scholarly journals An Empirical Study of a Trustworthy Cloud Common Data Model Using Decentralized Identifiers

2021 ◽  
Vol 11 (19) ◽  
pp. 8984
Author(s):  
Yunhee Kang ◽  
Jaehyuk Cho ◽  
Young B. Park
Keyword(s):  
Data Model ◽  
Identity Management ◽  
Control Policy ◽  
Data Access ◽  
Common Data Model ◽  
Identification System ◽  
Research Information ◽  
Agent Based ◽  
Data Access Control ◽  
Efficient Data

The Conventional Cloud Common Data Model (CDM) uses a centralized method of user identification and credentials. This needs to be solved in a decentralized way because there are limitations in interoperability such as closed identity management and identity leakage. In this paper, we propose a DID (Decentralized Identifier)-based cloud CDM that allows researchers to securely store medical research information by authenticating their identity and to access the CDM reliably. The proposed service model is used to provide the credential of the researcher in the process of creating and accessing CDM data in the designed secure cloud. This model is designed on a DID-based user-centric identification system to support the research of enrolled researchers in a cloud CDM environment involving multiple hospitals and laboratories. The prototype of the designed model is an extension of the encrypted CDM delivery method using DID and provides an identification system by limiting the use cases of CDM data by researchers registered in cloud CDM. Prototypes built for agent-based proof of concept (PoC) are leveraged to enhance security for researcher use of ophthalmic CDM data. For this, the CDM ID schema and ID definition are described by issuing IDs of CDM providers and CDM agents, limiting the IDs of researchers who are CDM users. The proposed method is to provide a framework for integrated and efficient data access control policy management. It provides strong security and ensures both the integrity and availability of CDM data.

scholarly journals A Lightweight Blockchain-Based IoT Identity Management Approach

2021 ◽  
Vol 13 (2) ◽  
pp. 24
Author(s):  
Mohammed Amine Bouras ◽  
Qinghua Lu ◽  
Sahraoui Dhelim ◽  
Huansheng Ning
Keyword(s):  
Identity Management ◽  
Single Point ◽  
Data Access ◽  
Emerging Technology ◽  
Management Approach ◽  
Proof Of Concept ◽  
Data Access Control ◽  
And Storage ◽  
Privacy Issues ◽  
Centralized System

Identity management is a fundamental feature of Internet of Things (IoT) ecosystem, particularly for IoT data access control. However, most of the actual works adopt centralized approaches, which could lead to a single point of failure and privacy issues that are tied to the use of a trusted third parties. A consortium blockchain is an emerging technology that provides a neutral and trustable computation and storage platform that is suitable for building identity management solutions for IoT. This paper proposes a lightweight architecture and the associated protocols for consortium blockchain-based identity management to address privacy, security, and scalability issues in a centralized system for IoT. Besides, we implement a proof-of-concept prototype and evaluate our approach. We evaluate our work by measuring the latency and throughput of the transactions while using different query actions and payload sizes, and we compared it to other similar works. The results show that the approach is suitable for business adoption.

scholarly journals Improving the data access control using blockchain for healthcare domain

F1000Research ◽  
2021 ◽  
Vol 10 ◽  
pp. 901
Author(s):  
Olaosebikan Tahir Yinka ◽  
Su-Cheng Haw ◽  
Timothy Tzen Vun Yap ◽  
Samini Subramaniam
Keyword(s):  
Big Data ◽  
Identity Management ◽  
Performance Metrics ◽  
Data Access ◽  
Data Access Control ◽  
Proposed Model ◽  
Big Data Technologies ◽  
Access To Data ◽  
Authorization Control ◽  
Privacy Issues

Introduction: Unauthorized access to data is one of the most significant privacy issues that hinder most industries from adopting big data technologies. Even though specific processes and structures have been put in place to deal with access authorization and identity management for large databases nonetheless, the scalability criteria are far beyond the capabilities of traditional databases. Hence, most researchers are looking into other solutions, such as big data management. Methods: In this paper, we firstly study the strengths and weaknesses of implementing cryptography and blockchain for identity management and authorization control in big data, focusing on the healthcare domain. Subsequently, we propose a decentralized data access and sharing system that preserves privacy to ensure adequate data access management under the blockchain. In addition, we designed a blockchain framework to resolve the decentralized data access and sharing system privacy issues, by implementing a public key infrastructure model, which utilizes a signature cryptography algorithm (elliptic curve and signcryption). Lastly, we compared the proposed blockchain model to previous techniques to see how well it performed. Results: We evaluated the blockchain on four performance metrics which include throughput, latency, scalability, and security. The proposed blockchain model was tested using a sample of 5000 patients and 500,000 observations. The performance evaluation results further showed that the proposed model achieves higher throughput and lower latency compared to existing approaches when the workload varies up to 10,000 transactions. Discussion: This research reviews the importance of blockchains as they provide infinite possibilities to individuals, companies, and governments.

scholarly journals Multi-Authority Criteria-Based Encryption Scheme for IoT

2021 ◽  
Vol 2021 ◽  
pp. 1-15
Author(s):  
Jianguo Sun ◽  
Yang Yang ◽  
Zechao Liu ◽  
Yuqing Qiao
Keyword(s):  
Data Access ◽  
Sensitive Information ◽  
Time Data ◽  
Access Policy ◽  
Fine Grained ◽  
Data Access Control ◽  
Diffie Hellman ◽  
Efficient Data ◽  
Real Time Data Processing ◽  
Ciphertext Policy

