Jhong-Ting Lou,Showkat Ahmad Bhat,Nen-Fu Huang,Bhat, Showkat Ahmad

DOI: https://doi.org/10.1007/s12083-023-01529-2

IF: 3.488

2023-08-12

Peer-to-Peer Networking and Applications

Abstract:Through the use of Ethereum, a framework is designed to simplify data exchange mechanism, improve food traceability, and improve privacy. A supply chain management system for agriculture is proposed and implemented in this paper to meet the confidentiality requirements of sensitive data and data ownership requirements. In a public blockchain environment, users can transparently verify every block generated at runtime and easily access data hosted on shared storage without authorization. To improve key distribution efficiency, we developed a proxy re-encryption scheme to manage the symmetric keys of encrypted data on shared storage. Blockchain services should improve the availability of persistent data. The interplanetary File System is used as a storage backend and to provide a file-based database that combined IPFS and a blockchain. Access control is a necessary function in the framework of multi-user data exchange. Users can manage permissions based on any data set in the Access Control List model using smart contracts that are defined by data owners. Finally, we demonstrate the system by developing a management application and integrating it into an existing food traceability system with a decoupled architecture. This demonstrates the system's ability to adapt to open data services while establishing a reliable hybrid architecture.

computer science, information systems,telecommunications

Weiming Tong,Luyao Yang,Zhongwei Li,Xianji Jin,Liguo Tan

DOI: https://doi.org/10.3390/s24031035

IF: 3.9

2024-02-06

Sensors

Abstract:To address the complexities, inflexibility, and security concerns in traditional data sharing models of the Industrial Internet of Things (IIoT), we propose a blockchain-based data sharing and privacy protection (BBDSPP) scheme for IIoT. Initially, we characterize and assign values to attributes, and employ a weighted threshold secret sharing scheme to refine the data sharing approach. This enables flexible combinations of permissions, ensuring the adaptability of data sharing. Subsequently, based on non-interactive zero-knowledge proof technology, we design a lightweight identity proof protocol using attribute values. This protocol pre-verifies the identity of data accessors, ensuring that only legitimate terminal members can access data within the system, while also protecting the privacy of the members. Finally, we utilize the InterPlanetary File System (IPFS) to store encrypted shared resources, effectively addressing the issue of low storage efficiency in traditional blockchain systems. Theoretical analysis and testing of the computational overhead of our scheme demonstrate that, while ensuring performance, our scheme has the smallest total computational load compared to the other five schemes. Experimental results indicate that our scheme effectively addresses the shortcomings of existing solutions in areas such as identity authentication, privacy protection, and flexible combination of permissions, demonstrating a good performance and strong feasibility.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Farhad Keramat,Jorge Peña Queralta,Tomi Westerlund

DOI: https://doi.org/10.48550/arXiv.2208.13467

2022-08-29

Abstract:With the increasing ubiquity of autonomous robotic solutions, the interest in their connectivity and in the cooperation within multi-robot systems is rising. Two aspects that are a matter of current research are robot security and secure multi-robot collaboration robust to byzantine agents. Blockchain and other distributed ledger technologies (DLTs) have been proposed to address the challenges in both domains. Nonetheless, some key challenges include scalability and deployment within real-world networks. This paper presents an approach to integrating IOTA and ROS 2 for more scalable DLT-based robotic systems while allowing for network partition tolerance after deployment. This is, to the best of our knowledge, the first implementation of IOTA smart contracts for robotic systems, and the first integrated design with ROS 2. This is in comparison to the vast majority of the literature which relies on Ethereum. We present a general IOTA+ROS 2 architecture leading to partition-tolerant decision-making processes that also inherit byzantine tolerance properties from the embedded blockchain structures. We demonstrate the effectiveness of the proposed framework for a cooperative mapping application in a system with intermittent network connectivity. We show both superior performance with respect to Ethereum in the presence of network partitions, and a low impact in terms of computational resource utilization. These results open the path for wider integration of blockchain solutions in distributed robotic systems with less stringent connectivity and computational requirements.

