Data aggregation mechanisms in the Internet of things

Personal Health Records (PHRs) should remain the lifelong property of patients, who should be able to show them conveniently and securely to selected caregivers and institutions. In this paper, we present My PHR Machines, a cloud-based PHR system taking a radically new architectural solution to health record portability. In My PHR Machines, health-related data and the application software to view and/or analyze it are separately deployed in the PHR system. After uploading their medical data to My PHR Machines, patients can access them again from remote virtual machines that contain the right software to visualize and analyze them without any need for conversion. Patients can share their remote virtual machine session with selected caregivers, who will need only a Web browser to access the pre-loaded fragments of their lifelong PHR. We discuss a prototype of My PHR Machines applied to two use cases, i.e., radiology image sharing and personalized medicine.

Scalable and Secure Sharing of Personal Health Records in Cloud Computing using Attribute–Based Encryption

Internet of things (IoT) is considered as a collection of heterogeneous devices, such as sensors, Radio-frequency identification (RFID) and actuators, which form a huge network, enabling non-internet components in the network to produce a better world of services, like smart home, smart city, smart transportation, and smart industries. On the other hand, security and privacy are the most important aspects of the IoT network, which includes authentication, authorization, data protection, network security, and access control. Additionally, traditional network security cannot be directly used in IoT networks due to its limitations on computational capabilities and storage capacities. Furthermore, authentication is the mainstay of the IoT network, as all components undergo an authentication process before establishing communication. Therefore, securing authentication is essential. In this paper, we have focused on IoT security particularly on their authentication mechanisms. Consequently, we highlighted enormous attacks and technical methods on the IoT authentication mechanism. Additionally, we discussed existing security verification techniques and evaluation schemes of IoT authentication. Furthermore, analysis against current existing protocols have been discussed in all parts and provided some recommendation. Finally, the aim of our study is to help the future researcher by providing security issues, open challenges and future scopes in IoT authentication.

/pdf/review-on-security-of-internet-of-things-authentication-1377sfm4w7.pdf

Review on Security of Internet of Things Authentication Mechanism

Electronic health records (EHRs) replaced the old paper-based systems to make patient data more accurate, reliable, and more accessible. Yet, the EHRs system requires high transmission cost, energy, and waste of time for both doctors and patients. Furthermore, EHRs security presents a serious issue threatening the patient's privacy. Most of the third-party hosting systems have some issues related to the users' privacy and data security. Hence, it is necessary to restrict the access control policies and develop efficient mechanisms for cloud-based EHRs data. In this paper, a sensitive and energetic access control (SE-AC) mechanism is proposed for managing the cloud-hosted EHRs and providing a fine-grained access control even in critical situations. The proposed mechanism ensures the confidentiality of the patient's data, where only authorized individuals to have permission to be able to edit or review certain of the patient's data. Each EHR data is encrypted by the managing authority before submitting to the cloud storage. The requesting user can get dynamically changing permissions based on authentication and context attributes. In addition, seven major aspects have been quantified to assess the operation of any access control that could be deployed in the Internet-of-Thing (IoT). The security analysis indicates that the SE-AC mechanism is secure and will prevent any unauthorized access. The results show exceptional compatibility and performance with different setups and configuration.

/pdf/sensitive-and-energetic-iot-access-control-for-managing-4ew67hnadd.pdf

Sensitive and Energetic IoT Access Control for Managing Cloud Electronic Health Records

Wireless sensor networks (WSNs) are nowadays considered as an important part of the Internet of Things (IoT). In these networks, data aggregation plays an essential role in energy preservation. However, WSNs are usually deployed in hostile and unattended environments (e.g. military applications) in which the confidentiality and integrity security services are widely desired. Recently, homomorphic encryptions have been applied to conceal sensitive information during aggregation such that algebraic operations are done directly on ciphertexts without decryption. The main benefit is that they offer the end-to-end data confidentiality and they do not require expensive computation at aggregator nodes since no encryption and decryption are performed. However, existing solutions either incur a considerable overhead or have limited applicability to certain types of aggregate queries. This paper presents a novel secure data aggregation protocol for WSNs. The scheme employs Stateful Public Key Encryption (StPKE) and some previous techniques in order to provide an efficient end-to-end security. Moreover, our solution does not impose any bound on the aggregation function's nature (Maximum, Minimum, Average, etc.). We present and implement our scheme on TelosB as well as MicaZ sensor network platforms and measure the execution time of our various cryptographic functions. Simulations are also conducted to show how our scheme can achieve a high security level (by providing the above security services) with a low overhead (in terms of computation and communication) in large-scale scenario.