Currently, the Internet of Things (IoT) provides individuals with real-time data processing and efficient data transmission services, relying on extensive edge infrastructures. However, those infrastructures may disclose sensitive information of consumers without authorization, which makes data access control to be widely researched. Ciphertext-policy attribute-based encryption (CP-ABE) is regarded as an effective cryptography tool for providing users with a fine-grained access policy. In prior ABE schemes, the attribute universe is only managed by a single trusted central authority (CA), which leads to a reduction in security and efficiency. In addition, all attributes are considered equally important in the access policy. Consequently, the access policy cannot be expressed flexibly. In this paper, we propose two schemes with a new form of encryption named multi-authority criteria-based encryption (CE) scheme. In this context, the schemes express each criterion as a polynomial and have a weight on it. Unlike ABE schemes, the decryption will succeed if and only if a user satisfies the access policy and the weight exceeds the threshold. The proposed schemes are proved to be secure under the decisional bilinear Diffie–Hellman exponent assumption (q-BDHE) in the standard model. Finally, we provide an implementation of our works, and the simulation results indicate that our schemes are highly efficient.

Iot Secured Disjunctive XOR Two Factor Mutual Authentication for Users

2019 ◽  
Vol 13 ◽  
Author(s):  
Meenu Talwar ◽  
B. Balamurugan
Keyword(s):  
Access Control ◽  
User Authentication ◽  
Mutual Authentication ◽  
Real Life ◽  
Control Policy ◽  
Data Access ◽  
Whole Process ◽  
Insider Attack ◽  
Data Access Control ◽  
Work Done

: The Internet of Things is one of the most adapting technology with the applications in multiple domains. Bringing together, huge number of devices and networks to access the information at one platform is called an IoT network. IoT is shifting its security priorities to consider data access control from a data-centric perspective. Recently, Muhammad et.al. has proposed a scheme of two-factor user authentication in WSN and claimed that his scheme is secured against various attacks [1]. However, we have found some pitfalls in his work and based on that, proposed a work, which is an improvement of the earlier works done by M.L. Das on access control policy. In our work, we have modified the existing algorithm by adding new computational load without disturbing the work done in the previous algorithm. The integration of our proposed work with the earlier work makes the whole process more protective from various insider attack. The proposed algorithm "Disjunctive XOR Two Factor Authentication Method " can be implemented with real life applications. The security patches implemented in the proposed algorithm, attempts to fix receptiveness of the gateway and makes the scheme more secured and adaptive. The proposed work is tested in an unsecured wireless sensor network and found to be capable of protecting from various attacks such as Bypass and Insider attacks. With addition, it also gives the flexibility, to allow user to change or update its login password within a secured environment. In our work, we have also proposed, the Mutual Authentication between the Gateway(GY-node) and Sensor Node(Sn) such that it gets protected by an inside attacker and secondly, to allow user to change/update password independently and thirdly proved that the work proposed is secured from insider and Bypass attacker.

scholarly journals DATA SECURITY SYSTEM FOR THE WINMAP GIS

2016 ◽  
Vol 1 (12) ◽  
pp. 138-141
Author(s):  
Заставной ◽  
Dmitriy Zastavnoy
Keyword(s):  
Spatial Data ◽  
Data Model ◽  
Data Security ◽  
Spatial Databases ◽  
Data Access ◽  
Security System ◽  
Control Data ◽  
Geoinformation Systems ◽  
Data Access Control ◽  
Access Model

A key feature for the information systems is data security, but the Geoinformation Systems and Spatial Databases as well as their applications appear to have some drawbacks concerning that matter. Most suggestions about geodata confidentiality are obviously stuck in their attempts to link access rules with geometric properties of spatial data. In this paper we suggest a different approach toward build data access model and a complete data security system for a WinMAP system which includes account control, data access control based on an extended DAC and audit features. A data model of WinMAP is also described because its specialized features allow to rationally develop and effectively implement the data security system. An implementation of the extended DAC model is briefly sketched.

scholarly journals Improving the data access control using blockchain for healthcare domain

F1000Research ◽  
2021 ◽  
Vol 10 ◽  
pp. 901
Author(s):  
Olaosebikan Tahir Yinka ◽  
Su-Cheng Haw ◽  
Timothy Tzen Vun Yap ◽  
Samini Subramaniam
Keyword(s):  
Big Data ◽  
Identity Management ◽  
Performance Metrics ◽  
Data Access ◽  
Data Access Control ◽  
Proposed Model ◽  
Big Data Technologies ◽  
Access To Data ◽  
Authorization Control ◽  
Privacy Issues

Introduction Unauthorized access to data is one of the most significant privacy issues that hinder most industries from adopting big data technologies. Even though specific processes and structures have been put in place to deal with access authorization and identity management for large databases nonetheless, the scalability criteria are far beyond the capabilities of traditional databases. Hence, most researchers are looking into other solutions, such as big data management. Methods In this paper, we firstly study the strengths and weaknesses of implementing cryptography and blockchain for identity management and authorization control in big data, focusing on the healthcare domain. Subsequently, we propose a decentralized data access and sharing system that preserves privacy to ensure adequate data access management under the blockchain. In addition, we designed a blockchain framework to resolve the decentralized data access and sharing system privacy issues, by implementing a public key infrastructure model, which utilizes a signature cryptography algorithm (elliptic curve and signcryption). Lastly, we compared the proposed blockchain model to previous techniques to see how well it performed. Results We evaluated the blockchain on four performance metrics which include throughput, latency, scalability, and security. The proposed blockchain model was tested using a sample of 5000 patients and 500,000 observations. The performance evaluation results further showed that the proposed model achieves higher throughput and lower latency compared to existing approaches when the workload varies up to 10,000 transactions. Discussion This research reviews the importance of blockchains as they provide infinite possibilities to individuals, companies, and governments.

Sign in / Sign up

Export Citation Format

Share Document