Robotics

Samir M. Umran,Songfeng Lu,Zaid Ameen Abduljabbar,Zhi Lu,Bingyan Feng,Lu Zheng

DOI: https://doi.org/10.1109/smartworld-uic-atc-scalcom-digitaltwin-pricomp-metaverse56740.2022.00325

2022-01-01

Abstract:The Industrial Internet of Things or Industry 4.0 efficiently enhances the manufacturing process in terms of raising productivity, system performance, cost reduction, and building large-scale systems. It enables the connection of numerous heterogeneous devices and sensors into the internet network through the utilization of revolutionary techniques that transfer the manufacturing paradigm to intelligent processes. The traditional industrial internet of things adopts centralized architectures and complex encryption algorithms that suffer from several cyber-security threats and lead to data leakage, privacy disclosure, and high computational and communicational costs. In our work, we proposed a decentralized, efficient, low-power, scalable, secure, privacy-preserving, and trusting architecture based on a private blockchain network/smart contract and interplanetary file system technology for the Al-NajafyIraq oil refinery factory. That enables autonomous working and provides a high level of security authentication and privacy preservation, P2P communication, remote access, immutability and information backtracking. Traditional blockchain technology has storage limitation issues, most recent works adopted external servers or the cloud for storage purposes. Our proposed scheme addresses the limitations of blockchain data storage by adopting an interplanetary file system (IPFS) network; provides an efficient data encryption mechanism at the perceptual layer by adopting a lightweight encryption algorithm, high-performance, and ultra-low-power consumption ARM Cortex-M microcontroller. In addition, our architecture succeeds in merging blockchain technology, IoTs, and an IPFS with the oil refinery as an industrial application area. Moreover, it provides an efficient framework that resists common cyber-security attacks and realizes cyber-security requirements represented by data availability, integrity, and confidentiality.

Samir M. Umran,SongFeng Lu,Zaid Ameen Abduljabbar,Vincent Omollo Nyangaresi

DOI: https://doi.org/10.1016/j.iot.2023.100969

IF: 5.711

2023-01-01

Internet of Things

Abstract:Industry 4.0 efficiently enhances the manufacturing process in many aspects such as increasing system performance, productivity, cost reduction, and building large-scale systems with enable autonomous operation. Numerous heterogeneous devices and sensors are connecting to the internet network through the utilization of revolutionary techniques that transfer the manufacturing paradigm to intelligent processes. The traditional schemes adopted centralized architectures and complex encryption algorithms that suffer from several cyber-security threats and latency making them unsuitable for resource-constrained IoTs devices. In our work, we proposed a decentralized, low-power consumption, fast, scalable, secure, privacy-preserving, and trusting architecture-based private blockchain network/smart contract and interplanetary file system for the petroleum industry in Iraq. Our scheme improves blockchain performance by adopting the incremental aggregator subsector commitment instated of Merkle tree and a multi-chain proof of rapid authentication as consensus algorithms, which are specially designed for industrial IoTs applications. It provides a high level of security authentication and privacy preservation, P2P communication, remote access, immutability, traceability, and information backtracking. In addition to addressing the blockchain storage limitation and eliminating third-party dependencies by adopting an interplanetary file system (IPFS). Also provides an efficient data encryption mechanism at the perceptual layer by adopting a lightweight encryption algorithm with internet friendly ARM Cortex-M33 Microcontroller as clear in the experimental results. Moreover, our architecture succeeds in merging blockchain technology, IoTs, and an IPFS with the petroleum industry as an industrial application area, and provides an efficient framework that resists common cyber-security attacks by achieving data integrity, availability, and confidentiality.

