Blockchain Empowered Cooperative Authentication With Data Traceability in Vehicular Edge Computing
27 Jan 2020-IEEE Transactions on Vehicular Technology (Institute of Electrical and Electronics Engineers (IEEE))-Vol. 69, Iss: 4, pp 4221-4232
TL;DR: A blockchain empowered group-authentication scheme is proposed for vehicles with decentralized identification based on secret sharing and dynamic proxy mechanism that achieves cooperative privacy preservation for vehicles while also reducing communication overhead and computation cost.
Abstract: The dynamic environment due to traffic mobility and wireless communication from/to vehicles make identity authentication and trust management for privacy preservation based on vehicular edge computing (VEC) an increasingly important problem in vehicular networks. However, existing authentication schemes mainly focus on communication between a single trusted edge computing node and multiple vehicles. This framework may suffer the bottleneck problem due to the single edge computing node, and the performance depends heavily on its resources. In this paper, a blockchain empowered group-authentication scheme is proposed for vehicles with decentralized identification based on secret sharing and dynamic proxy mechanism. Sub-authentication results are aggregated for trust management based blockchain to implement collaborative authentication. The edge computing node with a higher-reputation stored in the tamper-proof blockchain can upload the final aggregated authentication result to the central server to achieve the decentralized authentication. This work analyzes typical attacks for this scheme and shows that the proposed scheme achieves cooperative privacy preservation for vehicles while also reducing communication overhead and computation cost.
Citations
More filters
TL;DR: The IoT/IIoT critical infrastructure in industry 4.0 is introduced, and then the blockchain and edge computing paradigms are briefly presented, and it is shown how the convergence of these two paradigm can enable secure and scalable critical infrastructures.
Abstract: Critical infrastructure systems are vital to underpin the functioning of a society and economy. Due to the ever-increasing number of Internet-connected Internet-of-Things (IoT)/Industrial IoT (IIoT), and the high volume of data generated and collected, security and scalability are becoming burning concerns for critical infrastructures in industry 4.0. The blockchain technology is essentially a distributed and secure ledger that records all the transactions into a hierarchically expanding chain of blocks. Edge computing brings the cloud capabilities closer to the computation tasks. The convergence of blockchain and edge computing paradigms can overcome the existing security and scalability issues. In this article, we first introduce the IoT/IIoT critical infrastructure in industry 4.0, and then we briefly present the blockchain and edge computing paradigms. After that, we show how the convergence of these two paradigms can enable secure and scalable critical infrastructures. Then, we provide a survey on the state of the art for security and privacy and scalability of IoT/IIoT critical infrastructures. A list of potential research challenges and open issues in this area is also provided, which can be used as useful resources to guide future research.
171 citations
TL;DR: In this paper, a comprehensive survey on security and privacy issues in the context of EC-assisted IoT is presented, including definitions, applications, architecture, advantages, and challenges, as well as several open challenges and future research directions for secure EC assisted IoT paradigm are also extensively provided.
Abstract: Internet of Things (IoT) is an innovative paradigm envisioned to provide massive applications that are now part of our daily lives. Millions of smart devices are deployed within complex networks to provide vibrant functionalities, including communications, monitoring, and controlling of critical infrastructures. However, this massive growth of IoT devices and the corresponding huge data traffic generated at the edge of the network created additional burdens on the state-of-the-art centralized cloud computing paradigm due to the bandwidth and resource scarcity. Hence, edge computing (EC) is emerging as an innovative strategy that brings data processing and storage near to the end users, leading to what is called the EC-assisted IoT. Although this paradigm provides unique features and enhanced Quality of Service (QoS), it also introduces huge risks in data security and privacy aspects. This article conducts a comprehensive survey on security and privacy issues in the context of EC-assisted IoT. In particular, we first present an overview of EC-assisted IoT, including definitions, applications, architecture, advantages, and challenges. Second, we define security and privacy in the context of EC-assisted IoT. Then, we extensively discuss the major classifications of attacks in EC-assisted IoT and provide possible solutions and countermeasures along with the related research efforts. After that, we further classify some security and privacy issues as discussed in the literature based on security services and based on security objectives and functions. Finally, several open challenges and future research directions for secure EC-assisted IoT paradigm are also extensively provided.
