{"title":"Classified data authentication scheme for IoT based on aggregate signature and Hyperledger Fabric","authors":"Yinjuan Deng , Shangping Wang , Qian Zhang","doi":"10.1016/j.jisa.2024.103852","DOIUrl":null,"url":null,"abstract":"<div><p>In Internet of Things (IoT) system, the data acquisition devices collect substantial volumes of diverse categories data, such as temperature, frequency and quantity data, etc., which is subsequently transmitted to the data center for analysis. To ensure precise outcomes, it is crucial to authenticate the data and their categories against any possible tampering, destruction or forgery throughout its transmission process. Traditional aggregate signature schemes are not capable of performing authentication on data as while as its category, which can lead to inefficiencies and security risks in data processing and management. On the other hand, authentication schemes relying on a central platform are susceptible to single point of failure and corruption issues at the center. To address these challenges, a novel data authentication protocol, named Classified Certificateless Aggregate Signature (CCAS), is proposed in this paper to perform aggregate authentication on data with specified categories, and is implemented in collaboration with Hyperledger Fabric. Elaborate design making the authentication is efficient and eliminating the need to manage the certificates. And an abnormal data isolation algorithm is proposed when an aggregate authentication fails, which can quickly identify abnormal data and preserves normal data. A rigorous proof on the unforgeability of the CCAS protocol is given, and multiple experiments are conducted to evaluate the scheme. The experimental results demonstrate the high efficiencies of CCAS, smart contracts on Fabric and our solution, indicating that proposed scheme is suitable for the classified authentication of IoT collection data in decentralized form.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"85 ","pages":"Article 103852"},"PeriodicalIF":3.8000,"publicationDate":"2024-08-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624001546","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
In Internet of Things (IoT) system, the data acquisition devices collect substantial volumes of diverse categories data, such as temperature, frequency and quantity data, etc., which is subsequently transmitted to the data center for analysis. To ensure precise outcomes, it is crucial to authenticate the data and their categories against any possible tampering, destruction or forgery throughout its transmission process. Traditional aggregate signature schemes are not capable of performing authentication on data as while as its category, which can lead to inefficiencies and security risks in data processing and management. On the other hand, authentication schemes relying on a central platform are susceptible to single point of failure and corruption issues at the center. To address these challenges, a novel data authentication protocol, named Classified Certificateless Aggregate Signature (CCAS), is proposed in this paper to perform aggregate authentication on data with specified categories, and is implemented in collaboration with Hyperledger Fabric. Elaborate design making the authentication is efficient and eliminating the need to manage the certificates. And an abnormal data isolation algorithm is proposed when an aggregate authentication fails, which can quickly identify abnormal data and preserves normal data. A rigorous proof on the unforgeability of the CCAS protocol is given, and multiple experiments are conducted to evaluate the scheme. The experimental results demonstrate the high efficiencies of CCAS, smart contracts on Fabric and our solution, indicating that proposed scheme is suitable for the classified authentication of IoT collection data in decentralized form.
期刊介绍:
Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.