Zhendong Liu,Liang Meng,Qingyuan Zhao,Fei Li,Manrui Song,Dongxu Dai,Xiujuan Yang,Song Guan,Yue Wang,Hongliang Tian

DOI: https://doi.org/10.1155/2022/2381365

2022-10-16

Wireless Communications and Mobile Computing

Abstract:With the dramatically increasing deployment of intelligent devices, the Internet of Things (IoT) has attracted more attention and developed rapidly. It effectively collects and shares data from the surrounding environment to achieve better IoT services. For data sharing, the publish-subscribe (PS) paradigm provides a loosely coupled and scalable communication model. However, due to the loosely coupled nature, it is vulnerable to many attacks, resulting in some security threats to the IoT system, but it cannot provide the basic security mechanisms such as authentication and confidentiality to ensure the data security. Thus, in order to protect the system security and users' privacy, this paper presents a secure blockchain-based privacy-preserving access control scheme for the PS system, which adopt the fully homomorphic encryption (FHE) to ensure the confidentiality of the publishing events and leverage the ledger to store the large volume of data events and access crossdomain information. Finally, we analyze the correctness and security of our scheme; moreover, we deploy our proposed prototype system on two computers and evaluate its performance. The experimental results show that our PS system can efficiently achieve the equilibrium between the system cost and the security requirement.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yanhui Liu,Jianbiao Zhang,Jing Zhan

DOI: https://doi.org/10.1007/s10586-020-03190-3

2020-10-15

Cluster Computing

Abstract:Abstract With the development of the Internet of Things (IoT) field, more and more data are generated by IoT devices and transferred over the network. However, a large amount of IoT data is sensitive, and the leakage of such data is a privacy breach. The security of sensitive IoT data is a big issue, as the data is shared over an insecure network channel. Current solutions include symmetric encryption and access controls to secure the data transfer, but they have some drawbacks such as a single point of failure. Blockchain is a promising distributed ledger technology that can prevent the malicious tampering of data, offering reliable data storage. This paper proposes a distributed access control system based on blockchain technology to secure IoT data. The proposed mechanism is based on fog computing and the concept of the alliance chain. This method uses mixed linear and nonlinear spatiotemporal chaotic systems (MLNCML) and the least significant bit (LSB) to encrypt the IoT data on an edge node and then upload the encrypted data to the cloud. The proposed mechanism can solve the problem of a single point of failure of access control by providing the dynamic and fine-grained access control for IoT data. The experimental results of this method demonstrated that it can protect the privacy of IoT data efficiently.

Rashmi Raj,Mohona Ghosh

DOI: https://doi.org/10.1007/s12083-024-01648-4

IF: 3.488

2024-03-09

Peer-to-Peer Networking and Applications

Abstract:To ensure safe exchange of data in IoT-enabled-supply-chain network and safeguard other security issues, IoT devices should have an access control system that can regulate resource access in a permissioned manner. Traditional access control mechanisms (ACM) can guarantee that but lack wide adoption owing to centralized architecture, single point of failure, and limited security. A blockchain-based ACM can address all the above challenges, however, still some limitations exist. Firstly, blockchain provides data verifiability and user transparency, meaning that all stored information is accessible to network nodes for verification leading to privacy issues of sensitive data. Secondly, encryption-based solutions can address the privacy concern but require sharing of secret keys with unknown peers entailing another security risk. Thirdly, due to limited block size in blockchain, IoT-enabled-supply-chain networks prefer storing all the data in the cloud or a central server, which has their own threat concerns. In this work, we propose a blockchain-based ACM that integrates Bell La Padula (BLP) Model, Proxy Re-Encryption, and IPFS to address all the above challenges. BLP enforces fine-grained access control without performing high computation and ensures data confidentiality. With the Proxy Re-encryption, only authorized parties can decrypt data but without revealing the private key of the data owner. Meanwhile, IPFS eliminates the need for cloud servers and provides a more secure offsite storage. The security analysis of the proposed framework is presented using BAN logic. We also provide a thorough security comparison with other peer models to establish the superiority of our proposed work. Furthermore, smart contract-based implementation through Truffle is done to analyse the framework's effectiveness.

