Blockchain Platforms and Access Control Classification for IoT Systems

Unprecedented advancement in wireless technology, storage, and computing power of portable devices with the gigabyte speed of internet connectivity enables the possibility of communication among machine to machine. IoT has a different way to connect many nodes simultaneously to store, access, and share the information to improve the quality of life by the elimination of the involvement of human. Irrespective of unlimited benefit, IoT has so many issues that arise to eclipse IoT in reality because of its centralized model. Scalability, reliability, privacy, and security challenges are rising because of the huge numbers of IoT nodes, centralized architecture, and complex networks. Centralized architecture may lead to problems like a single point of failure, single way traffic, huge infrastructure cost, privacy, security, and single source of trust. Therefore, to overcome the issues of the centralized infrastructure of the IoT, the authors diverted to decentralized infrastructure. It may be the best decision in terms of performance, reliability, security, privacy, and trust. Blockchain is an influential latest decentralization technology to decentralize computation, process management, and trust. A combination of blockchain with IoT may have the potential to solve scalability, reliability, privacy, and security issues of IoT. This chapter has an overview of some important consensus algorithms, IoT challenges, integration of the blockchain with IoT, its challenges, and future research issues of a combination of blockchain and IoT are also discussed.

Download Full-text

IoT-CCAC: a blockchain-based consortium capability access control approach for IoT

PeerJ Computer Science ◽

10.7717/peerj-cs.455 ◽

2021 ◽

Vol 7 ◽

pp. e455

Author(s):

Mohammed Amine Bouras ◽

Boming Xia ◽

Adnan Omer Abuassba ◽

Huansheng Ning ◽

Qinghua Lu

Keyword(s):

Access Control ◽

Single Point ◽

Poor Performance ◽

Sharing Economy ◽

Privacy And Security ◽

Control Approach ◽

Blockchain Technology ◽

Control Schemes ◽

Common Goals ◽

Intrinsic Feature

Access control is a critical aspect for improving the privacy and security of IoT systems. A consortium is a public or private association or a group of two or more institutes, businesses, and companies that collaborate to achieve common goals or form a resource pool to enable the sharing economy aspect. However, most access control methods are based on centralized solutions, which may lead to problems like data leakage and single-point failure. Blockchain technology has its intrinsic feature of distribution, which can be used to tackle the centralized problem of traditional access control schemes. Nevertheless, blockchain itself comes with certain limitations like the lack of scalability and poor performance. To bridge the gap of these problems, here we present a decentralized capability-based access control architecture designed for IoT consortium networks named IoT-CCAC. A blockchain-based database is utilized in our solution for better performance since it exhibits favorable features of both blockchain and conventional databases. The performance of IoT-CCAC is evaluated to demonstrate the superiority of our proposed architecture. IoT-CCAC is a secure, salable, effective solution that meets the enterprise and business’s needs and adaptable for different IoT interoperability scenarios.

Download Full-text

Study and Survey on Blockchain Privacy and Security Issues

Research Anthology on Privatizing and Securing Data ◽

10.4018/978-1-7998-8954-0.ch007 ◽

2021 ◽

pp. 169-191

Author(s):

Sourav Banerjee ◽

Debashis Das ◽

Manju Biswas ◽

Utpal Biswas

Keyword(s):

Data Storage ◽

Security And Privacy ◽

Sensitive Information ◽

Privacy And Security ◽

Unauthorized Access ◽

Security Issues ◽

Blockchain Technology ◽

Targeted Attacks ◽

Wide Range ◽

Financial Transactions

Blockchain-based technology is becoming increasingly popular and is now used to solve a wide range of tasks. And it's not all about cryptocurrencies. Even though it's based on secure technology, a blockchain needs protection as well. The risks of exploits, targeted attacks, or unauthorized access can be mitigated by the instant incident response and system recovery. Blockchain technology relies on a ledger to keep track of all financial transactions. Ordinarily, this kind of master ledger would be a glaring point of vulnerability. Another tenet of security is the chain itself. Configuration flaws, as well as insecure data storage and transfers, may cause leaks of sensitive information. This is even more dangerous when there are centralized components within the platform. In this chapter, the authors will demonstrate where the disadvantages of security and privacy in blockchain are currently and discuss how blockchain technology can improve these disadvantages and outlines the requirements for future solution.

Download Full-text

A Fine-Grained IoT Data Access Control Scheme Combining Attribute-Based Encryption and Blockchain

Security and Communication Networks ◽

10.1155/2021/5308206 ◽

2021 ◽

Vol 2021 ◽

pp. 1-13

Author(s):

Xiaofeng Lu ◽

Songbing Fu ◽

Cheng Jiang ◽

Pietro Lio

Keyword(s):

Access Control ◽

Distributed Storage ◽

Data Access ◽

Security And Privacy ◽

Privacy And Security ◽

Fine Grained ◽

Blockchain Technology ◽

Data Access Control ◽

Attribute Based Encryption ◽

Control Scheme

IoT technology has been widely valued and applied, and the resulting massive IoT data brings many challenges to the traditional centralized data management, such as performance, privacy, and security challenges. This paper proposes an IoT data access control scheme that combines attribute-based encryption (ABE) and blockchain technology. Symmetric encryption and ABE algorithms are utilized to realize fine-grained access control and ensure the security and openness of IoT data. Moreover, blockchain technology is combined with distributed storage to solve the storage bottleneck of blockchain systems. Only the hash values of the data, the hash values of the ciphertext location, the access control policy, and other important information are stored on the blockchain. In this scheme, smart contract is used to implement access control. The results of experiments demonstrate that the proposed scheme can effectively protect the security and privacy of IoT data and realize the secure sharing of data.