116 citations
TL;DR: The nature of CA in IoT applications is outlined, the key behavioral signals are highlighted, the extant solutions from an AI perspective are summarized, and the challenges and promising future directions to guide the next generation of AI-based CA research are discussed.
Abstract: In the Internet-of-Things (IoT) era, user authentication is essential to ensure the security of connected devices and the customization of passive services However, conventional knowledge-based and physiological biometric-based authentication systems (eg, password, face recognition, and fingerprints) are susceptible to shoulder surfing attacks, smudge attacks, and heat attacks The powerful sensing capabilities of IoT devices, including smartphones, wearables, robots, and autonomous vehicles enable continuous authentication (CA) based on behavioral biometrics The artificial intelligence (AI) approaches hold significant promise in sifting through large volumes of heterogeneous biometrics data to offer unprecedented user authentication and user identification capabilities In this survey article, we outline the nature of CA in IoT applications, highlight the key behavioral signals, and summarize the extant solutions from an AI perspective Based on our systematic and comprehensive analysis, we discuss the challenges and promising future directions to guide the next generation of AI-based CA research
76 citations
Cites background from "Blockchain Empowered Cooperative Au..."
...In the dynamic environment, participants need to finish one session across shared IoT devices where complex and robust authentication schemes are needed [7]....
[...]
...may suffer from the bottle problem due to the limitation of a single centralized server [7]....
[...]
Posted Content•
TL;DR: A comprehensive survey on security and privacy issues in the context of EC-assisted IoT, including definitions, applications, architecture, advantages, and challenges, and extensively discusses the major classifications of attacks.
Abstract: Internet of Things (IoT) is an innovative paradigm envisioned to provide massive applications that are now part of our daily lives. Millions of smart devices are deployed within complex networks to provide vibrant functionalities including communications, monitoring, and controlling of critical infrastructures. However, this massive growth of IoT devices and the corresponding huge data traffic generated at the edge of the network created additional burdens on the state-of-the-art centralized cloud computing paradigm due to the bandwidth and resources scarcity. Hence, edge computing (EC) is emerging as an innovative strategy that brings data processing and storage near to the end users, leading to what is called EC-assisted IoT. Although this paradigm provides unique features and enhanced quality of service (QoS), it also introduces huge risks in data security and privacy aspects. This paper conducts a comprehensive survey on security and privacy issues in the context of EC-assisted IoT. In particular, we first present an overview of EC-assisted IoT including definitions, applications, architecture, advantages, and challenges. Second, we define security and privacy in the context of EC-assisted IoT. Then, we extensively discuss the major classifications of attacks in EC-assisted IoT and provide possible solutions and countermeasures along with the related research efforts. After that, we further classify some security and privacy issues as discussed in the literature based on security services and based on security objectives and functions. Finally, several open challenges and future research directions for secure EC-assisted IoT paradigm are also extensively provided.
75 citations
TL;DR: In this article , a secure and efficient distributed consensus algorithm for blockchain applications in the Internet of Vehicles (IoV) is proposed, which is more efficient, has less communication overhead, and has greater throughput than the original PBFT algorithm.
65 citations
References
More filters
TL;DR: The definition of edge computing is introduced, followed by several case studies, ranging from cloud offloading to smart home and city, as well as collaborative edge to materialize the concept of edge Computing.
Abstract: The proliferation of Internet of Things (IoT) and the success of rich cloud services have pushed the horizon of a new computing paradigm, edge computing, which calls for processing the data at the edge of the network. Edge computing has the potential to address the concerns of response time requirement, battery life constraint, bandwidth cost saving, as well as data safety and privacy. In this paper, we introduce the definition of edge computing, followed by several case studies, ranging from cloud offloading to smart home and city, as well as collaborative edge to materialize the concept of edge computing. Finally, we present several challenges and opportunities in the field of edge computing, and hope this paper will gain attention from the community and inspire more research in this direction.
