Abstract

Healthcare service providers store the patients’ electronic medical records in the cloud in order to provide high quality healthcare services. Patients’ sensitive data is typically encrypted before storing in the cloud. However, it gives rise to a new challenge, namely access control over encrypted data. Attribute-Based Encryption (ABE) is a promising cryptographic technique to achieve the fine grained access control on outsourced encrypted data. Traditional ABE schemes assume a fixed access policy that is not suitable for the present dynamic environment. Although some ABE schemes with a dynamic access control policy have been proposed in the literature, these schemes have not addressed forward security, backward security, and user revocation after a policy update. In this paper, we propose an ABE scheme that supports access policy updates, and also provides forward security, backward security and user revocation at the same time. We have formally shown that the proposed scheme is Chosen Plaintext Attack (CPA)-secure under the Decisional Bilinear Diffie–Hellman (DBDH) assumption. Finally, the performance analysis exhibits that the proposed scheme is efficient in communication and computation, and is also suitable for resource constrained devices.

Abstract

The rapid development of smartphone technology and the Internet services in mobile devices facilitates easy access to online social networking (OSN) sites anytime, anywhere. At the same time, this allures the adversaries to exploit the OSNs as a soft target for easy execution of various attacks that can quickly spread to a large number of users. In distributed denial-of-service (DDoS) attacks, an adversary aims to overwhelm the normal traffic of a targeted server with a flood of fake login messages so that the associated Internet service or website turns inoperable. In this paper, we propose a secure and lightweight authentication scheme (𝑃 𝑅𝐷𝑜𝑆) that resists DDoS and other security attacks in mobile OSN environments. We provide a multi-faceted solution towards the remedy of DDoS attacks in the OSN environment. After a certain threshold, the scheme discards further user login attempts and blocks an adversary who intends to overload the network server. We use the pre-loaded shadow identity and emergency key pairs, and a key-refilling strategy that rebuilds the essential synchronization between a blocked naive user and the OSN server. This technique restores the intended unlinkability property of the protocol. Using NS3 simulation, we study the impact of DDoS attackers on network throughput and network delay. Moreover, we validate and compare the proposed scheme against state-ofthe-art solutions using the real attacks and benign datasets. We use the Canadian Institute for Cybersecurity (CIC) DoS dataset 2017, which is generated by capturing the normal and DoS attack packets separately with subsequent pre-processed for testing. We also use the machine learning (ML) algorithms, such as K-Nearest Neighbor (KNN), Gaussian Naive Bayes, and Multilayer Perceptron (MLP) to demonstrate the performance of the proposed solution in a practical attack detection scenario. We observe that these algorithms provide 97.05%, 95.48%, and 96.6% DDoS attack detection accuracy, respectively.

Abstract

In this article, we propose an efficient Bloom filter and fuzzy extractor based user authentication technique, which is significant for an Internet of Things (IoT)-enabled multi-hop Wireless Sensor Networks (IoT-WSNs). The novelty of the proposed authentication technique is that it prevents fraudulent querying data delivery at the starting phase (i.e., at the querying sensor node itself) to stop false or counterfeit data flooding (which can exhaust the resources of IoT-WSNs) from the resource-constrained IoT-enabled sensor nodes to the nearby gateway node. The proposed authentication technique has the ability to significantly reduce the Bloom filter based false positive for user authentication in IoT-WSNs, while also preserving the constraint resources of WSNs. To estimate the security robustness of the proposed protocol based on the security goals of IoT-WSNs, we perform the formal security analysis using the random oracle and Real-Or-Random (ROR) models, informal security analysis and also the formal security verification using a widely-recognized automated software validation tool, known as Automated Validation of Internet Security Protocols and Applications (AVISPA). Next, communication and computational overheads analysis reveal that the proposed protocol is appropriate for resource-constrained sensor nodes. Furthermore, a correlative security feature and complexity analysis outcomes validate that the proposed protocol is reliable, secure, and efficient in comparison with other existing state of art related user authentication protocols.