Download Full-text

Study and Survey on Blockchain Privacy and Security Issues

Advances in Data Mining and Database Management - Cross-Industry Use of Blockchain Technology and Opportunities for the Future ◽

10.4018/978-1-7998-3632-2.ch005 ◽

2020 ◽

pp. 80-102

Author(s):

Sourav Banerjee ◽

Debashis Das ◽

Manju Biswas ◽

Utpal Biswas

Keyword(s):

Data Storage ◽

Security And Privacy ◽

Sensitive Information ◽

Privacy And Security ◽

Unauthorized Access ◽

Security Issues ◽

Blockchain Technology ◽

Targeted Attacks ◽

Wide Range ◽

Financial Transactions

Blockchain-based technology is becoming increasingly popular and is now used to solve a wide range of tasks. And it's not all about cryptocurrencies. Even though it's based on secure technology, a blockchain needs protection as well. The risks of exploits, targeted attacks, or unauthorized access can be mitigated by the instant incident response and system recovery. Blockchain technology relies on a ledger to keep track of all financial transactions. Ordinarily, this kind of master ledger would be a glaring point of vulnerability. Another tenet of security is the chain itself. Configuration flaws, as well as insecure data storage and transfers, may cause leaks of sensitive information. This is even more dangerous when there are centralized components within the platform. In this chapter, the authors will demonstrate where the disadvantages of security and privacy in blockchain are currently and discuss how blockchain technology can improve these disadvantages and outlines the requirements for future solution.

Download Full-text

Addressing Security Issues and Standards in Internet of Things

Emerging Trends and Applications in Cognitive Computing - Advances in Computational Intelligence and Robotics ◽

10.4018/978-1-5225-5793-7.ch010 ◽

2019 ◽

pp. 224-257 ◽

Cited By ~ 1

Author(s):

Sushruta Mishra ◽

Soumya Sahoo ◽

Brojo Kishore Mishra

Keyword(s):

Internet Of Things ◽

Real Life ◽

Future Internet ◽

Security And Privacy ◽

Future Research ◽

Privacy And Security ◽

Privacy Concerns ◽

Security Issues ◽

Novel Approach ◽

Trusted Platform

In the IoTs era, the short-range mobile transceivers will be implanted in a variety of daily requirements. In this chapter, a detail survey in several security and privacy concerns related to internet of things (IoTs) by defining some open challenges are discussed. The privacy and security implications of such an evolution should be carefully considered to the promising technology. The protection of data and privacy of users has been identified as one of the key challenges in the IoT. In this chapter, the authors present internet of things with architecture and design goals. They survey security and privacy concerns at different layers in IoTs. In addition, they identify several open issues related to the security and privacy that need to be addressed by research community to make a secure and trusted platform for the delivery of future internet of things. The authors also discuss applications of IoTs in real life. A novel approach based on cognitive IoT is presented, and a detailed study is undertaken. In the future, research on the IoTs will remain a hot issue.

Download Full-text

Applying Blockchain Technology to Security-Related Aspects of Electronic Healthcare Record Infrastructure

The African Journal of Information and Communication ◽

10.23962/10539/32211 ◽

2021 ◽

pp. 1-28

Author(s):

Ryno Adlam ◽

Bertram Haskins

Keyword(s):

Experimental Data ◽

Medical Records ◽

Single Point ◽

Security And Privacy ◽

Theoretical Base ◽

Privacy And Security ◽

Health Records ◽

Blockchain Technology ◽

Electronic Healthcare Record ◽

Flow Configurations

The centralised architecture employed by electronic health records (EHRs) may constitute a single point of failure. From the perspective of availability, an alternative cloud-based EHR infrastructure is effective and efficient. However, this increased availability has created challenges related to the security and privacy of patients’ medical records. The sensitive nature of EHRs attracts the attention of cyber-criminals. There has been a rise in the number of data breaches related to EHRs. The infrastructure used by EHRs does not assure the privacy and security of patients’ medical records. Features of blockchain platforms, such as decentralisation, immutability, auditability, and transparency, may provide a viable means of augmenting or improving services related to the security of EHRs. This study presents a series of experimental data flow configurations to test the application of blockchain technology to aspects of EHRs. The insights gained from these experiments are founded on a theoretical base to provide recommendations for applying blockchain technology to services related to the security of EHR infrastructure. These recommendations may be employed by developers when redesigning existing EHR systems or deploying new EHR systems.