5,198 citations
"Blockchain Empowered Cooperative Au..." refers background in this paper
...Mobile edge computing (MEC) is a promising approach for improving computational capabilities and facilitating data processing in vehicular networks [5]....
[...]
15 Jan 2020
4,407 citations
20 May 2007
TL;DR: A system for realizing complex access control on encrypted data that is conceptually closer to traditional access control methods such as role-based access control (RBAC) and secure against collusion attacks is presented.
Abstract: In several distributed systems a user should only be able to access data if a user posses a certain set of credentials or attributes. Currently, the only method for enforcing such policies is to employ a trusted server to store the data and mediate access control. However, if any server storing the data is compromised, then the confidentiality of the data will be compromised. In this paper we present a system for realizing complex access control on encrypted data that we call ciphertext-policy attribute-based encryption. By using our techniques encrypted data can be kept confidential even if the storage server is untrusted; moreover, our methods are secure against collusion attacks. Previous attribute-based encryption systems used attributes to describe the encrypted data and built policies into user's keys; while in our system attributes are used to describe a user's credentials, and a party encrypting data determines a policy for who can decrypt. Thus, our methods are conceptually closer to traditional access control methods such as role-based access control (RBAC). In addition, we provide an implementation of our system and give performance measurements.
4,364 citations
"Blockchain Empowered Cooperative Au..." refers background in this paper
...The received public key from the group member is relevant toH(s⊕ r) [36], and the group member’s private key...
[...]
TL;DR: The conclusion is that the blockchain-IoT combination is powerful and can cause significant transformations across several industries, paving the way for new business models and novel, distributed applications.
Abstract: Motivated by the recent explosion of interest around blockchains, we examine whether they make a good fit for the Internet of Things (IoT) sector. Blockchains allow us to have a distributed peer-to-peer network where non-trusting members can interact with each other without a trusted intermediary, in a verifiable manner. We review how this mechanism works and also look into smart contracts—scripts that reside on the blockchain that allow for the automation of multi-step processes. We then move into the IoT domain, and describe how a blockchain-IoT combination: 1) facilitates the sharing of services and resources leading to the creation of a marketplace of services between devices and 2) allows us to automate in a cryptographically verifiable manner several existing, time-consuming workflows. We also point out certain issues that should be considered before the deployment of a blockchain network in an IoT setting: from transactional privacy to the expected value of the digitized assets traded on the network. Wherever applicable, we identify solutions and workarounds. Our conclusion is that the blockchain-IoT combination is powerful and can cause significant transformations across several industries, paving the way for new business models and novel, distributed applications.
3,129 citations
"Blockchain Empowered Cooperative Au..." refers background in this paper
...Blockchain can construct a distributed peer-to-peer network in the internet of things in which non-trusted members can interact with each other using some contracts without a trusted arbitrator [18]....
[...]
21 May 2015
TL;DR: A decentralized personal data management system that ensures users own and control their data is described, and a protocol that turns a block chain into an automated access-control manager that does not require trust in a third party is implemented.
Abstract: The recent increase in reported incidents of surveillance and security breaches compromising users' privacy call into question the current model, in which third-parties collect and control massive amounts of personal data. Bit coin has demonstrated in the financial space that trusted, auditable computing is possible using a decentralized network of peers accompanied by a public ledger. In this paper, we describe a decentralized personal data management system that ensures users own and control their data. We implement a protocol that turns a block chain into an automated access-control manager that does not require trust in a third party. Unlike Bit coin, transactions in our system are not strictly financial -- they are used to carry instructions, such as storing, querying and sharing data. Finally, we discuss possible future extensions to block chains that could harness them into a well-rounded solution for trusted computing problems in society.
1,953 citations
"Blockchain Empowered Cooperative Au..." refers background in this paper
...(9)[37] in whichα (0 < α ≤ 1) is a parameter that can control the trend of f i j ....
[...]