Qinghua Gong,Jinnan Zhang,Zheng Wei,Xinmin Wang,Xia Zhang,Xin Yan,Yang Liu,Liming Dong

DOI: https://doi.org/10.3390/s24072267

IF: 3.9

2024-04-03

Sensors

Abstract:With the rapid growth of the Internet of Things (IoT), massive terminal devices are connected to the network, generating a large amount of IoT data. The reliable sharing of IoT data is crucial for fields such as smart home and healthcare, as it promotes the intelligence of the IoT and provides faster problem solutions. Traditional data sharing schemes usually rely on a trusted centralized server to achieve each attempted access from users to data, which faces serious challenges of a single point of failure, low reliability, and an opaque access process in current IoT environments. To address these disadvantages, we propose a secure and dynamic access control scheme for the IoT, named SDACS, which enables data owners to achieve decentralized and fine-grained access control in an auditable and reliable way. For access control, attribute-based control (ABAC), Hyperledger Fabric, and interplanetary file system (IPFS) were used, with four kinds of access control contracts deployed on blockchain to coordinate and implement access policies. Additionally, a lightweight, certificateless authentication protocol was proposed to minimize the disclosure of identity information and ensure the double-layer protection of data through secure off-chain identity authentication and message transmission. The experimental and theoretical analysis demonstrated that our scheme can maintain high throughput while achieving high security and stability in IoT data security sharing scenarios.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Weiming Tong,Luyao Yang,Zhongwei Li,Xianji Jin,Liguo Tan

DOI: https://doi.org/10.3390/s24031035

IF: 3.9

2024-02-06

Sensors

Abstract:To address the complexities, inflexibility, and security concerns in traditional data sharing models of the Industrial Internet of Things (IIoT), we propose a blockchain-based data sharing and privacy protection (BBDSPP) scheme for IIoT. Initially, we characterize and assign values to attributes, and employ a weighted threshold secret sharing scheme to refine the data sharing approach. This enables flexible combinations of permissions, ensuring the adaptability of data sharing. Subsequently, based on non-interactive zero-knowledge proof technology, we design a lightweight identity proof protocol using attribute values. This protocol pre-verifies the identity of data accessors, ensuring that only legitimate terminal members can access data within the system, while also protecting the privacy of the members. Finally, we utilize the InterPlanetary File System (IPFS) to store encrypted shared resources, effectively addressing the issue of low storage efficiency in traditional blockchain systems. Theoretical analysis and testing of the computational overhead of our scheme demonstrate that, while ensuring performance, our scheme has the smallest total computational load compared to the other five schemes. Experimental results indicate that our scheme effectively addresses the shortcomings of existing solutions in areas such as identity authentication, privacy protection, and flexible combination of permissions, demonstrating a good performance and strong feasibility.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Yue Wang,Tingyu Che,Xiaohu Zhao,Tao Zhou,Kai Zhang,Xiaofei Hu

DOI: https://doi.org/10.3390/s22093426

2022-04-30

Abstract:Due to the competitive relationship among different smart factories, equipment manufacturers cannot integrate the private information of all smart factories to train the intelligent manufacturing equipment fault prediction model and improve the accuracy of intelligent manufacturing equipment fault detection. The use of a low fault recognition rate model for smart factories will cause additional losses for them. In this work, we propose a blockchain-based privacy information security sharing scheme in Industrial Internet of Things (IIoT) to solve the sharing problem of private information in smart factories. Firstly, we abstract smart factories as edge nodes and build decentralized, distributed trusted blockchain networks based on Ethereum clients on simulated edge devices and propose an Intelligent Elliptic Curve Digital Signature Algorithm (IECDSA) to guarantee the ownership of shared information by edge nodes. Secondly, we propose the Reputation-based Delegated Proof of Stake (RDPoS) consensus algorithm to improve the security and reliability of the Delegated Proof of Stake (DPoS) consensus algorithm. Furthermore, we design and implement an incentive mechanism based on information attributes to increase the motivation of edge nodes to share information. Finally, the proposed solution is simulated. Through theoretical and simulation experiments, it is proved that the blockchain-based privacy information security sharing scheme in IIoT can improve the enthusiasm of edge nodes to share information on the premise of ensuring the security of information sharing.