Download Full-text

Website Information Security and Privacy Concerns in 4IR: The Moderating Role of Trust in B2C e-Commerce

10.29007/jlq6 ◽

2019 ◽

Author(s):

Thabang Mofokeng

Keyword(s):

South Africa ◽

Customer Satisfaction ◽

Customer Loyalty ◽

Success Factors ◽

Industrial Revolution ◽

Emerging Market ◽

Security And Privacy ◽

Future Research ◽

Privacy And Security ◽

Customer Trust

The technology devices introduced in recent years are not only vulnerable to Internet risks but are also unable to elevate the growth of B2C e-commerce. These concerns are particularly relevant today, as the world transitions into the Fourth Industrial Revolution. To date, existing research has largely focused on obstacles to customer loyalty. Studies have tested e-commerce models guided by the establishment of trusting, satisfied and loyal consumers in various international contexts. In South Africa, however, as an emerging market, there has been limited research on the success factors of online shopping.This study examines the influence of security and privacy on trust, seen as a moderator of customer satisfaction, which in turn, has an effect on loyalty towards websites. Based on an exhaustive review of literature, a conceptual model is proposed on the relationships between security and privacy on the one hand, and customer trust, satisfaction and loyalty on the other. A total of 250 structured, self-administered questionnaires was distributed to a purposively selected sample of respondents using face-to-face surveys in Johannesburg, South Africa. A multivariate data analysis technique was used to draw inferences from the data. With an 80.1% response rate, the findings showed that privacy and security do influence customer trust; security strongly influences customer trust and weakly influences satisfaction. In South Africa, customer loyalty towards websites is strongly determined by satisfaction and weakly determined by trust. Trust significantly moderates the effect of customer satisfaction on loyalty. The study implications and limitations are presented and future research directions are suggested.

Download Full-text

Access Control Mechanisms in Named Data Networks

ACM Computing Surveys ◽

10.1145/3442150 ◽

2021 ◽

Vol 54 (3) ◽

pp. 1-35

Author(s):

Boubakr Nour ◽

Hakima Khelifi ◽

Rasheed Hussain ◽

Spyridon Mastorakis ◽

Hassine Moungla

Keyword(s):

Access Control ◽

Holistic Approach ◽

Future Internet ◽

Lessons Learned ◽

Future Research ◽

Communication Model ◽

Control Mechanisms ◽

Internet Communication ◽

Future Internet Architecture ◽

Comprehensive Survey

Information-Centric Networking (ICN) has recently emerged as a prominent candidate for the Future Internet Architecture (FIA) that addresses existing issues with the host-centric communication model of the current TCP/IP-based Internet. Named Data Networking (NDN) is one of the most recent and active ICN architectures that provides a clean-slate approach for Internet communication. NDN provides intrinsic content security where security is directly provided to the content instead of communication channel. Among other security aspects, Access Control (AC) rules specify the privileges for the entities that can access the content. In TCP/IP-based AC systems, due to the client-server communication model, the servers control which client can access a particular content. In contrast, ICN-based networks use content names to drive communication and decouple the content from its original location. This phenomenon leads to the loss of control over the content, causing different challenges for the realization of efficient AC mechanisms. To date, considerable efforts have been made to develop various AC mechanisms in NDN. In this article, we provide a detailed and comprehensive survey of the AC mechanisms in NDN. We follow a holistic approach towards AC in NDN where we first summarize the ICN paradigm, describe the changes from channel-based security to content-based security, and highlight different cryptographic algorithms and security protocols in NDN. We then classify the existing AC mechanisms into two main categories: Encryption-based AC and Encryption-independent AC . Each category has different classes based on the working principle of AC (e.g., Attribute-based AC, Name-based AC, Identity-based AC). Finally, we present the lessons learned from the existing AC mechanisms and identify the challenges of NDN-based AC at large, highlighting future research directions for the community.

Download Full-text

Centralized, Distributed, and Everything in between

ACM Computing Surveys ◽

10.1145/3465170 ◽

2022 ◽

Vol 54 (7) ◽

pp. 1-34

Author(s):

Sophie Dramé-Maigné ◽

Maryline Laurent ◽

Laurent Castillo ◽

Hervé Ganem

Keyword(s):

Access Control ◽

Future Research ◽

The Internet ◽

Research Directions ◽

Security Issues ◽

Security Properties ◽

Future Research Directions ◽

Iot Devices ◽

The Internet Of Things ◽

Security Of Iot

The Internet of Things is taking hold in our everyday life. Regrettably, the security of IoT devices is often being overlooked. Among the vast array of security issues plaguing the emerging IoT, we decide to focus on access control, as privacy, trust, and other security properties cannot be achieved without controlled access. This article classifies IoT access control solutions from the literature according to their architecture (e.g., centralized, hierarchical, federated, distributed) and examines the suitability of each one for access control purposes. Our analysis concludes that important properties such as auditability and revocation are missing from many proposals while hierarchical and federated architectures are neglected by the community. Finally, we provide an architecture-based taxonomy and future research directions: a focus on hybrid architectures, usability, flexibility, privacy, and revocation schemes in serverless authorization.

Download Full-text