In a research community, data sharing is an essential step to gain maximum knowledge from the prior work. Existing data sharing platforms depend on trusted third party (TTP). Due to the involvement ...of TTP, such systems lack trust, transparency, security, and immutability. To overcome these issues, this paper proposed a blockchain-based secure data sharing platform by leveraging the benefits of interplanetary file system (IPFS). A meta data is uploaded to IPFS server by owner and then divided into n secret shares. The proposed scheme achieves security and access control by executing the access roles written in smart contract by owner. Users are first authenticated through RSA signatures and then submit the requested amount as a price of digital content. After the successful delivery of data, the user is encouraged to register the reviews about data. These reviews are validated through Watson analyzer to filter out the fake reviews. The customers registering valid reviews are given incentives. In this way, maximum reviews are submitted against every file. In this scenario, decentralized storage, Ethereum blockchain, encryption, and incentive mechanism are combined. To implement the proposed scenario, smart contracts are written in solidity and deployed on local Ethereum test network. The proposed scheme achieves transparency, security, access control, authenticity of owner, and quality of data. In simulation results, an analysis is performed on gas consumption and actual cost required in terms of USD, so that a good price estimate can be done while deploying the implemented scenario in real set-up. Moreover, computational time for different encryption schemes are plotted to represent the performance of implemented scheme, which is shamir secret sharing (SSS). Results show that SSS shows the least computational time as compared to advanced encryption standard (AES) 128 and 256.
Now more and more data are being outsourced to cloud services. In order to ensure data security and privacy, data are usually stored on the cloud server in the form of ciphertext. When a user ...requests access to the encrypted data, an access key distributed by a third party is needed. However, if the third party is dishonest, the security of the system will be threatened. Faced with this problem, in this paper, we propose a new secure cloud storage framework with access control by using the Ethereum blockchain technology. Our new scheme is a combination of Ethereum blockchain and ciphertext-policy attribute-based encryption (CP-ABE). The proposed cloud storage framework is decentralized, that is, there is no trusted third party in the system. Our scheme has three main features. First, as the Ethereum blockchain technology is used, the data owner can store ciphertext of data through smart contracts in a blockchain network. Second, the data owner can set valid access periods for data usage so that the ciphertext can only be decrypted during valid access periods. Finally, as the creation and invocation of each smart contract can be stored in the blockchain, thus, the function of the trace is achieved. The analysis of the security and experiment shows that our scheme is feasible.
The intelligent and connected transportation system (ICTS) is a significant and mandatory component of the smart city architecture. Multimedia content sharing, vehicle power management, and road ...navigation are all examples of ICTS services. As smart cities continue to deploy different technologies to improve the performance and diversity of vehicular cloud services, one of the main issues that prevails is efficient and reliable service discovery and selection for smart vehicles. Furthermore, cloud service providers (SPs) are limited to the availability, variety and quality of services made available to vehicular cloud subscribers. Smart vehicles rely on a number of SPs to acquire the required services while moving. It therefore becomes challenging for vehicular cloud subscribers to acquire services that meet their quality of experience (QoE) preferences. This paper introduces a new service provision scheme to provide continuous availability of diversified cloud services targeting vehicular cloud users through a cluster-based trusted third party (TTP) framework. TTPs act as cloud service mediators between cloud service subscribers and providers. Vehicles that are considered to have similar patterns of movement and service acquisition characteristics are grouped into service-specific clusters. TTPs communicate with service providers and cluster heads to negotiate for services with high QoE characteristics. A location prediction method is adopted to determine a vehicle's future location and allow services to be negotiated for before the vehicle's arrival. We provide simulation results to show that our approach can adequately discover and deliver cloud services with increased QoE results, minimal overhead burden and reduced end-to-end latency.
Preservation of privacy of users' personal data has always been a critical issue to deal with. This issue in the Internet of Things (IoT), which facilitates millions of applications, has become even ...more challenging. Currently, several approaches and methods are available to safeguard privacy but each of them suffers from one or more anomalies. In particular, Trusted Third-Party approach relies on the trust of a third-party server, Cooperation needs the trust of other peers, Obfuscation is known to return inaccurate results, and Dummy generates too much overhead. Moreover, these and most of the other well-known approaches deal only with specific types of applications linked to the location-based services. In this paper, we present two new methods, namely: Blind Third Party (BTP) and Blind Peers ( B L P ), and combine them to form a new one to be known as the Blind Approach ( B L A ). With the help of simulation results we shall demonstrate the effectiveness and superiority of B L A over the other available methods. The simulation results also exhibit that B L A is free from all the existing problems of the other approaches. However, B L A causes a slight increase in the average (response) time, which we consider to be a minor issue. We shall also discuss the capability and superiority of the Blind Approach in the cases of E-health, Smart Transportation, and Smart Home systems.