Abstract

Electric vehicles have emerged as the future of transport worldwide with the rising need for greener and energy-efficient transportation solutions. This remarkable shift delegated a wide variety of protocols for reliable, scalable and secure communications in the electric vehicle transportation system. With this vision in mind, security researchers have proposed diverse authentication protocols vital for the electric vehicle charging system to protect the information exchanged between the various principals involved. Several existing authentication techniques, on the other hand, are either vulnerable to significant security threats or are limited to static charging. This article proposes a robust authentication mechanism for charging electric vehicles while driving, a scenario that is rapidly approaching in the future. The proposed protocol makes use of secure and lightweight primitives such as elliptic curves and hash functions. The proposed protocol's security is being analyzed to demonstrate that it is capable of withstanding relevant attacks. Additionally, the protocol achieves its objectives at a cost that is practically conceivable in terms of transmission and computing.

Abstract

An Internet of Things (IoT)-based healthcare monitoring system is an amalgamation of smart healthcare devices and applications which connect to the healthcare information system through the internet. It has opened up a world of possibilities in the medical field. Connected smart healthcare devices can collect important healthcare data and provide extra details about the symptoms. That further enables remote care as the patient can consult the appropriate healthcare expert. It generally provides patients more control over their lives and treatment. Moreover, a blockchain-enabled IoT-based healthcare monitoring system (BIoT-HMS) is one step ahead as it can reduce unnecessary hospital visits and the burden on healthcare systems by connecting patients to their healthcare experts and allowing the secure transfer and storage of healthcare data by making use of the blockchain mechanism. Some of the possible applications of BIoT-HMS are “remote health monitoring,” “management of healthcare operations,” “detection and prevention of diseases” and many more. However, IoT-based healthcare monitoring systems have issues related to security breaches and privacy of healthcare data. Therefore, it is essential to design some security protocols for IoT-based healthcare monitoring systems. From time to time researchers propose different protocols to secure the data of IoT-based healthcare monitoring systems. However, most of them are vulnerable to various types of attack like, replay, MiTM, impersonation, secret credentials leakage, unauthorized data update, etc., Therefore, researchers came up with the idea of inclusion of blockchain-enabled security in the IoT-based healthcare monitoring system, which further can be considered as a blockchain-enabled IoT-based healthcare monitoring system (BIoT-HMS). In this chapter, we provide the details of various possible architectures of BIoT-HMS. We also provide the details of various threats and attacks along with the threat model in BIoT-HMS. The security requirements and applications of BIoT-HMS are also discussed. We then provide the summary of various existing security protocols related to BIoT-HMS. The comparison of “security and functionality features” of security protocols related to BIoT-HMS is also provided.

Abstract

The Artificial Intelligence of Things (AIoT) is the amalgamation of Artificial Intelligence (AI) methods and the Internet of Things (IoT) infrastructure, which are deployed there to improve the overall performance of the system. AIoT can be deployed to achieve more efficient IoT operations; thereby can improve human-machine interactions and provide better data analysis. AI methods can be used to transform IoT data into useful information for the better decision-making processes, and it further increases the overall usability of the system. AIoT frameworks are very useful and applicable in a variety of applications, like security and surveillance system, smart home, intelligent transportation system, smart farming, secure and safe healthcare monitoring, industrial automation and control, eCommerce, logistics operations and control, and many more. However, AIoT frameworks may have issues related to data security and privacy as they are vulnerable to various types of information security-related attacks. These issues further cause the serious consequences, like the unauthorized data leakage and data update. Blockchain is a specific type of database. It is a digital ledger of transactions, which is duplicated and distributed across the entire network of computer systems. It stores data in the form of some blocks, which are then chained together. Blockchain is tamper proof and provides more security as compared to the traditional security mechanisms. Hence, blockchain can be integrated in various AIoT applications to provide more security. A generalized blockchain-envisioned secure authentication framework for AIoT has been proposed. The adversary model of blockchain-envisioned secure authentication framework for AIoT is also highlighted that covers most of the potential threats of a kind of communication environment. Various applications of the proposed framework are also discussed. Furthermore, different issues and challenges of the proposed framework are highlighted. In the end, we also provide some future research directions relevant to the proposed framework.