computer science, information systems,telecommunications

Tian Li,Huaqun Wang,Debiao He,Jia Yu

DOI: https://doi.org/10.1109/jiot.2022.3147925

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:The Internet of Things (IoT) devices possessed by individuals produce massive amounts of data. The private data onto specific IoT devices can be combined with intelligent platform to provide help for future research and prediction. As an important digital asset, individuals can sell private data to get rewards. Problems, such as privacy, security, and access control prevent individuals from sharing their private data. The blockchain technology is widely used to build an anonymous trading system. In this article, we construct a blockchain-based privacy-preserving and rewarding private data-sharing scheme (BPRPDS) for IoT. A privacy issue worth considering is that the malicious cloud server may establish a behavior profile database of data users (DUs). In the case of anonymity, the transactions of private data sharing are easy to cause disputes. When anonymous DUs are framed, it is hard to protect their rights. With the help of the deniable ring signature and Monero, we realize the behavior profile building prevention and nonframeability of BPRPDS. At the same time, we utilize the licensing technology executed by smart contracts to ensure flexible access control of multisharing. The proposed BPRPDS is provably secure. Performance analysis and experimental results show that BPRPDS is efficient and practical.

computer science, information systems,telecommunications,engineering, electrical & electronic

Sultan Basudan

DOI: https://doi.org/10.1080/09540091.2024.2367549

2024-06-19

Connection Science

Abstract:The concept of the Internet of Medical Robotics Things (IoMRT) is where intelligent robots assess surrounding events, combine information from their sensors, use both local and dispersed intelligence to determine the best course of action, and move or command objects. Telesurgery is one application of IoMRT (TS). With 5G-enabled Tactile Internet (TI) enabling telesurgery (TS), there is ample opportunity to provide exceptional, accurate, ultra-responsive, and real-time virtual surgical procedures. The potential for accurate surgical diagnosis involving the exchange of patient electronic medical records (EMR) with several doctors using an assistant robot (AR) could be greatly useful in the medical field. As a part of this, permission delegation has emerged as a novel approach for data sharing in TI. Robust control of access guidelines combined with a configurable permission scheme promise secure EMR exchange. The present research proposes a multi-hop permission delegation strategy for EMR exchange based on blockchain technology and with configurable delegation depth. Furthermore, the original EMRs are stored on the interplanetary file system (IPFS). Permission delegation uses smart contracts and proxy re-encryption technology. Attribute-based encryption, which offers fine-grained management of access, is used to guarantee data security. Blockchain is also utilized to accomplish immutability and traceability. Delegators may regulate the depth of delegation by using smart contracts. The suggested approach satisfies the intended aims, according to analysis of the protocol. Lastly, the Ethereum test chain is used to assess and put the suggested method into practice. The outcomes of the conducted experiments demonstrate that the suggested protocol operates better than the competitors.

computer science, artificial intelligence, theory & methods

Muhammad Bin Saif,Sara Migliorini,Fausto Spoto

DOI: https://doi.org/10.3390/fi16030098

2024-03-15

Future Internet

Abstract:Blockchain technology has been successfully applied in recent years to promote the immutability, traceability, and authenticity of previously collected and stored data. However, the amount of data stored in the blockchain is usually limited for economic and technological issues. Namely, the blockchain usually stores only a fingerprint of data, such as the hash of data, while full, raw information is stored off-chain. This is generally enough to guarantee immutability and traceability, but misses to support another important property, that is, data availability. This is particularly true when a traditional, centralized database is chosen for off-chain storage. For this reason, many proposals try to properly combine blockchain with decentralized IPFS storage. However, the storage of data on IPFS could pose some privacy problems. This paper proposes a solution that properly combines blockchain, IPFS, and encryption techniques to guarantee immutability, traceability, availability, and data privacy.

