2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), 2018
2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 2020
There has been wide range of applications involving smart home systems for user comfort and acces... more There has been wide range of applications involving smart home systems for user comfort and accessibility to essential commodities. Users enjoy featured home services supported by the IoT smart devices. These IoT devices are resource-constrained, incapable of securing themselves and can be easily hacked. Edge computing can provide localized computations and storage which can augment such capacity limitations for IoT devices. Furthermore, blockchain has emerged as technology with capabilities to provide secure access and authentication for IoT devices in decentralized manner. In this paper, we propose an authentication scheme which integrate attribute based access control using smart contracts with ERC-20 Token (Ethereum Request For Comments) and edge computing to construct a secure framework for IoT devices in Smart home system. The edge server provide scalability to the system by offloading heavier computation tasks to edge servers. We present system architecture and design and discuss various aspects related to testing and implementation of the smart contracts. We show that our proposed scheme is secure by thoroughly analysing its security goals with respect to confidentiality, integrity and availability. Finally, we conduct a performance evaluation to demonstrate the feasibility and efficiency of the proposed scheme.
Cloud computing has become an alternative IT infrastructure where users, infrastructure providers... more Cloud computing has become an alternative IT infrastructure where users, infrastructure providers, and service providers all share and deploy resources for their business processes and applications. In order to deliver cloud services cost effectively, users' data is stored in a cloud where applications are able to perform requests from clients efficiently. As data is transferred to the cloud, data owners are concerned about the loss of control of their data and cloud service providers (CSPs) are concerned about their ability to protect data when it is moved about both within and out of its own environment. Many security and protection mechanisms have been proposed to protect cloud data by employing various policies, encryption techniques, and monitoring and auditing approaches. However, data is still exposed to potential disclosures and attacks if it is moved and located at another cloud where there is no equivalent security measure at visited sites. In a realistic cloud scenario with hierarchical service chain, the handling of data in a cloud can be delegated by a CSP to a subprovider or another. However, CSPs do not often deploy the same protection schemes. Movement of user's data is an important issue in cloud, and it has to be addressed to ensure the data is protected in an integrated manner regardless of its location in the environment. The user is concerned whether its data is located in locations covered by the service level agreement, and data operations are protected from unauthorized users. When user's data is moved to data centers located at locations different from its home, it is necessary to keep track of its locations and data operations. This chapter discusses data protection and mobility management issues in cloud environment and in particular the implementation of a trust-oriented data protection framework.
2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), 2019
Appending digital signatures and certificates to messages guarantee data integrity and ensure non... more Appending digital signatures and certificates to messages guarantee data integrity and ensure non-repudiation, but do not identify greedy authenticated nodes. Trust evolves if some reputable and trusted node verifies the node, data and evaluates the trustworthiness of the node using an accurate metric. But, even if the verifying party is a trusted centralized party, there is opacity and obscurity in computed reputation rating. The trusted party maps it with the node's identity, but how is it evaluated and what inputs derive the reputation rating remains hidden, thus concealment of transparency leads to privacy. Besides, the malevolent nodes might collude together for defamatory actions against reliable nodes, and eventually bad mouth these nodes or praise malicious nodes collaboratively. Thus, we cannot always assume the fairness of the nodes as the rating they give to any node might not be a fair one. In this paper, we propose a smart contract-based approach to update and query the reputation of nodes, stored and maintained by IPFS distributed storage. The use case particularly deals with an emergency scenario, dealing against colluding attacks. Our scheme is implemented using MATLAB simulation. The results show how smart contracts are capable of accurately identifying trustworthy nodes and record the reputation of a node transparently and immutably.
Smart Systems and IoT: Innovations in Computing, 2019
Machine learning approach is being extensively used in the area of cybersecurity in recent years ... more Machine learning approach is being extensively used in the area of cybersecurity in recent years developing solutions to protect Internet users. The use of state-based cognitive data and the increased prevalence of data mining has allowed for the amalgamation of statistical concepts with machine learning providing real-time network packet analysis with an aim to detect when an entity has intruded the network. In this paper, the use of mean squares error for packet payload aggregation, coupled with prediction techniques using Bayes and ensemble learning outputs to data clusters provide useful and important insight to generate hybrid solutions to existing data breach problems. The use of dynamic tolerance levels and countering this against the potential for false positives is central to the design of our proposed scheme. We believe that correlations between expected information against the aggregated payloads could provide sufficient level of accuracy, which is sufficient to flag certain packets for further human assessment.
Wireless Mesh Network is an emerging technology with great potential for evolving into a self-sus... more Wireless Mesh Network is an emerging technology with great potential for evolving into a self-sustained network. The traditional networks, which dominate the present day communication systems, rely on large and expensive setups of wired/wireless access points for connection between users. Unlike the traditional networks, a Wireless Mesh Network is formed by the user devices which connect to each other to form a network. The security of such networks is however very low as each data packet passes through multiple devices making it susceptible to vulnerabilities. This paper discusses a new network model that implements a strong security framework over a new routing technique. The new network model, unlike any other, features a new addressing scheme that is no longer limited by the drawbacks of the legacy systems and can hence implement better security measures.
