A Privacy-Enhancing Framework for Internet of Things Services

Malina, Lukáš; Srivastava, Gautam; Dzurenda, Petr; Hajný, Jan; Ricci, Sara

doi:10.1007/978-3-030-36938-5_5

Cited by 31 publications

(10 citation statements)

References 58 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Also, in addition to the application of trust evaluation for the IoT, machine learning techniques have become a powerful tool with research on security or privacy issues in the IoT environment [42]. For example, federated learning was used on edge devices to reduce the computational overhead of IoT devices in [39], and privacy was also considered when edge devices collect data from IoT devices [40]. In [41], reinforcement learning was adopted to determine the offloading strategy for healthcare IoT devices to protect location privacy and usage pattern privacy.…”

Section: Related Workmentioning

confidence: 99%

Machine Learning Empowered Trust Evaluation Method for IoT Devices

Wang

et al. 2021

IEEE Access

View full text Add to dashboard Cite

With the rapid development of the Internet of Things (IoT), malicious or affected IoT devices have imposed enormous threats on the IoT environment. To address this issue, trust has been introduced as an important security tool for discovering or identifying abnormal devices in IoT networks. However, evaluating trust for IoT devices is challenging because trust is a degree of belief with regard to various types of trust properties and is difficult to measure. Thus, a machine learning empowered trust evaluation method is proposed in this paper. With this method, the trust properties of network QoS (Quality of Service) are aggregated with a deep learning algorithm to build a behavioral model for a given IoT device, and the timedependent features of network behaviors are fully considered. Trust is also quantified as continuous numerical values by calculating the similarity between real network behaviors and network behaviors predicted by this behavioral model. Trust values can indicate the trust status of a device and are used for decision making. Finally, the proposed method is verified with experiments, and its effectiveness is described.

show abstract

Section: Related Workmentioning

confidence: 99%

Machine Learning Empowered Trust Evaluation Method for IoT Devices

Wang

et al. 2021

IEEE Access

View full text Add to dashboard Cite

show abstract

“…The verifier of the signature can only verify whether the signature comes from the signature set or not, but does not know who signed it. Therefore, the ring signature scheme [9][10][11][12] has correctness, unforgeability and unconditional anonymity.…”

Section: Introductionmentioning

confidence: 99%

A Lightweight Certificateless Aggregate Ring Signature Scheme for Privacy-preserving in Smart Grids

Wang

Wen

et al. 2021

Preprint

View full text Add to dashboard Cite

There exists a problem of user privacy leakage in the smart grids (SGs) that malicious attackers may intercept or tamper with electricity data and associate the stolen data with real users to commit crimes. Besides, node equipment resources in the SGs are limited. Aiming at the problems above, most of the existing privacy-preserving schemes apply aggregate signature to ensure the integrity of message and improve communication efficiency. However, they cannot realize the anonymity of users to block link attacks, and most of the aggregate signature verification has a high computational cost. Therefore, we propose a certificateless aggregate ring signature (CLARS) scheme based on computational Diffie-Hellman problem and decisional Diffie-Hellman problem. Our scheme is suitable for privacy-preserving in SGs. In this scheme, certificateless cryptosystem is used to avoid key escrow and certificates management problems and ring signature is used to ensure the unconditional anonymity of users. In addition, our scheme is proved to be unforgeability and unconditional anonymity under adaptively chosen message attacks against Type I and Type II adversaries in the random oracle model. Compared with previous certificateless aggregate signature (CLAS) schemes, our CLARS scheme has lower computational cost, which only needs two pairing operations.

show abstract

“…There are, in the current bibliography, many comprehensive studies about applying security frameworks to secure communications in the IoT, i.e. [16], [17], or [18]. And in particular, about MQTT communications, applying cryptographic schemes, [19], [20] or [21].…”

Section: Introductionmentioning

confidence: 99%

Message Queuing Telemetry Transport (MQTT) Security: A Cryptographic Smart Card Approach

et al. 2020

View full text Add to dashboard Cite

The Message Queuing Telemetry Transport (MQTT) protocol is one of the most extended protocols on the Internet of Things (IoT). However, this protocol does not implement a strong security scheme by default, which does not allow a secure authentication mechanism between participants in the communication. Furthermore, we cannot trust the confidentiality and integrity of data. Lightweight IoT devices send more and more sensible data in areas of Smart Building, Smart City, Smart House, Smart Car, Connected Car, Health Care, Smart Retail, Industrial IoT (IIoT), etc. This makes the security challenges in the protocols used in the IoT particularly important. The standard of MQTT protocol strongly recommends implement it over Transport Layer Security (TLS) instead of plain TCP. Nonetheless, this option is not possible in most lightweight devices that make up the IoT ecosystem. Quite often, the constrained resources of IoT devices prevent the use of secure asymmetric cryptography algorithms implemented by themselves. In this article, we propose making a security schema in MQTT protocol using Cryptographic Smart Cards, for both challenges, the authentication schema and the trusted data confidentiality and data integrity. We carry out this security schema without modifying the standard protocol messages. And finally, we present a time results experiment using an example implementation model with JavaCard library. INDEX TERMS Internet of things (IoT), javacard, message queuing telemetry transport (MQTT), mutual authentication, smart card

show abstract

A Privacy-Enhancing Framework for Internet of Things Services

Cited by 31 publications

References 58 publications

Machine Learning Empowered Trust Evaluation Method for IoT Devices

Machine Learning Empowered Trust Evaluation Method for IoT Devices

A Lightweight Certificateless Aggregate Ring Signature Scheme for Privacy-preserving in Smart Grids

Message Queuing Telemetry Transport (MQTT) Security: A Cryptographic Smart Card Approach

Contact Info

Product

Resources

About