart contract code. A detailed study of smart contract-specific vulnerabilities and the defense against those vulnerabilities are presented in this article. Because of certain limitations of platforms or programming language used to write smart contract, there are possibilities of attacks on smart contracts. Hence different security measures or precautions to be taken while writing the smart contract code is discussed in this article. This will prevent the potential attacks happening on Blockchain distributed applications.

The term cryptocurrency refers to a digital currency based on cryptographic concepts that have become popular in recent years. Bitcoin is a decentralized cryptocurrency that uses the distributed append-only public database known as blockchain to record every transaction. The incentive-compatible Proof-of-Work (PoW)-centered decentralized consensus procedure, which is upheld by the network's nodes known as miners, is essential to the safety of bitcoin. Interest in Bitcoin appears to be growing as the market continues to rise. Bitcoins and Blockchains have identical fundamental ideas, which are briefly discussed in this paper. Various studies discuss blockchain as a revolutionary innovation that has various applications, spanning from bitcoins to smart contracts, and also about it being a solution to many issues. Furthermore, many papers are reviewed here that not only look at Bitcoin’s fundamental underpinning technologies, such as Mixing and the Bitcoin Wallets but also at the flaws in it.

While it is possible to exchange tokens whose smart contracts are on the same blockchain, cross-exchanging bitcoins for a Bitcoin wrapped token is still cumbersome. In particular, current methods of exchange are still custodial and perform privacy-threatening controls on the users in order to operate. To solve this problem we present BxTB: cross-chain exchanges of bitcoins for any Bitcoin wrapped tokens. BxTB lets users achieve that by bypassing the mint-and-burn paradigm of current wrapped tokens and cross-exchanging already minted tokens in a P2P way. Instead of relaying on HTLCs and the overhead of communication and slowness due to time-locks, we leverage Stateless SPVs, i.e. proof-of-inclusion of transactions in the Bitcoin chain validated through a smart contract deployed on the other blockchain. Furthermore, since this primitive has not been introduced in the academic literature yet, we formally introduce it and we prove its security.

The outsourcing of databases is very popular among IT companies and industries. It acts as a solution for businesses to ensure availability of the data for their users. The solution of outsourcing the database is to encrypt the data in a form where the database service provider can perform relational operations over the encrypted database. At the same time, the associated security risk of data leakage prevents many potential industries from deploying it. In this paper, we present a secure outsourcing database search scheme (BASDB) with the use of a smart contract for search operation over index of encrypted database and storing encrypted relational database in the cloud. Our proposed scheme BASDB is a simple and practical solution for effective search on encrypted relations and is well resistant to information leakage against attacks like search and access pattern leakage.

The secure Internet of Things (loT) increasingly relies on digital cryptographic signatures which require a private signature and public verification key. By their intrinsic nature, public keys are meant to be accessible to any interested party willing to verify a given signature. Thus, the storing of such keys is of great concern, since an adversary shall not be able to tamper with the public keys, e.g., on a local filesystem. Commonly used public-key infrastructures (PKIs), which handle the key distribution and storage, are not feasible in most use-cases, due to their resource intensity and high complexity. Thus, the general storing of the public verification keys is of notable interest for low-resource loT networks. By using the Distributed Ledger Technology (DLT), this paper proposes a decentralized concept for storing public signature verification keys in a tamper-resistant, secure, and resilient manner. By combining lightweight public-key exchange protocols with the proposed approach, the storing of verification keys becomes scalable and especially suitable for low-resource loT devices. This paper provides a Proof-of-Concept implementation of the DLT public-key store by extending our previously proposed NFC-Key Exchange (NFC-KE) protocol with a decentralized Hyperledger Fabric public-key store. The provided performance analysis shows that by using the decentralized keystore, the NFC- KE protocol gains an increased tamper resistance and overall system resilience while also showing expected performance degradations with a low real-world impact.

