• Title/Summary/Keyword: Secure IoT

Search Result 254, Processing Time 0.027 seconds

Secure SLA Management Using Smart Contracts for SDN-Enabled WSN

  • Emre Karakoc;Celal Ceken
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.17 no.11
    • /
    • pp.3003-3029
    • /
    • 2023
  • The rapid evolution of the IoT has paved the way for new opportunities in smart city domains, including e-health, smart homes, and precision agriculture. However, this proliferation of services demands effective SLAs between customers and service providers, especially for critical services. Difficulties arise in maintaining the integrity of such agreements, especially in vulnerable wireless environments. This study proposes a novel SLA management model that uses an SDN-Enabled WSN consisting of wireless nodes to interact with smart contracts in a straightforward manner. The proposed model ensures the persistence of network metrics and SLA provisions through smart contracts, eliminating the need for intermediaries to audit payment and compensation procedures. The reliability and verifiability of the data prevents doubts from the contracting parties. To meet the high-performance requirements of the blockchain in the proposed model, low-cost algorithms have been developed for implementing blockchain technology in wireless sensor networks with low-energy and low-capacity nodes. Furthermore, a cryptographic signature control code is generated by wireless nodes using the in-memory private key and the dynamic random key from the smart contract at runtime to prevent tampering with data transmitted over the network. This control code enables the verification of end-to-end data signatures. The efficient generation of dynamic keys at runtime is ensured by the flexible and high-performance infrastructure of the SDN architecture.

Verifying a Safe P2P Security Protocol in M2M Communication Environment (M2M 통신환경에서 안전한 P2P 보안 프로토콜 검증)

  • Han, Kun-Hee;Bae, Woo-Sik
    • Journal of Digital Convergence
    • /
    • v.13 no.5
    • /
    • pp.213-218
    • /
    • 2015
  • In parallel with evolving information communication technology, M2M(Machine-to-Machine) industry has implemented multi-functional and high-performance systems, and made great strides with IoT(Internet of Things) and IoE(Internet of Everything). Authentication, confidentiality, anonymity, non-repudiation, data reliability, connectionless and traceability are prerequisites for communication security. Yet, the wireless transmission section in M2M communication is exposed to intruders' attacks. Any security issues attributable to M2M wireless communication protocols may lead to serious concerns including system faults, information leakage and privacy challenges. Therefore, mutual authentication and security are key components of protocol design. Recently, secure communication protocols have been regarded as highly important and explored as such. The present paper draws on hash function, random numbers, secret keys and session keys to design a secure communication protocol. Also, this paper tests the proposed protocol with a formal verification tool, Casper/FDR, to demonstrate its security against a range of intruders' attacks. In brief, the proposed protocol meets the security requirements, addressing the challenges without any problems.

Secret Key and Tag Generation for IIoT Systems Based on Edge Computing

  • Koh, Giheon;Yu, Heungsik;Kim, Sungun
    • Journal of Multimedia Information System
    • /
    • v.8 no.1
    • /
    • pp.57-60
    • /
    • 2021
  • Industry 4.0 is continuous automation by applying the latest smart technologies to traditional manufacturing industries. It means that large-scale M2M (Machine-to-Machine) communication and IoT (Internet of Things) technologies are well integrated to build efficient production systems by analyzing and diagnosing various issues without human intervention. Edge computing is widely used for M2M services that handle real-time interactions between devices at industrial machinery tool sites. Here, secure data transmission is required while interacting. Thus, this paper focused on a method of creating and maintaining secret key and security tag used for message authentication between end-devices and edge-device.

MITM Attack on Bluetooth Pairing in Passkey Entry Mode and Its Countermeasure (블루투스 Passkey Entry 인증 모드에 대한 MITM 공격과 대응방법)

