Abstract

Internet of Drones (IoD) architecture is designed to support a co-ordinated access for the airspace using the unmanned aerial vehicles (UAVs) known as drones. Recently, IoD communication environment is extremely useful for various applications in our daily activities. Artificial intelligence (AI)-enabled Internet of Things (IoT)-based drone-aided healthcare service is a specialized environment which can be used for different types of tasks, for instance, blood and urine samples collections, medicine delivery and for the delivery of other medical needs including the current pandemic of COVID-19. Due to wireless nature of communication among the deployed drones and their ground station server, several attacks (for example, replay, man-in-the-middle, impersonation and privileged-insider attacks) can be easily mounted by malicious attackers. To protect such attacks, the deployment of effective authentication, access control and key management schemes are extremely important in the IoD environment. Furthermore, combining the blockchain mechanism with deployed authentication make it more robust against various types of attacks. To mitigate such issues, we propose a private-blockchain based framework for secure communication in an IoT-enabled drone-aided healthcare environment. The blockchain-based simulation of the proposed framework has been carried out to measure its impact on various performance parameters.

Abstract

Industrial Internet of Things (IIoT) is a communication environment that consists of various interconnected sensing devices, instruments, and other devices connected together with industrial software tools and applications. The important applications of IIoT include industrial automation, predictive maintenance, smart logistics management, power management, smart package management and smart robotics. However, IIoT may be vulnerable to different types of attacks as the IoT smart devices communicate among each other via insecure communication means. Thus, there is an essential requirement of deployment of secure access control scheme in IIoT environment, which is one of the important security services for securing IIoT. In this paper, we propose a novel access control scheme for fog based IIoT communication, called SAC-FIIoT. We provide the details of network model as well as threat model, which are required to design SAC-FIIoT. The security analysis of SAC-FIIoT shows its resilience against various types of possible attacks. SAC-FIIoT is also compared with other related competing existing schemes and it was found that its performance is better than these competing schemes. Therefore, SAC-FIIoT is suitable for access control in a fog-based IIoT environment.

Abstract

Among the security services, like authentication, access control, key management and intrusion detection, user authentication is very much needed for a smart city environment because an external authorized user may require the real time data to be accessed directly from the deployed Internet of Things (IoT) enabled smart devices. Using the established session key between the user and an access smart device though mutual authentication and key agreement process, the real time data can be securely accessed. To deal with this issue, we propose a new user authentication scheme in smart city environment using three factors of a legal registered user (mobile device, password and biometrics). The proposed scheme is shown to be robust against a number of potential attacks needed in an IoT-based smart city deployment. The simulation study for formal security verification using the widely-accepted “Automated Validation of Internet Security Protocols and Applications (AVISPA)” tool demonstrates that the proposed scheme is also secure. Furthermore, experiments on various cryptographic primitives have been carried out using “MIRACL Cryptographic SDK: Multiprecision Integer and Rational Arithmetic Cryptographic Library” under both server and Raspberry PI 3 settings. Finally, a comprehensive comparative analysis shows the effectiveness and better security of the proposed scheme as compared with other state of art user authentication schemes.