Saiyu Qi,Youshui Lu,Wei Wei,Xiaofeng Chen

DOI: https://doi.org/10.1109/jiot.2020.3020979

IF: 10.6

2021-02-15

IEEE Internet of Things Journal

Abstract:The Industrial Internet of Things (IIoT) has provided a promising opportunity to build digitalized industrial systems. A fundamental technology of IIoT is the radio-frequency identification (RFID) technique, which allows industrial participants to identify items and anchor time-series IoT data for them. They can further share the IoT data through the cloud service to enable information exchange and support critical decisions in production operations. Storing IoT data in the cloud, however, requires a data access control mechanism to protect sensitive business issues. Unfortunately, using traditional cryptographic access control schemes for time-series IoT data face severe efficiency and key leakage problems. In this article, we design a secure industrial data access control scheme for cloud-assisted IIoT. Our scheme enables participants to enforce fine-grained access control policies for their IoT data via ciphertext policy-attribute-based encryption (CP-ABE) scheme. Our scheme adopts a hybrid cloud infrastructure for participants to outsource expensive CP-ABE tasks to the cloud service with strong privacy guarantees. Importantly, our scheme guarantees a new privacy notion named item-level data protection for IoT data to prevent key leakage problem. We achieve these goals via several encryption and optimization techniques. Our performance assessments combine system implementation with large-scale emulations and confirm the security and efficiency of our design.

computer science, information systems,telecommunications,engineering, electrical & electronic

Qikun Zhang,Yongjiao Li,Ruifang Wang,Lu Liu,Yu‐an Tan,Jingjing Hu

DOI: https://doi.org/10.1002/int.22293

IF: 8.993

2020-10-07

International Journal of Intelligent Systems

Abstract:<p>With the widespread application of Industrial Internet of Things (IIoT) technology in the industry, the security threats are also increasing. To ensure the safe sharing of resources in IIoT, this paper proposes a data security sharing model based on privacy protection (DSS‐PP) for blockchain‐enabled IIoT. Compared with previous works, DSS‐PP has obvious advantages in several important aspects: (1) In the process of identity authentication, it protects users' personal information by using authentication technology with hidden attributes; (2) the encrypted shared resources are stored in off‐chain database of the blockchain, while only the ciphertext index information is stored in the block. It reduces the storage load of the blockchain; (3) it uses blockchain logging technology to trace and account for illegal access. Under the hardness assumption of Inverse Computational Diffe–Hellman (ICDH) problem, this model is proven to be correct and safe. Through the analysis of performance, DSS‐PP has better performance than the referred works.</p>

computer science, artificial intelligence

Keping Yu,Liang Tan,Moayad Aloqaily,Hekun Yang,Yaser Jararweh

DOI: https://doi.org/10.1109/tii.2021.3049141

IF: 12.3

2021-11-01

IEEE Transactions on Industrial Informatics

Abstract:The industrial Internet of Things (IIoT) supports recent developments in data management and information services, as well as services for smart factories. Nowadays, many mature IIoT cloud platforms are available to serve smart factories. However, due to the semicredibility nature of the IIoT cloud platforms, how to achieve secure storage, access control, information update and deletion for smart factory data, as well as the tracking and revocation of malicious users has become an urgent problem. To solve these problems, in this article, a blockchain-enhanced security access control scheme that supports traceability and revocability has been proposed in IIoT for smart factories. The blockchain first performs unified identity authentication, and stores all public keys, user attribute sets, and revocation list. The system administrator then generates system parameters and issues private keys to users. The domain administrator is responsible for formulating domain security and privacy-protection policies, and performing encryption operations. If the attributes meet the access policies and the user's ID is not in the revocation list, they can obtain the intermediate decryption parameters from the edge/cloud servers. Malicious users can be tracked and revoked during all stages if needed, which ensures the system security under the Decisional Bilinear Diffie–Hellman (DBDH) assumption and can resist multiple attacks. The evaluation has shown that the size of the public/private keys is smaller compared to other schemes, and the overhead time is less for public key generation, data encryption, and data decryption stages.