A novel secure aggregation scheme for wireless sensor networks using stateful public key cryptography

The rapid growth of Internet of Things (IoT) technology offers huge opportunities and also brings many new challenges related to the authentication in (IoT) devices. Using passwords or pre-defined keys have drawbacks that limit their use for different (IoT) applications like smart hotel and smart office. In fact, they didn’t provide temporary access to data in such reservation systems. Thus, authenticating users basing on password mechanism is not feasible. In this paper, we propose a new Token-Based Lightweight User Authentication (TBL UA) for (IoT) devices, which is based on token technique in order to enhance the robustness of authentication. Security analysis shows the security strength of the proposed scheme such as token security, Perfect Forward Secrecy (PFS), etc. In addition, the presented performance analysis shows that it is a strong competitor among existing ones for user authentication in (IoT) environments.

Token-Based Lightweight Authentication to Secure IoT Networks

In smart grid, data aggregation is considered as an essential paradigm in assessing information about current energy usage. To achieve the privacy-preserving goal, several homomorphic-based solutions have been proposed. However, these solutions either consider one-dimensional information or use costly pairing computation in order to ensure source authentication. In fact, smart grid data are likely to be multidimensional (e.g., time, purpose, and so on) for more accurate control. In addition, the aggregation node in smart grid needs to verify data that come from several smart meters in a residential area; hence, the verification must be cost-efficient. In this paper, we propose a scheme that considers multidimensional aggregation with privacy preserving and an efficient verification of smart grid data. The proposal is based on elliptic curve cryptography along with homomorphic encryption and without pairings. The performance analysis shows the efficiency of the scheme for smart grid communications in comparison with existing schemes. For instance, we show that, when an aggregator node is responsible of 600 smart meters, it spends approximately 14 s to verify the data in pairing-based schemes, while only 0.3 s is needed for verification within the proposed scheme.

Elliptic Curve-Based Secure Multidimensional Aggregation for Smart Grid Communications

Context-aware access control and anonymous authentication in WBAN

Summary
The Internet of Things (IoT) concept is, and will be, one of the most interesting topics in the field of Information and Communications Technology. Covering a wide range of applications, wireless sensor networks (WSNs) can play an important role in IoT by seamless integration among thousands of sensors. The benefits of using WSN in IoT include the integrity, scalability, robustness, and easiness in deployment. In WSNs, data aggregation is a famous technique, which, on one hand, plays an essential role in energy preservation and, on the other hand, makes the network prone to different kinds of attacks. The detection of false data injection and impersonation attacks is one of the major concerns in WSNs. In order to verify the data, there is either the end-to-end approach or the hop-by-hop approach. In the former, the detection of these attacks can only be performed at sink node, i.e., after reception of aggregate, a detection that is inefficient and leads to a significant loss of legitimate data. In this paper, we propose a scheme that provides the end-to-end privacy and allows early detection of the attack through a hop-by-hop verification, thus reducing the need to rely entirely on sink node for verification. Based on an enhanced version of TinyECC, the solution is implemented on MicaZ and TelosB motes. Through simulation and experimental results, we show the applicability of the scheme for WSNs.

Omar Rafik Merad Boudia

Papers

A novel secure aggregation scheme for wireless sensor networks using stateful public key cryptography

Token-Based Lightweight Authentication to Secure IoT Networks

Elliptic Curve-Based Secure Multidimensional Aggregation for Smart Grid Communications

Context-aware access control and anonymous authentication in WBAN

Secure and efficient verification for data aggregation in wireless sensor networks