Abstract

The vehicles in Internet of Vehicles (IoV) can be used to opportunistically gather and distribute the data in a smart city environment. However, at the same time, various security threats arise due to insecure communication happening among various entities in an IoV-based smart city deployment. To address this issue, we aim to design a novel blockchain-enabled batch authentication scheme in Artificial Intelligence (AI)-envisioned IoV-based smart city deployment. The latest trends and revolutions in technologies incorporate AI/Machine Learning (ML) in blockchaining to produce a secure, efficient and intelligent blockchain based system. The data stored in the blocks in the blockchain are authentic and genuine, which makes the AI/ML algorithms to work at their exceptions in order produce correct predictions on the blockchain data. Through the signing phase of the proposed scheme, each vehicle in a dynamically formed cluster broadcasts a message to its own member and respective road-side unit (RSU). In the proposed scheme, two types of authentication take place: vehicle to vehicle (V2V) authentication allows a vehicle to authenticate its neighbor vehicles in its cluster, while batch authentication permits a group of cluster vehicles to be authenticated by their . At the end, a group key is established among the vehicles and in their cluster. then gathers securely data from its vehicles and form several transactions including the information of vehicles and its own given information to the cluster member vehicles. The transactions are formed later by the nearby fog server associated with and then by the cloud server to form a complete block. The created blocks are mined by the cloud servers in a Peer-to-Peer (P2P) cloud server network through the voting-based Practical Byzantine Fault Tolerance (PBFT) consensus algorithm. The authentic and genuine data of the blockchain are utilized for Big data analytics through AI/ML algorithms. It is shown that the proposed scheme is highly robust against various attacks through formal and informal security analysis, and also through formal security verification tool. A detailed comparative analysis reveals that the proposed scheme achieves superior security and functionality features, and offers comparable storage, communication and computational costs as compared to other existing competing schemes. Finally, the blockchain implementation has been carried out on the proposed scheme to show its effectiveness.

Abstract

We design a new blockchain-based access control protocol in IoT-enabled smart-grid system, called DBACP-IoTSG. Through the proposed DBACP-IoTSG, the data is securely brought to the service providers from their respectively smart meters. The Peer-to-Peer (P2P) network is formed by the participating services providers, where the peer nodes are responsible for creating the blocks from the gathered data securely from their corresponding smart meters and adding them into the blockchain after validation of the blocks using the voting-based consensus algorithm. In our work, the blockchain is considered as private because the data collected from the consumers of the smart meters are private and confidential. By the formal security analysis under the random oracle model, non-mathematical security analysis and software-based formal security verification, DBACP-IoTSG is shown to be resistant against various attacks. We carry out the experimental results of various cryptographic primitives that are needed for comparative analysis using the widely-used Multiprecision Integer and Rational Arithmetic Cryptographic Library (MIRACL). A detailed comparative study reveals that DBACP-IoTSG supports more functionality features and provides better security apart from its low communication and computation costs as compared to recently proposed relevant schemes. In addition, the blockchain implementation of DBACPIoTSG has been performed to measure computational time needed for the varied number of blocks addition and also the varied number of transactions per block in the blockchain.

Abstract

Telecare medical information system (TMIS) implemented in wireless body area network (WBAN) is convenient and time-saving for patients and doctors. TMIS is realized using wearable devices worn by a patient, and wearable devices generate patient health data and transmit them to a server through a public channel. Unfortunately, a malicious attacker can attempt performing various attacks through such a channel. Therefore, establishing a secure authentication process between a patient and a server is essential. Moreover, wearable devices have limited storage power. Cloud computing can be considered to resolve this problem by providing a storage service in the TMIS environment. In this environment, access control of the patient health data is essential for the quality of healthcare. Furthermore, the database of the cloud server is a major target for an attacker. The attacker can try to modify, forge, or delete the stored data. To resolve these problems, we propose a secure authentication protocol for a cloud-assisted TMIS with access control using blockchain. We employ ciphertext-policy attribute-based encryption (CP-ABE) to establish access control for health data stored in the cloud server, and apply blockchain to guarantee data integrity. To prove robustness of the proposed protocol, we conduct informal analysis and Burrows-Adabi-Needham (BAN) logic analysis, and we formally validate the proposed protocol using automated validation of internet security protocols and applications (AVISPA). Consequently, we show that the proposed protocol provides more security and has better efficiency compared to related protocols. Therefore, the proposed protocol is proper for a practical TMIS environment.

Abstract

In Internet of Everything (IoE), malicious attacks detection and mitigation are important issues. These issues can be resolved through an access control framework where two entities first authenticate each other prior to establish any secret key for their secure communication. The sensing data of various smart devices in an IoE environment are processed securely at the nearby fog servers and at the same time legitimate users can also access the real-time data directly from designated smart devices through access control mechanism. We first discuss various attack trends in IoE environment. After that we discuss evolution of the blockchain technology in the IoE. An Artificial Intelligence (AI)-based blockchain-envisioned access control framework for malicious attacks detection and mitigation has been suggested to secure the IoE environment. Finally, a blockchain based implementation has been conducted on the proposed blockchain-envisioned access control framework for measuring the computational time needed for varying number of blocks mined in the blockchain and also for varying number of transactions per block.