Pengchao Yao,Bingjing Yan,Tao Yang,Yubin Wang,Qiang Yang,Wenhai Wang

DOI: https://doi.org/10.1109/jiot.2023.3329352

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:The remarkable development of the Industrial Internet of Things (IIoT) has undoubtedly elevated industrial operations to a more intelligence and efficiency level, yet it has also introduced a range of security challenges. The widespread of intelligent IoT devices has greatly expanded the attack surface for cyber-attacks. Additionally, the cloud-based centralized management architecture of traditional IIoT is susceptible to single-point-of-failure, which exacerbates the security risks. Nowadays, the secure and decentralized nature of blockchain has been considered a promising solution to address the security and privacy challenges in IIoT. This article proposes a blockchain-based operational architecture for IIoT (SecureArchi- IIoT) to enhance security and privacy in IIoT operations. Under this architecture, a set of smart contracts are designed to provide operational functionalities that are suitable for actual industrial demands. An operational control policy is designed to realize precise and effective management of the operation permissions with distinct granularity. Furthermore, a reputation-based behavioral punishment mechanism is developed to enhance the security performance of the proposed architecture. The prototype of the proposed architecture is implemented in a private IIoT environment to demonstrate its feasibility and effectiveness. Experimental results confirm that the proposed architecture outperforms the traditional architecture in aspects of security and privacy and maintains acceptable real-time performance.

Jingchi Zhang,Anwitaman Datta

DOI: https://doi.org/10.48550/arXiv.2309.04125

2023-09-08

Abstract:In a traditional cloud storage system, users benefit from the convenience it provides but also take the risk of certain security and privacy issues. To ensure confidentiality while maintaining data sharing capabilities, the Ciphertext-Policy Attribute-based Encryption (CP-ABE) scheme can be used to achieve fine-grained access control in cloud services. However, existing approaches are impaired by three critical concerns: illegal authorization, key disclosure, and privacy leakage. To address these, we propose a blockchain-based data governance system that employs blockchain technology and attribute-based encryption to prevent privacy leakage and credential misuse. First, our ABE encryption system can handle multi-authority use cases while protecting identity privacy and hiding access policy, which also protects data sharing against corrupt authorities. Second, applying the Advanced Encryption Standard (AES) for data encryption makes the whole system efficient and responsive to real-world conditions. Furthermore, the encrypted data is stored in a decentralized storage system such as IPFS, which does not rely on any centralized service provider and is, therefore, resilient against single-point failures. Third, illegal authorization activity can be readily identified through the logged on-chain data. Besides the system design, we also provide security proofs to demonstrate the robustness of the proposed system.

Cryptography and Security

Xuanmei Qin,Yongfeng Huang,Zhen Yang,Xing Li

DOI: https://doi.org/10.1016/j.ins.2020.12.035

IF: 8.1

2021-01-01

Information Sciences

Abstract:Attribute-based encryption (ABE) is considered to be one of the most suitable schemes for cryptographic access control in the big data environment. But it still faces many challenges to be applied in the Internet of Things (IoT). ABE is implemented based on bilinear pairing, which is considered to be an expensive operation. However, there are lots of IoT devices with constrained resources. Proxy re-encryption methods based on the cloud are proposed to reduce computing overhead on the user side, but an untrusted cloud may give incorrect computing results to mislead users. To solve this problem, an access control scheme with lightweight decryption based on ABE and blockchain technologies is proposed. We assume that the cloud is untrusted, and guarantee the accuracy of proxy re-encryption calculation based on blockchain. In addition, how to encourage users to obtain authorization through blockchain and record access behavior on the blockchain is a problem worthy of attention. This paper proposes a user credibility incentive mechanism, which calculates the user's credibility according to the user's access behavior and gives a reputation score, so as to dynamically adjust the endorsement protocol. Security analysis and experimental results show that the proposed method is reliable and efficient. (C) 2020 Elsevier Inc. All rights reserved.