2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), 2018
2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 2020
There has been wide range of applications involving smart home systems for user comfort and acces... more There has been wide range of applications involving smart home systems for user comfort and accessibility to essential commodities. Users enjoy featured home services supported by the IoT smart devices. These IoT devices are resource-constrained, incapable of securing themselves and can be easily hacked. Edge computing can provide localized computations and storage which can augment such capacity limitations for IoT devices. Furthermore, blockchain has emerged as technology with capabilities to provide secure access and authentication for IoT devices in decentralized manner. In this paper, we propose an authentication scheme which integrate attribute based access control using smart contracts with ERC-20 Token (Ethereum Request For Comments) and edge computing to construct a secure framework for IoT devices in Smart home system. The edge server provide scalability to the system by offloading heavier computation tasks to edge servers. We present system architecture and design and discuss various aspects related to testing and implementation of the smart contracts. We show that our proposed scheme is secure by thoroughly analysing its security goals with respect to confidentiality, integrity and availability. Finally, we conduct a performance evaluation to demonstrate the feasibility and efficiency of the proposed scheme.
Cloud computing has become an alternative IT infrastructure where users, infrastructure providers... more Cloud computing has become an alternative IT infrastructure where users, infrastructure providers, and service providers all share and deploy resources for their business processes and applications. In order to deliver cloud services cost effectively, users' data is stored in a cloud where applications are able to perform requests from clients efficiently. As data is transferred to the cloud, data owners are concerned about the loss of control of their data and cloud service providers (CSPs) are concerned about their ability to protect data when it is moved about both within and out of its own environment. Many security and protection mechanisms have been proposed to protect cloud data by employing various policies, encryption techniques, and monitoring and auditing approaches. However, data is still exposed to potential disclosures and attacks if it is moved and located at another cloud where there is no equivalent security measure at visited sites. In a realistic cloud scenario with hierarchical service chain, the handling of data in a cloud can be delegated by a CSP to a subprovider or another. However, CSPs do not often deploy the same protection schemes. Movement of user's data is an important issue in cloud, and it has to be addressed to ensure the data is protected in an integrated manner regardless of its location in the environment. The user is concerned whether its data is located in locations covered by the service level agreement, and data operations are protected from unauthorized users. When user's data is moved to data centers located at locations different from its home, it is necessary to keep track of its locations and data operations. This chapter discusses data protection and mobility management issues in cloud environment and in particular the implementation of a trust-oriented data protection framework.
2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), 2019
Appending digital signatures and certificates to messages guarantee data integrity and ensure non... more Appending digital signatures and certificates to messages guarantee data integrity and ensure non-repudiation, but do not identify greedy authenticated nodes. Trust evolves if some reputable and trusted node verifies the node, data and evaluates the trustworthiness of the node using an accurate metric. But, even if the verifying party is a trusted centralized party, there is opacity and obscurity in computed reputation rating. The trusted party maps it with the node's identity, but how is it evaluated and what inputs derive the reputation rating remains hidden, thus concealment of transparency leads to privacy. Besides, the malevolent nodes might collude together for defamatory actions against reliable nodes, and eventually bad mouth these nodes or praise malicious nodes collaboratively. Thus, we cannot always assume the fairness of the nodes as the rating they give to any node might not be a fair one. In this paper, we propose a smart contract-based approach to update and query the reputation of nodes, stored and maintained by IPFS distributed storage. The use case particularly deals with an emergency scenario, dealing against colluding attacks. Our scheme is implemented using MATLAB simulation. The results show how smart contracts are capable of accurately identifying trustworthy nodes and record the reputation of a node transparently and immutably.
Smart Systems and IoT: Innovations in Computing, 2019
Machine learning approach is being extensively used in the area of cybersecurity in recent years ... more Machine learning approach is being extensively used in the area of cybersecurity in recent years developing solutions to protect Internet users. The use of state-based cognitive data and the increased prevalence of data mining has allowed for the amalgamation of statistical concepts with machine learning providing real-time network packet analysis with an aim to detect when an entity has intruded the network. In this paper, the use of mean squares error for packet payload aggregation, coupled with prediction techniques using Bayes and ensemble learning outputs to data clusters provide useful and important insight to generate hybrid solutions to existing data breach problems. The use of dynamic tolerance levels and countering this against the potential for false positives is central to the design of our proposed scheme. We believe that correlations between expected information against the aggregated payloads could provide sufficient level of accuracy, which is sufficient to flag certain packets for further human assessment.
Wireless Mesh Network is an emerging technology with great potential for evolving into a self-sus... more Wireless Mesh Network is an emerging technology with great potential for evolving into a self-sustained network. The traditional networks, which dominate the present day communication systems, rely on large and expensive setups of wired/wireless access points for connection between users. Unlike the traditional networks, a Wireless Mesh Network is formed by the user devices which connect to each other to form a network. The security of such networks is however very low as each data packet passes through multiple devices making it susceptible to vulnerabilities. This paper discusses a new network model that implements a strong security framework over a new routing technique. The new network model, unlike any other, features a new addressing scheme that is no longer limited by the drawbacks of the legacy systems and can hence implement better security measures.
Uploads
Papers by Priyadarsi Nanda