The large-scale deployment of cloud composite services distributed over heterogeneous environments poses new challenges in terms of security management. In particular, the migration of their ...resources is facilitated by recent advances in the area of virtualization techniques. This contributes to increase the dynamics of their configuration, and may induce vulnerabilities that could compromise the security of cloud resources, or even of the whole service. In addition, cloud providers may be reluctant to share precise information regarding the configuration of their infrastructures with cloud tenants that build and deploy cloud composite services. This makes the assessment of vulnerabilities difficult to be performed with only a partial view on the overall configuration. We therefore propose in this article an inter-cloud trusted third-party approach, called C3S-TTP, for supporting secure configurations in cloud composite services, more specifically during the migration of their resources. We describe the considered architecture, its main building blocks and their interactions based on an extended version of the TOSCA orchestration language. The trusted third party is capable to perform a precise and exhaustive vulnerability assessment, without requiring the cloud provider and the cloud tenant to share critical configuration information between each other. After designing and formalizing this third party solution, we perform large series of experiments based on a proof-of-concept prototype in order to quantify its benefits and limits.
Smart grids equipped with bi-directional communication flow are expected to provide more sophisticated consumption monitoring and energy trading. However, the issues related to the security and ...privacy of consumption and trading data present serious challenges. In this paper we address the problem of providing transaction security in decentralized smart grid energy trading without reliance on trusted third parties. We have implemented a proof-of-concept for decentralized energy trading system using blockchain technology, multi-signatures, and anonymous encrypted messaging streams, enabling peers to anonymously negotiate energy prices and securely perform trading transactions. We conducted case studies to perform security analysis and performance evaluation within the context of the elicited security and privacy requirements.
Considered as a promising fine-grained access control mechanism for data sharing without a centralized trusted third-party, the access policy in a plaintext form may reveal sensitive information in ...the traditional CP-ABE method. To address this issue, a hidden policy needs to be applied to the CP-ABE scheme, as the identity of a user cannot be accurately confirmed when the decryption key is leaked, so the malicious user is traced and revoked as demanded. In this article, a CP-ABE scheme that realizes revocation, white-box traceability, and the application of hidden policy is proposed, and such ciphertext is composed of two parts. One is related to the access policy encrypted by the attribute value, and only the attribute name is evident in the access policy. Another is related to the revocation information and updated when revoking, where the revocation information is generated by the binary tree related to users. The leaf node value of a binary tree in the decryption key is used to trace the malicious user. From experimental results, it is shown that the proposed scheme is proven to be IND-CPA secure under the chosen plaintext attacks and selective access policy based on the decisional q-BDHE assumption in the standard model, efficient, and promising.
Remote data integrity checking is of great importance to the security of cloud-based information systems. Previous works generally assume a trusted third party to oversee the integrity of the ...outsourced data, which may be invalid in practice. In this paper, we utilize the blockchain to construct a novel privacy-preserving remote data integrity checking scheme for Internet of Things (IoT) information management systems without involving trusted third parties. Our scheme leverages the Lifted EC-ElGamal cryptosystem, bilinear pairing, and blockchain to support efficient public batch signature verifications and protect the security and data privacy of the IoT systems. The results of the experiment demonstrate the efficiency of our scheme.
Emerging network computing technologies extend the functionalities of industrial IoT (IIoT) terminals. However, this promising service-provisioning scheme encounters problems in untrusted and ...distributed IIoT scenarios because malicious service providers or clients may deny service provisions or usage for their own interests. Traditional nonrepudiation solutions fade in IIoT environments due to requirements of trusted third parties or unacceptable overheads. Fortunately, the blockchain revolution facilitates innovative solutions. In this paper, we propose a blockchain-based fair nonrepudiation service provisioning scheme for IIoT scenarios in which the blockchain is used as a service publisher and an evidence recorder. Each service is separately delivered via on-chain and off-chain channels with mandatory evidence submissions for nonrepudiation purpose. Moreover, a homomorphic-hash-based service verification method is designed that can function with mere on-chain evidence. And an impartial smart contract is implemented to resolve disputes. The security analysis demonstrates the dependability, and the evaluations reveal the effectiveness and efficiency.
Recently, artificial intelligence (AI) and blockchain have become two of the most trending and disruptive technologies. Blockchain technology has the ability to automate payment in cryptocurrency and ...to provide access to a shared ledger of data, transactions, and logs in a decentralized, secure, and trusted manner. Also with smart contracts, blockchain has the ability to govern interactions among participants with no intermediary or a trusted third party. AI, on the other hand, offers intelligence and decision-making capabilities for machines similar to humans. In this paper, we present a detailed survey on blockchain applications for AI. We review the literature, tabulate, and summarize the emerging blockchain applications, platforms, and protocols specifically targeting AI area. We also identify and discuss open research challenges of utilizing blockchain technologies for AI.