JoonYoung Lee,MyeongHyun Kim,KiSung Park,SungKee Noh,Abhishek Bisht,Ashok Kumar Das,Youngho Park

DOI: https://doi.org/10.3390/s23115173

2023-05-29

Abstract:Recently, with the increasing application of the Internet of Things (IoT), various IoT environments such as smart factories, smart homes, and smart grids are being generated. In the IoT environment, a lot of data are generated in real time, and the generated IoT data can be used as source data for various services such as artificial intelligence, remote medical care, and finance, and can also be used for purposes such as electricity bill generation. Therefore, data access control is required to grant access rights to various data users in the IoT environment who need such IoT data. In addition, IoT data contain sensitive information such as personal information, so privacy protection is also essential. Ciphertext-policy attribute-based encryption (CP-ABE) technology has been utilized to address these requirements. Furthermore, system structures applying blockchains with CP-ABE are being studied to prevent bottlenecks and single failures of cloud servers, as well as to support data auditing. However, these systems do not stipulate authentication and key agreement to ensure the security of the data transmission process and data outsourcing. Accordingly, we propose a data access control and key agreement scheme using CP-ABE to ensure data security in a blockchain-based system. In addition, we propose a system that can provide data nonrepudiation, data accountability, and data verification functions by utilizing blockchains. Both formal and informal security verifications are performed to demonstrate the security of the proposed system. We also compare the security, functional aspects, and computational and communication costs of previous systems. Furthermore, we perform cryptographic calculations to analyze the system in practical terms. As a result, our proposed protocol is safer against attacks such as guessing attacks and tracing attacks than other protocols, and can provide mutual authentication and key agreement functions. In addition, the proposed protocol is more efficient than other protocols, so it can be applied to practical IoT environments.

Keping Yu,Liang Tan,Caixia Yang,Kim-Kwang Raymond Choo,Ali Kashif Bashir,Joel J. P. C. Rodrigues,Takuro Sato

DOI: https://doi.org/10.1109/jiot.2021.3125190

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:The Industrial Internet of Things (IIoT), a typical Internet of Things (IoT) application, integrates the global industrial system with other advanced computing, analysis, and sensing technologies through Internet connectivity. Due to the limited storage and computing capacity of edge and IIoT devices, data sensed and collected by these devices are usually stored in the cloud. Encryption is commonly used to ensure privacy and confidentiality of IIoT data. However, the key used for data encryption and decryption is usually directly stored and managed by users or third-party organizations, which has security and privacy implications. To address this potential security and privacy risk, we propose a Shamir threshold cryptography scheme for IIoT data protection using blockchain: STCChain. Specifically, in our solution, the edge gateway uses a symmetric key to encrypt the data uploaded by the IoT device and stores it in the cloud. The symmetric key is protected by a private key generated by the edge gateway. To prevent the loss of the private key and privacy leakage, we use a Shamir secret sharing algorithm to divide the private key, encrypt it, and publish it on the blockchain. We implement a prototype of STCChain using Xuperchain, and the results show that STCChain can effectively prevent attackers from stealing data as well as ensuring the security of the encryption key.

computer science, information systems,telecommunications,engineering, electrical & electronic