Abstract

Crowdsourcing is a practice of using collective intelligence of a group in order to achieve a common goal to solve complex problems in an innovative way. It involves obtaining information and opinions from a group of participants who submit their data (i.e., solutions) via the Internet using some applications. The application domains, where crowdsourcing can be used, include, but not limited to, healthcare, environment, public safety, disaster management, and transportation. Despite the unprecedented advantages of crowdsourcing, security and privacy are rising concerns that need to be addressed. Therefore, it is crucially important to provide effective solutions that address the security and privacy issues in crowdsourcing systems. To this end, the salient features of blockchain technology such as immutability, decentralization, transparency and resiliency can play a pivotal role to address the afore-mentioned security challenges. To fill these gaps, in this paper, we propose a new blockchain-based user authentication and key agreement scheme for crowdsourcing (BUAKA-CS) through lightweight cryptographic techniques. The security of the BUAKA-CS is proved through the formal method and also through other mathematical methods that depict the resilience of BUAKA-CS against various types of possible attacks. Moreover, the robustness of BUAKA-CS against possible attacks is proved through widelyrecognized automated software validation tools. We also compare BUAKA-CS with other existing schemes and prove its out performance in terms of security, functionality, computation and communication costs. Finally, we conduct the extensive blockchain-based simulations to measure the impact of BUAKA-CS on the performance of the system.

Abstract

Coronavirus 2019, called COVID-19, is a transmissible disease caused by severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2). It earlier impacted the citizens of China alone. However, it has rapidly spread all over the world. The COVID-19 supply chain system aims to facilitate access to several critical items, such as personal protective equipment (PPE), biomedical equipment, diagnostics supplies, and vaccines. In this article, we discuss a robust security framework for vaccine distribution and tracking in an Internet of Medical Things (IoMT)-based cloud-assisted COVID-19 environment by considering both intra-country and inter-country scenarios. Various transactions related to vaccine requests, orders, distribution, and tracking are put into the blockchain in the form of blocks. Since blockchain technology offers immutability, transparency, and decentralization, the security of the proposed framework has been improved significantly. The proposed framework also supports artificial intelligence(AI)-based big data analytics on the information stored into the blocks in the blockchain. Furthermore, a practical demonstration of the proposed framework has been done through a blockchain simulation study.

Abstract

—In an Internet of Things (IoT) enabled e-health system, smart health devices sense the health data continuously and share the collected data with the neighboring controller device (i.e., personal server) via some wireless communication mechanism (i.e., bluetooth and zigbee), and finally the data is stored on some health server (i.e., a server over the cloud). The health data is then accessible to healthcare service providers (for example, doctors, nursing staff, relatives of patient) for tracking and monitoring of health conditions of the patients for their better treatment at the earliest. In an IoT enabled health system, the smart healthcare devices communicate over public channel, which causes various types of threats and attacks on the ongoing communication. Therefore, we need a powerful privacypreserving security mechanism to secure the communication happens in an IoT enabled e-health system as the health data is strictly private and confidential. In this paper, we propose a new privacy-preserving access control and key management scheme for the secure communication of IoT enabled e-health system (SPCS-IoTEH). We also conduct informal security analysis of the proposed SPCS-IoTEH to show its robustness against various types of active and passive attacks. The performance of SPCSIoTEH is also shown to be better than other existing competing schemes.

Abstract

In recent years, the Internet of Things (IoT) enabled drones, also called as unmanned aerial vehicles (UAVs), are widely used in many applications ranging from military to civilian applications, such as wildlife monitoring. Since the drones provide a risk-free as well as low-cost facility in order to quickly and persistently monitor natural circumstances at high spacial temporal resolution, they help in wildlife monitoring research. Due to wireless communication nature, the communication among the deployed drones in their respective flying zones and the IoT smart devices installed in animal bodies, and also among the drones and their respective ground station server (GSS), is susceptible to various passive and active attacks. To mitigate these issues, we propose a public blockchain based access control implementation for wild-life monitoring purpose. The application of both access control and blockchain at the same time not only protects various attacks, but also maintains immutability, transparency as well as decentralization properties. Next, we simulate the proposed security framework for the blockchain part to measure the total computational time needed to add a varied number of blocks in a blockchain and also a varied number of transactions per block. Finally, a practical testbed experiment has been implemented to show the feasibility of the proposed framework. Index Terms—Wildlife monitoring, blockchain, consensus, access control, security, testbed experiments.