  • Lee, Jearyong;Choi, Wonsuk;Lee, DongHoon
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.5 no.12
    • /
    • pp.481-490
    • /
    • 2016
  • Bluetooth utilizes a symmetric key that is exchanged at the first pairing to establish a secure channel. There are four authentication modes which enables device authentication, Just work, Passkey Entry, Out of Band, and Numeric Comparison. Up to now, Just work has been considered as the authentication mode that is vulnerable to Man-In-The-Middle (MITM) Attack. In addition, it is possible to intentionally change any authentication mode to Just work mode, in order to succeed in MITM Attack under Just work mode. However, this kind of attacks have just worked under the assumption that users should not notice that authentication mode was changed. In this paper, We analyze the specification of Secure Simple Pairing, LE Legacy Pairing and LE Secure Connection Pairing. When using Passkey Entry mode on each approach, it seems the MITM attack is possible. Also it offers Passkey Entry MITM attack that does not require assumptions about the user's fault, because it isn't change verification process of the authentication mode unlike traditional attacks. We implement the proposed MITM attacks. Also we presents a scenario in which an attack can be exploited and a countermeasure.

A Study on the Establishment of Entropy Source Model Using Quantum Characteristic-Based Chips (양자 특성 기반 칩을 활용한 엔트로피 소스 모델 수립 방법에 관한 연구)

  • Kim, Dae-Hyung;Kim, Jubin;Ji, Dong-Hwa
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2021.10a
    • /
    • pp.140-142
    • /
    • 2021
  • Mobile communication technology after 5th generation requires high speed, hyper-connection, and low latency communication. In order to meet technical requirements for secure hyper-connectivity, low-spec IoT devices that are considered the end of IoT services must also be able to provide the same level of security as high-spec servers. For the purpose of performing these security functions, it is required for cryptographic keys to have the necessary degree of stability in cryptographic algorithms. Cryptographic keys are usually generated from cryptographic random number generators. At this time, good noise sources are needed to generate random numbers, and hardware random number generators such as TRNG are used because it is difficult for the low-spec device environment to obtain sufficient noise sources. In this paper we used the chip which is based on quantum characteristics where the decay of radioactive isotopes is unpredictable, and we presented a variety of methods (TRNG) obtaining an entropy source in the form of binary-bit series. In addition, we conducted the NIST SP 800-90B test for the entropy of output values generated by each TRNG to compare the amount of entropy with each method.

  • PDF

A Study on Next-Generation Data Protection Based on Non File System for Spreading Smart Factory (스마트팩토리 확산을 위한 비파일시스템(None File System) 기반의 차세대 데이터보호에 관한 연구)

  • Kim, Seungyong;Hwang, Incheol;Kim, Dongsik
    • Journal of the Society of Disaster Information
    • /
    • v.17 no.1
    • /
    • pp.176-183
    • /
    • 2021
  • Purpose: The introduction of smart factories that reflect the 4th industrial revolution technologies such as AI, IoT, and VR, has been actively promoted in Korea. However, in order to solve various problems arising from existing file-based operating systems, this research will focus on identifying and verifying non-file system-based data protection technology. Method: The research will measure security storage that cannot be identified or controlled by the operating system. How to activate secure storage based on the input of digital key values. Establish a control unit that provides input and output information based on BIOS activation. Observe non-file-type structure so that mapping behavior using second meta-data can be performed according to the activation of the secure storage. Result: First, the creation of non-file system-based secure storage's data input/output were found to match the hash function value of the sample data with the hash function value of the normal storage and data. Second, the data protection performance experiments in secure storage were compared to the hash function value of the original file with the hash function value of the secure storage after ransomware activity to verify data protection performance against malicious ransomware. Conclusion: Smart factory technology is a nationally promoted technology that is being introduced to the public and this research implemented and experimented on a new concept of data protection technology to protect crucial data within the information system. In order to protect sensitive data, implementation of non-file-type secure storage technology that is non-dependent on file system is highly recommended. This research has proven the security and safety of such technology and verified its purpose.