Peng Wang,Ning Xu,Haibin Zhang,Wen Sun,Abderrahim Benslimane

DOI: https://doi.org/10.1109/jiot.2021.3125091

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:The Internet of Things (IoT), while providing comprehensive interconnection and ubiquitous services, poses security issues by enabling resources sharing among various devices from different untrusted authorities. Blockchain, as a distributed ledger, provides a traceable and verifiable platform to ensure the secure access control in IoT. The existing works based on blockchain may bring up intolerable computing overhead and delay to the lightweight IoT devices. In this article, we propose a dynamic and lightweight attribute-based access control framework for blockchain-empowered IoT, to achieve secure and fine-grained authorization. The proposed scheme allows access to resources by evaluating attributes, operations, and the environment relevant to a request. The access policy is executed through smart contract in blockchain for security and flexibility. To further adapt to IoT device constraints, we design a access control framework based on decentralized application (DApp), which can maintain tamper proof in a timely manner and be adapt to the delay-intolerant application. When delay-intolerant access is required, access can be allowed according to local replica of the blockchain, without a consensus of blockchain network. Considering the time-varying attributes of IoT devices, a trust management scheme is proposed based on the Markov chain to resist the security fluctuation caused by the vulnerability of IoT devices. In the experiments, we deploy our system prototype on Ethereum to evaluate the feasibility and effectiveness of the scheme. The results show the proposed scheme can achieve secure, high throughput, and flexible access control in IoT.

computer science, information systems,telecommunications,engineering, electrical & electronic

Muhammad Usman,Muhammad Shahzad Sarfraz,Muhammad Umar Aftab,Usman Habib,Saleha Javed

DOI: https://doi.org/10.1109/access.2024.3390842

IF: 3.9

2024-04-27

IEEE Access

Abstract:Industrial Internet of Things (IIoT) applications consist of resource constrained interconnected devices that make them vulnerable to data leak and integrity violation challenges. The mobility, dynamism, and complex structure of the network further make this issue more challenging. To control the information flow in such environments, access control is critical to make collaboration and communication safe. To deal with these challenges, recent studies employ attribute-based access control on top of blockchain technology. However, the attribute-based access control frameworks suffer due to high computational overhead. In this paper, we propose an improved role-based access control framework using hyperledger blockchain to deal with IIoT requirements with less computational overhead making the information control process more efficient and real-time. The proposed framework leverages a layered architecture of chaincodes to implement the improved access control framework that handles the permission delegation and conflict management to deal with the dynamism of the IIoT network. The system uses a Policy Contract, Device Contract, and Access Contract to manage the workflow of the whole access control process. Each chaincode in the proposed framework is isolated in terms of its responsibilities to make the design low coupled. The integration of improved access control with blockchain enables the proposed framework to provide a highly scalable solution, tamper-proof, and flexible to manage conflicting scenarios. The proposed system outperforms the recent studies significantly in computational overhead in extensive simulation results. To verify the scalability and efficiency, the proposed is evaluated against a large number of concurrent virtual clients in simulation and statistical analysis proves that the proposed system is promising for further research in this domain.

computer science, information systems,telecommunications,engineering, electrical & electronic

A. Sasikumar,Logesh Ravi,Malathi Devarajan,A. Selvalakshmi,Abdulaziz Turki Almaktoom,Abdulaziz S. Almazyad,Guojiang Xiong,Ali Wagdy Mohamed

DOI: https://doi.org/10.1109/access.2024.3354846

IF: 3.9

2024-01-01

IEEE Access

Abstract:The edge devices will produce enormous quantities of data daily as the Industrial Internet of Things (IIoT) expands in scope. Still, most IIoT data is stored in data centers, making it challenging to transfer data between domains safely. Smart logistic products have dramatically changed due to the prevalence of decentralized edge computing and blockchain in the industry sector. To address the need to exchange data between logistics networks, we proposed a novel decentralized hierarchical attribute-based encryption (HABE) scheme combining edge computing and blockchain. To begin, we offer an IoT data encryption strategy in which edge devices can send data to a nearby cloud network for data processing while maintaining privacy. In addition, we developed a blockchain-integrated data-sharing scheme that makes it possible for users to share data via the use of edge and cloud storage. In particular, an IoT device incorporates an encryption-based authentication system to verify users’ access rights at the network’s periphery in a decentralized manner. Using HABE, we provide a blockchain-integrated architecture for the IoT that protects user privacy. The suggested design utilizes the edge and cloud network paradigms and HABE to maintain privacy and works well with smart logistics applications. The authentication time of the proposed model is reduced by 1.5 times compared with the centralized model. The analyses and experimental findings show that the proposed blockchain-integrated edge computing architecture is better than the existing schemes in terms of data sharing, data privacy, and security.