Abstract

Software‐defined networking (SDN) is an agile, modern networking approach that facilitates innovations in the networking paradigm. The abstracted and centralized network operating system facilitates the network management and reduces operational expenditure (OPEX). The open nature and simplicity of the data‐forwarding plane dramatically reduces capital expenditure (CAPEX) by leveraging commodity servers and switches. SDN also lends itself very well to address major cloud computing issues and complement cloud services, especially in terms of network virtualization and networking as a service (NaaS). As a new technology, SDN does involve certain security challenges, which include distributed denial of service (DDoS) threats, build and run time injected malware, insider (tenant) attacks, and security holes resulting from controller misconfigurations. These are severe threats that can cripple an entire network. It is crucial to address the SDN vulnerabilities to ensure its successful deployment in private data center networks, on cloud platforms and beyond. Some security solutions leverage the built‐in features of SDN, such as its controller software component, while other solutions provide external SDN applications running above the controller. This study reviews the security solutions for the vulnerabilities of state‐of‐the‐art SDN controllers and the available countermeasures. Furthermore, an in‐depth analysis of the SDN features that support security is presented, and some unresolved research issues on SDN controllers are identified.

Abstract

Secure access of the real-time data from the IoT smart devices (e.g., vehicles) by a legitimate external party (user) is an important security service for Big Data collection in Internet of Things (IoT)-based Intelligent Transportation System (ITS). To deal with this important issue, we design a new three-factor user authentication scheme, called UAP-BCIoT, which relies on Elliptic Curve Cryptography (ECC). The mutual authentication between the user and an IoT device happens via the semi-trusted Cloud-Gateway (CG) node in UAP-BCIoT. UAP-BCIoT supports several functionality features needed for IoT-based ITS environment including IoT smart device credential validation and Big Data analytics. A detailed security analysis is conducted based on the defined threat model to show that UAP-BCIoT is resilient against many known attacks. A thorough comparative study reveals that UAP-BCIoT supports better security, offers various functionality attributes, and also provides similar costs in communication as well computation as compared to other relevant schemes Finally, the practical demonstration of the proposed UAP-BCIoT is also provided to measure its impact on the network performance parameters.

Abstract

Drones, which are also known as Unmanned Aerial Vehicles (UAVs), are very useful in delivering the packages, and real-time object detection and tracking with minimal human interference. However, there may be several security threats in such an environment, for instance, a malicious user can spy unauthorized drones, transfer malicious packages, or even damage the network reliability that can have direct impact on drones control. This may lead to a potential threat for people, governments, and business sectors. To deal with these issues, in this paper, we propose a novel access control scheme for unauthorized UAV detection and mitigation in an Internet of Drones (IoD) environment, called ACSUD-IoD. With the help of the blockchain-based solution incorporated in ACSUD-IoD, the transactional data having both the normal secure data from a drone (UAV) to the Ground Station Server and the abnormal (suspected) data for detection of unauthorized UAVs by the are stored in private blockchain, that are authentic and genuine. As a result, the Big data analytics can be performed on the authenticated transactional data stored in the blockchain. Through the detailed security analysis including formal security under the broadly-accepted Real-Or-Random (ROR) model, formal security verification using the widely-applied Automated Validation of Internet Security Protocols and Applications (AVISPA) tool and non-mathematical security analysis show the robustness of the proposed scheme against a number of potential attacks needed in an IoD environment. The testbed experiments for various cryptographic primitives using the broadly-accepted Multiprecision Integer and Rational Arithmetic Cryptographic Library (MIRACL) have been performed under both server and Raspberry PI 3 configurations. Furthermore, a detailed comparative analysis among the proposed scheme and other existing competing schemes shows the efficacy and more robustness as compared to the existing schemes. Finally, the blockchain-based practical demonstration shows the effectiveness of the proposed scheme.