S-FEAR: Secure-Fuzzy Energy Aware Routing Protocol for Wireless Sensor Networks

  • Almomani, Iman;Saadeh, Maha
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.12 no.4
    • /
    • pp.1436-1457
    • /
    • 2018
  • Secure routing services in Wireless Sensor Networks (WSNs) are essential, especially in mission critical fields such as the military and in medical applications. Additionally, they play a vital role in the current and future Internet of Things (IoT) services. Lightness and efficiency of a routing protocol are not the only requirements that guarantee success; security assurance also needs to be enforced. This paper proposes a Secure-Fuzzy Energy Aware Routing Protocol (S-FEAR) for WSNs. S-FEAR applies a security model to an existing energy efficient FEAR protocol. As part of this research, the S-FEAR protocol has been analyzed in terms of the communication and processing costs associated with building and applying this model, regardless of the security techniques used. Moreover, the Qualnet network simulator was used to implement both FEAR and S-FEAR after carefully selecting the following security techniques to achieve both authentication and data integrity: the Cipher Block Chaining-Message Authentication Code (CBC-MAC) and the Elliptic Curve Digital Signature Algorithm (ECDSA). The performance of both protocols was assessed in terms of complexity and energy consumption. The results reveal that achieving authentication and data integrity successfully excluded all attackers from the network topology regardless of the percentage of attackers. Consequently, the constructed topology is secure and thus, safe data transmission over the network is ensured. Simulation results show that using CBC-MAC for example, costs 0.00064% of network energy while ECDSA costs about 0.0091%. On the other hand, attacks cost the network about 4.7 times the cost of applying these techniques.

An ID-based Broadcast Encryption Scheme for Cloud-network Integration in Smart Grid

  • Niu, Shufen;Fang, Lizhi;Song, Mi;Yu, Fei;Han, Song
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.15 no.9
    • /
    • pp.3365-3383
    • /
    • 2021
  • The rapid growth of data has successfully promoted the development of modern information and communication technologies, which are used to process data generated by public urban departments and citizens in modern cities. In specific application areas where the ciphertext of messages generated by different users' needs to be transmitted, the concept of broadcast encryption is important. It can not only improve the transmission efficiency but also reduce the cost. However, the existing schemes cannot entirely ensure the privacy of receivers and dynamically adjust the user authorization. To mitigate these deficiencies, we propose an efficient, secure identity-based broadcast encryption scheme that achieves direct revocation and receiver anonymity, along with the analysis of smart grid solutions. Moreover, we constructed a security model to ensure wireless data transmission under cloud computing and internet of things integrated devices. The achieved results reveal that the proposed scheme is semantically secure in the random oracle model. The performance of the proposed scheme is evaluated through theoretical analysis and numerical experiments.

Quantum Communication Technology for Future ICT - Review

  • Singh, Sushil Kumar;Azzaoui, Abir El;Salim, Mikail Mohammed;Park, Jong Hyuk
    • Journal of Information Processing Systems
    • /
    • v.16 no.6
    • /
    • pp.1459-1478
    • /
    • 2020
  • In the last few years, quantum communication technology and services have been developing in various advanced applications to secure the sharing of information from one device to another. It is a classical commercial medium, where several Internet of Things (IoT) devices are connected to information communication technology (ICT) and can communicate the information through quantum systems. Digital communications for future networks face various challenges, including data traffic, low latency, deployment of high-broadband, security, and privacy. Quantum communication, quantum sensors, quantum computing are the solutions to address these issues, as mentioned above. The secure transaction of data is the foremost essential needs for smart advanced applications in the future. In this paper, we proposed a quantum communication model system for future ICT and methodological flow. We show how to use blockchain in quantum computing and quantum cryptography to provide security and privacy in recent information sharing. We also discuss the latest global research trends for quantum communication technology in several countries, including the United States, Canada, the United Kingdom, Korea, and others. Finally, we discuss some open research challenges for quantum communication technology in various areas, including quantum internet and quantum computing.

A Study on the Lightening of the Block Chain for Improving Congestion Network in M2M Environment (M2M 환경의 혼잡 네트워크 개선을 위한 블록체인 경량화에 대한 연구)

  • Kim, Sanggeun
    • Journal of Korea Society of Digital Industry and Information Management
    • /
    • v.14 no.3
    • /
    • pp.69-75
    • /
    • 2018
  • Recently, various convergence technologies are attracting attention due to the block chain innovation technology in the M2M environment. Although the block-chain-based technology is known to be secure in its own right, there are various problems such as security and weight reduction in various M2M environments connected with this. In this paper, we propose a new lightweight method for the hash tree generation of block chains to solve the lightweight problem. It is designed considering extensibility without affecting the existing block chain. Performance analysis shows that the computation performance increases with decreasing the existing hash length.