Chao Liu,Cankun Hou,Tianyu Jiang,Jianting Ning,Hui Qiao,Yusen Wu

DOI: https://doi.org/10.1109/tifs.2024.3427311

IF: 7.231

2024-07-26

IEEE Transactions on Information Forensics and Security

Abstract:Data-driven landscape across finance, government, and healthcare, the continuous generation of information demands robust solutions for secure storage, efficient dissemination, and fine-grained access control. Blockchain technology emerges as a significant tool, offering decentralized storage while upholding the tenets of data security and accessibility. However, on-chain and off-chain strategies are still confronted with issues such as untrusted off-chain data storage, absence of data ownership, limited access control policy for clients, and a deficiency in data privacy and auditability. To solve these challenges, we propose a permissioned blockchain-based privacy-preserving fine-grained access control on-chain and off-chain system, namely FACOS. We applied three fine-grained access control solutions and comprehensively analyzed them in different aspects, which provides an intuitive perspective for system designers and clients to choose the appropriate access control method for their systems. Compared to similar work that only stores encrypted data in centralized or non-fault-tolerant IPFS systems, we enhanced off-chain data storage security and robustness by utilizing a highly efficient and secure asynchronous Byzantine fault tolerance (BFT) protocol in the off-chain environment. As each of the clients needs to be verified and authorized before accessing the data, we involved the Trusted Execution Environment (TEE)-based solution to verify the credentials of clients. Additionally, our evaluation results demonstrated that our system (https://github.com/cliu717/AsynchronousStorage) offers better scalability and practicality than other state-of-the-art designs. We deployed our system on Alibaba Cloud and Tencent Cloud and conducted multiple evaluations. The results indicate that it takes about 2.79 seconds for a client to execute the protocol for uploading and about 0.96 seconds for downloading. Compared to other decentralized systems, our system exhibits efficient latency for both download and upload operations.

computer science, theory & methods,engineering, electrical & electronic

LIU Xuejiao,CAO Tiancong,XIA Yingjie

DOI: https://doi.org/10.11959/j.issn.1000−436x.2023031

2023-01-01

Abstract:To solve the problems of data disclosure, uncontrolled data access, and inefficiency of cross-domain data sharing in the Internet of vehicles（IoV）, an efficient and secure cross-domain data sharing scheme of IoV under blockchain architecture was proposed. A blockchain was maintained by trusted authorities of different trust domains. A modified ciphertext-policy attribute-based encryption scheme was adopted to encrypt data, and encrypted data was stored in interplanetary file system（IPFS） with relevant information recorded on the blockchain, constructing a fine-grained and secure cross-domain data sharing scheme based on blockchain. A verification algorithm for cross-domain access based on the garbled Bloom filter was designed, and a smart contract executed fast decryption tests based on access policies on the blockchain, improving the access efficiency of a mass of ciphertext. A cross-domain data access method based on outsourcing decryption was designed,and the trusted authorities transformed ciphertexts while performing outsourcing decryption with complex bilinear pairing calculations, reducing the time overhead of vehicle decryption. Experiment results show that the proposed scheme is superior to other schemes in the process of cross-domain ciphertext transformation and vehicle decryption, and the cross-domain data access efficiency is increased by 60% on average.

Muhammad Saad,Muhammad Raheel Bhutta,Jongik Kim,Tae-Sun Chung

DOI: https://doi.org/10.32604/cmc.2024.047132

2024-01-01

Abstract:With the increase in IoT (Internet of Things) devices comes an inherent challenge of security. In the world today, privacy is the prime concern of every individual. Preserving one’s privacy and keeping anonymity throughout the system is a desired functionality that does not come without inevitable trade-offs like scalability and increased complexity and is always exceedingly difficult to manage. The challenge is keeping confidentiality and continuing to make the person innominate throughout the system. To address this, we present our proposed architecture where we manage IoT devices using blockchain technology. Our proposed architecture works on and off blockchain integrated with the closed-circuit television (CCTV) security camera fixed at the rental property. In this framework, the CCTV security camera feed is redirected towards the owner and renter based on the smart contract conditions. One entity (owner or renter) can see the CCTV security camera feed at one time. There is no third-party dependence except for the CCTV security camera deployment phase. Our contributions include the proposition of framework architecture, a novel smart contract algorithm, and the modification to the ring signatures leveraging an existing cryptographic technique. Analyses are made based on different systems’ security and key management areas. In an empirical study, our proposed algorithm performed better in key generation, proof generation, and verification times. By comparing similar existing schemes, we have shown the proposed architectures’ advantages. Until now, we have developed this system for a specific area in the real world. However, this system is scalable and applicable to other areas like healthcare monitoring systems, which is part of our future work.