computer science, information systems,telecommunications,engineering, electrical & electronic

Chenlei Liu,Feng Xiang,Zhixin Sun

DOI: https://doi.org/10.1155/2022/8497628

IF: 1.968

2022-04-12

Security and Communication Networks

Abstract:Information sharing has become an important application in modern supply chain management systems with business technology development. Because traditional supply chain information systems have problems such as easy data tampering, low information transparency, and interaction delays, blockchain has been taken consideration into supply chain information sharing research. Furthermore, blockchain technology is expected to provide decentralized supply chain information sharing solutions to enhance security, availability, and transparency. However, with the in-depth study of the application of blockchain technology in supply chain information sharing, people have found that the data stored publicly in the blockchain are still threatened by privacy leakage. In addition, due to the openness and accessibility of the blockchain, the lack of fine-grained access control is also apparent. In order to improve the security of data, we propose a novel privacy-preserving multiauthority attribute-based access control scheme for secure blockchain-based information sharing in a supply chain. In this scheme, blockchain stores encrypted supply chain information on distributed nodes. Multiple attribute authorities manage different attributes of users to achieve fine-grained access control and flexible authorization. Even if some attribute authorities fail, the user’s private key will not be leaked. In user secret key generation, we adopt an anonymous key generation protocol to realize the secure distribution of user keys by the attribute authorities. Furthermore, in order to meet the protection of communication privacy between blockchain nodes, properties of policy hiding and identity hiding are considered. Finally, we design experiments to analyze the performance of our scheme, including secret key sizes and running time of encryption and decryption.

computer science, information systems,telecommunications

Songjiang Li,Tao Zhou,Huamin Yang,Peng Wang

DOI: https://doi.org/10.3390/s23167036

IF: 3.9

2023-08-10

Sensors

Abstract:The reliable circulation of automotive supply chain data is crucial for automotive manufacturers and related enterprises as it promotes efficient supply chain operations and enhances their competitiveness and sustainability. However, with the increasing prominence of privacy protection and information security issues, traditional data sharing solutions are no longer able to meet the requirements for highly reliable secure storage and flexible access control. In response to this demand, we propose a secure data storage and access control scheme for the supply chain ecosystem based on the enterprise-level blockchain platform Hyperledger Fabric. The design incorporates a dual-layer attribute-based auditable access control model for access control, with four smart contracts aimed at coordinating and implementing access policies. The experimental results demonstrate that the proposed approach exhibits significant advantages under large-scale data and multi-attribute conditions. It enables fine-grained, dynamic access control under ciphertext and maintains high throughput and security in simulated real-world operational scenarios.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Jie Zhang,Lingyun Yuan,Shanshan Xu

DOI: https://doi.org/10.48550/arXiv.2111.06544

2021-11-17

Abstract:In view of the security issues of the Internet of Things (IoT), considered better combining edge computing and blockchain with the IoT, integrating attribute-based encryption (ABE) and attribute-based access control (ABAC) models with attributes as the entry point, an attribute-based encryption and access control scheme (ABE-ACS) has been proposed. Facing Edge-Iot, which is a heterogeneous network composed of most resource-limited IoT devices and some nodes with higher computing power. For the problems of high resource consumption and difficult deployment of existing blockchain platforms, we design a lightweight blockchain (LBC) with improvement of the proof-of-work consensus. For the access control policies, the threshold tree and LSSS are used for conversion and assignment, stored in the blockchain to protect the privacy of the policy. For device and data, six smart contracts are designed to realize the ABAC and penalty mechanism, with which ABE is outsourced to edge nodes for privacy and integrity. Thus, our scheme realizing Edge-Iot privacy protection, data and device controlled access. The security analysis shows that the proposed scheme is secure and the experimental results show that our LBC has higher throughput and lower resources consumption, the cost of encryption and decryption of our scheme is desirable.