As the COVID-19 continues to spread globally, more and more companies are transforming into remote online offices, leading to the expansion of electronic signatures. However, the existing electronic signatures platform has the problem of data-centered management. The system is subject to data loss, tampering, and leakage when an attack from outside or inside occurs. In response to the above problems, this paper designs an electronic signature solution and implements a prototype system based on the consortium blockchain. The solution divides the contract signing process into four states: contract upload, initiation signing, verification signing, and confirm signing. The signing process is mapped with the blockchain-linked data. Users initiate the signature transaction by signing the uploaded contract's hash. The sign state transition is triggered when the transaction is uploaded to the blockchain under the consensus mechanism and the smart contract control, which effectively ensures the integrity of the electronic contract and the non-repudiation of the electronic signature. Finally, the blockchain performance test shows that the system can be applied to the business scenario of contract signing.

With the advent of cloud storage services many users tend to store their data in the cloud to save storage cost. However, this has lead to many security concerns, and one of the most important ones is ensuring data integrity. Public verification schemes are able to employ a third party auditor to perform data auditing on behalf of the user. But most public verification schemes are vulnerable to procrastinating auditors who may not perform auditing on time. These schemes do not have fair arbitration also, i.e. they lack a way to punish the malicious Cloud Service Provider (CSP) and compensate user whose data has been corrupted. On the other hand, CSP might be storing redundant data that could increase the storage cost for the CSP and computational cost of data auditing for the user. In this paper, we propose a Blockchain-based public auditing and deduplication scheme with a fair arbitration system against procrastinating auditors. The key idea requires auditors to record each verification using smart contract and store the result into a Blockchain as a transaction. Our scheme can detect and punish the procrastinating auditors and compensate users in the case of any data loss. Additionally, our scheme can detect and delete duplicate data that improve storage utilization and reduce the computational cost of data verification. Experimental evaluation demonstrates that our scheme is provably secure and does not incur overhead compared to the existing public auditing techniques while offering an additional feature of verifying the auditor’s performance.

Systems for relative localization in multi-robot systems based on ultra-wideband (UWB) ranging have recently emerged as robust solutions for GNSS-denied environments. Scalability remains one of the key challenges, particularly in adhoc deployments. Recent solutions include dynamic allocation of active and passive localization modes for different robots or nodes in the system. with larger-scale systems becoming more distributed, key research questions arise in the areas of security and trustability of such localization systems. This paper studies the potential integration of collaborative-decision making processes with distributed ledger technologies. Specifically, we investigate the design and implementation of a methodology for running an UWB role allocation algorithm within smart contracts in a blockchain. In previous works, we have separately studied the integration of ROS2 with the Hyperledger Fabric blockchain, and introduced a new algorithm for scalable UWB-based localization. In this paper, we extend these works by (i) running experiments with larger number of mobile robots switching between different spatial configurations and (ii) integrating the dynamic UWB role allocation algorithm into Fabric smart contracts for distributed decision-making in a system of multiple mobile robots. This enables us to deliver the same functionality within a secure and trustable process, with enhanced identity and data access management. Our results show the effectiveness of the UWB role allocation for continuously varying spatial formations of six autonomous mobile robots, while demonstrating a low impact on latency and computational resources of adding the blockchain layer that does not affect the localization process.

In the PKI-CA system with a traditional trust model based on trust chain and centralized private key management, there are some problems with issuing certificates illegally, denying issued certificates, tampering with issuance log, and leaking certificate private key due to the excessive power of a single CA. A novel distributed CA system based on blockchain was constructed to solve the problems. The system applied blockchain and smart contract to coordinate the certificate issuing process, and stored the issuing process logs and information used to verify certificates on the blockchain. It guaranteed the non-tamperability and non-repudiation of logs and information. Aiming at the disadvantage of easy leakage of private keys in centralized management mode, the system used the homomorphism of elliptic encryption algorithm, CPK and transformation matrix to generate and store user private keys safely and distributively. Experimental analysis showed that the system can not only overcome the drawbacks of the traditional PKI-CA system, but also issue certificates quickly and save as much storage as possible to store certificate private keys.