computer science, information systems,materials science, multidisciplinary

Kexian Liu,Jianfeng Guan,Xiaolong Hu,Jianli Liu,Hongke Zhang

2024-11-14

Abstract:The growing complexity of Internet of Things (IoT) environments, particularly in cross-domain data sharing, presents significant security challenges. Existing data-sharing schemes often rely on computationally expensive cryptographic operations and centralized key management, limiting their effectiveness for resource-constrained devices. To address these issues, we propose an efficient, secure blockchain-based data-sharing scheme. First, our scheme adopts a distributed key generation method, which avoids single point of failure. This method also allows independent pseudonym generation and key updates, enhancing authentication flexibility while reducing computational overhead. Additionally, the scheme provides a complete data-sharing process, covering data uploading, storage, and sharing, while ensuring data traceability, integrity, and privacy. Security analysis shows that the proposed scheme is theoretically secure and resistant to various attacks, while performance evaluations demonstrate lower computational and communication overhead compared to existing solutions, making it both secure and efficient for IoT applications.

Cryptography and Security

Yang Xu,Ziyu Peng,Cheng Zhang,Gaocai Wang,Huiling Wang,Hongbo Jiang,Yaoxue Zhang

DOI: https://doi.org/10.1016/j.sysarc.2024.103132

IF: 5.836

2024-03-30

Journal of Systems Architecture

Abstract:The data in Cyber-Physical Systems (CPS) is currently undergoing an explosive surge. Blockchain-based CPS exhibit enhancements in security, fault tolerance, trust, and other aspects for its data sharing. However, it is very challenging to achieve the privacy preserving and efficient data sharing in CPS considering the privacy concerns introduced by blockchain while the cost associated with privacy protection cannot be neglected. To release these potential challenges, we propose a blockchain-assisted data-sharing scheme that ensures security, privacy-preserving and efficiency. We introduce deniability into data-sharing based on an identity-based deniable authentication protocol. This protocol enables data owners to deny their data-sharing actions, protecting their privacy, and ensuring verifiability for recipients. Furthermore, by incorporating multi-recipient encryption techniques, the proposed protocol significantly simplifies interactions with multiple recipients, reducing associated costs. Additionally, the assistance of blockchain and source traceability mechanism establishes a distributed, transparent and trustworthy framework for data sharing, while ensuring honest cooperation between the individual participants. Security analysis and performance comparisons demonstrate the effectiveness and security of this scheme.

computer science, software engineering, hardware & architecture

Bernhard Dieber,Benjamin Breiling,Sebastian Taurer,Severin Kacianka,Stefan Rass,Peter Schartner

DOI: https://doi.org/10.1016/j.robot.2017.09.017

IF: 3.7

2017-12-01

Robotics and Autonomous Systems

Abstract:Future robotic systems will be situated in highly networked environments where they communicate with industrial control systems, cloud services or other systems at remote locations. In this trend of strong digitization of industrial systems (also sometimes referred to as Industry 4.0), cyber attacks are an increasing threat to the integrity of the robotic systems at the core of this new development. It is expected, that the Robot Operating System (ROS) will play an important role in robotics outside of pure research-oriented scenarios. ROS however has significant security issues which need to be addressed before such products should reach mass markets. In this paper we present the most common vulnerabilities of ROS, attack vectors to exploit those and several approaches to secure ROS and similar systems. We show how to secure ROS on an application level and describe a solution which is integrated directly into the ROS core. Our proposed solution has been implemented and tested with recent versions of ROS, and adds security to all communication channels without being invasive to the system kernel itself.