Cryptography and Security,Computers and Society

Xuanmei Qin,Yongfeng Huang,Zhen Yang,Xing Li

DOI: https://doi.org/10.1016/j.sysarc.2020.101854

IF: 5.836

2021-01-01

Journal of Systems Architecture

Abstract:Ciphertext-policy attribute-based encryption(CP-ABE) has been widely studied and used in access control schemes for secure data sharing. Since in most of the existing attribute-based encryption methods, all user attributes are managed by a single central authority, it is easy to cause a single point of failure. Therefore, several multi-authority CP-ABE schemes are proposed to manage user attributes by multiple authorities. However, these schemes still do not eliminate the single point of failure in essence or suffer from high computation and communication overhead on data users. In this paper, we propose a Blockchain-based Multi-authority Access Control scheme called BMAC for sharing data securely. Shamir secret sharing scheme and permissioned blockchain (Hyperledger Fabric) are introduced to implement that each attribute is jointly managed by multiple authorities to avoid single point of failure. In addition, we take advantage of blockchain technology to establish trust among multiple authorities and exploit smart contracts to compute tokens for attributes managed across multiple management domains, which reduces communication and computation overhead on the data user side. Moreover, blockchain helps to record the access control process in a secure and auditable way. Finally, we analyze the security of the proposed algorithm. Further analysis and comparison show the performance of the proposed method.

Jiancheng Chi,Yu Li,Jing Huang,Jing Liu,Yingwei Jin,Chen Chen,Tie Qiu

DOI: https://doi.org/10.1016/j.jnca.2020.102710

IF: 7.574

2020-10-01

Journal of Network and Computer Applications

Abstract:<p>Blockchain possesses potential for enabling secure data sharing of industrial big data generated by the Industrial Internet of Things (IIoT). However, the existing data-sharing schemes based on blockchain secure only the data exchange process between the data-sharing parties; they do not consider the efficiency of data sharing at all. In this study, we propose a data-sharing scheme based on blockchain that comprehensively considers the security and efficiency of data sharing. In this scheme, a secure data-sharing framework is designed based on identity authentication and Hyperledger Fabric to ensure the security of data sharing. We also propose a community detection algorithm to divide the clients into different data-sharing communities according to the similarity of label data. The scope of data sharing is selected according to the results of the community detection evaluated by the sharing degree, which can effectively narrow the scope of query-shared data and improve the efficiency of data sharing. The experimental results show that the proposed scheme is effective for secure and efficient data sharing among different clients.</p>

computer science, interdisciplinary applications, software engineering, hardware & architecture

Peng Zhai,Jingsha He,Nafei Zhu

DOI: https://doi.org/10.3390/app12073692

2022-04-06

Applied Sciences

Abstract:The integration of information systems and physical systems is the development trend of today’s manufacturing industry. Intelligent manufacturing is a new model of manufacturing, based on advanced manufacturing technology with human–machine–material collaboration. Internet of Things technology is the core technology of intelligent manufacturing, and access control technology is one of the main measures to ensure the security of the IoT. In view of the problem that the existing IoT access control model does not support distributed and fine-grained dynamic access control, this paper uses the characteristics of blockchain, such as decentralization and non-tampering, combined with the attribute-based access control (ABAC) method, to propose a distributed access control method, applicable to the IoT environment in the process of intelligent manufacturing. This paper describes a fine-grained access control policy by defining the access control attribute values in a formal language, which supports complex logic operations in the policy and enhances the expressiveness of the model. Distributed access control decision making, using smart contracts for blockchain, improves the decision-making efficiency of the access control model, increases the post-facto audit of the access control behavior, and improves the overall security of IoT data protection. The paper concludes with proof of security and a performance analysis, and the experimental results, such as storage and computing overheads, show that this method can provide fine-grained, dynamic, and distributed access control for devices in intelligent manufacturing, ensuring the security and reliability of access control for IoT devices.