robotics,automation & control systems,computer science, artificial intelligence

Adla Padma,Mangayarkarasi Ramaiah

DOI: https://doi.org/10.1109/access.2024.3364078

IF: 3.9

2024-02-16

IEEE Access

Abstract:Building smart services for smart cities has become a significant focus of the Internet of Things (IoT). These IoT devices are able to sense their surroundings and react appropriately. Smart city applications emphasize the necessity of safe data sharing across heterogeneous devices. Certain behaviors taken while sharing could aim at compromising security, privacy, and integrity. The centralized repository that is currently in place made the majority of hacks possible. The sharing of sensitive data and authentication are essential stages in guaranteeing the security of applications associated with IoT. Blockchain and IoT are two widely used technologies, with IoT focusing on data collection via various devices and blockchain enabling data integrity. This paper introduces a novel blockchain-based framework to ensure the security and integrity aspects of IoT data. The proposed SecPrivPreserve framework ensures security through various phases including initialization, registration, data protection, authentication, data access control, validation, and data sharing and download. Diverse security mechanisms such as passwords (OTP), encryption, and hashing have been deployed in various phases to strengthen security merits confidentiality, privacy, and integrity. Since the SecPrivPreserve framework is simulated in a permissioned blockchain platform the merits and tamper-proof and non-repudiation are automatically considered. Moreover, data protection uses Chebyshev polynomials and interpolation. The presented framework has experimented with Fabric SDK. The experimental results of the proposed framework are compared with the BaseLine state-of-the-frameworks, The experimental analysis reveals that the proposed SecPrivPreserve approach achieved 34 Sec improvement in terms of responsiveness 94 Sec as computational time, encryption quality as 0.87 Sec and 0.82 Sec for detection rate.

computer science, information systems,telecommunications,engineering, electrical & electronic

Zhiwei Wang,Qingqing Chen,Lei Liu

DOI: https://doi.org/10.1109/jiot.2023.3242959

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:In this Internet of Things era, privacy preserving is one of the most vital barriers for personal data sharing. In this article, we present a secure and privacy-preserving data sharing protocol over the permissioned blockchains which require to certificate the users before they submit the transactions. We use the structure-preserving Groth signature to construct the anonymous credentials for satisfying the requirement of permissioned blockchains, and the anonymous credentials does not disclose the real identities of data owners. We prove that the anonymous credential in our protocol achieves the ideal functionality. For the secure access control and privacy protection of the data accessors, we propose an efficiently anonymous authentication scheme which utilizes the ElGamal commitment and the one-out-of-many proof to ensure a data accessor is authorized, but any unauthorized entities cannot learn the real identity of the data accessor, and even the data owner does not know who (although in the access control list) and when downloads his/her data. The blockchain platform is used to record the data storing, access control list, and the storage addresses, which helps to enhance the security level of the protocol. We implement our protocol over the ThinkPad, the RaspBerry Pi, the Huawei cloud, and the Hyperledger Fabric, and the experiments show the good performances.

computer science, information systems,telecommunications,engineering, electrical & electronic

Lo-Yao Yeh,Chih-Ya Shen,Wei-Chiao Huang,Wan-Hsin Hsu,Hsien-Chu Wu

DOI: https://doi.org/10.1109/jsyst.2021.3139319

IF: 4.802

2022-01-01

IEEE Systems Journal

Abstract:With the rise of blockchain technology, the peer-to-peer (P2P) network system has once again caught people's attention to equipping a blockchain with a big storage capacity. In the traditional P2P file-sharing network systems, such as InterPlanetary File System (IPFS), data stored in the other nodes cannot be revoked by the owner and can only be removed by other nodes themselves. To comply with the criteria of the European Union's General Data Protection Regulation, it is important to ensure that personal data can be completely removed by their owners. To improve the privacy and security of the P2P file-sharing system, we propose a revocable and monitorable P2P file-sharing system over a consortium blockchain to achieve revocation of files in the decentralized environment. By using a trusted execution environment, such as Intel Software Guard Extensions (SGX), the proposed scheme can verify the integrity of the executables of the P2P file-sharing system and generate a file authentication code for each IPFS node to make sure that the system is synchronized correctly. This scheme elaborately integrates the autonomous smart contracts and Intel SGX hardware to obtain the monitorable merit. The experimental results suggest that enhancing the security and privacy take modest computing costs into consideration. To the best of our knowledge, this scheme is the first attempt to achieve the P2P file-sharing system with securely revocable functions.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science