LAA-D: Lightweight Authentication and Access Control Mechanism with Dual-Data Storage in Cloud-Internet of Things System Using Blockchain

IF 1.5 4区 工程技术 Q3 ENGINEERING, ELECTRICAL & ELECTRONIC
Inderpal Singh, Balraj Singh
{"title":"LAA-D: Lightweight Authentication and Access Control Mechanism with Dual-Data Storage in Cloud-Internet of Things System Using Blockchain","authors":"Inderpal Singh, Balraj Singh","doi":"10.1007/s40998-024-00748-4","DOIUrl":null,"url":null,"abstract":"<p>Internet of Things (IoT) applications are popularly involved in day-to-day life. The increase in utilization leads to an increase in network traffic. The incoming users have different intentions in the network and hence security is essential. The data user accesses the data in the cloud that is collected from IoT devices. A large-scale IoT environment has challenges in the provisioning of security as well as the management of access control mechanisms. The problem is a generation of policies and authenticating devices with minimum credentials. In this paper, Blockchain-based decentralized authentication and access control systems are designed. The process of authentication is conducted for the data owner and data user by considering identity, device type, IP address and signature, PUF, and biometric respectively. PUF stands for Physical Unclonable Function, which is a hardware-based security feature that generates a unique identifier for a device based on its physical properties, SALSA20 and PRESENT are encryption algorithms used in the proposed system to encrypt data chunks. SALSA20 is a stream cipher that generates a keystream to encrypt data, while PRESENT is a block cipher that encrypts data in fixed-size blocks These authentication credentials are managed in the blockchain. The credentials are stored in encrypted form using the Key schedule PRESENT algorithm. In the authentication of data users, the number of credentials is selected using fuzzy logic that improves security. To assure data storage security, the data is split into two chunks, and it is encrypted using SALSA20 and PRESENT algorithm. The proposed model is developed in an ifogsim simulator, and the performance metrics are evaluated in terms of authentication time, storage efficiency, running time, throughput, latency, and blocksize.</p>","PeriodicalId":49064,"journal":{"name":"Iranian Journal of Science and Technology-Transactions of Electrical Engineering","volume":"10 1","pages":""},"PeriodicalIF":1.5000,"publicationDate":"2024-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Iranian Journal of Science and Technology-Transactions of Electrical Engineering","FirstCategoryId":"5","ListUrlMain":"https://doi.org/10.1007/s40998-024-00748-4","RegionNum":4,"RegionCategory":"工程技术","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}
引用次数: 0

Abstract

Internet of Things (IoT) applications are popularly involved in day-to-day life. The increase in utilization leads to an increase in network traffic. The incoming users have different intentions in the network and hence security is essential. The data user accesses the data in the cloud that is collected from IoT devices. A large-scale IoT environment has challenges in the provisioning of security as well as the management of access control mechanisms. The problem is a generation of policies and authenticating devices with minimum credentials. In this paper, Blockchain-based decentralized authentication and access control systems are designed. The process of authentication is conducted for the data owner and data user by considering identity, device type, IP address and signature, PUF, and biometric respectively. PUF stands for Physical Unclonable Function, which is a hardware-based security feature that generates a unique identifier for a device based on its physical properties, SALSA20 and PRESENT are encryption algorithms used in the proposed system to encrypt data chunks. SALSA20 is a stream cipher that generates a keystream to encrypt data, while PRESENT is a block cipher that encrypts data in fixed-size blocks These authentication credentials are managed in the blockchain. The credentials are stored in encrypted form using the Key schedule PRESENT algorithm. In the authentication of data users, the number of credentials is selected using fuzzy logic that improves security. To assure data storage security, the data is split into two chunks, and it is encrypted using SALSA20 and PRESENT algorithm. The proposed model is developed in an ifogsim simulator, and the performance metrics are evaluated in terms of authentication time, storage efficiency, running time, throughput, latency, and blocksize.

Abstract Image

LAA-D:使用区块链的云-物联网系统中双数据存储的轻量级认证和访问控制机制
物联网(IoT)应用广泛应用于日常生活。使用率的提高导致网络流量的增加。进入网络的用户有不同的意图,因此安全至关重要。数据用户访问云中从物联网设备收集的数据。大规模物联网环境在提供安全性和管理访问控制机制方面面临挑战。问题在于如何生成策略,以及如何用最少的凭证对设备进行身份验证。本文设计了基于区块链的去中心化身份验证和访问控制系统。通过分别考虑身份、设备类型、IP 地址和签名、PUF 和生物特征,对数据所有者和数据用户进行身份验证。PUF 是物理不可克隆功能(Physical Unclonable Function)的缩写,它是一种基于硬件的安全功能,可根据设备的物理特性为其生成唯一的标识符;SALSA20 和 PRESENT 是拟议系统中用于加密数据块的加密算法。SALSA20 是一种流密码,可生成密钥流对数据进行加密,而 PRESENT 是一种块密码,可将数据加密为固定大小的块。凭证使用 Key schedule PRESENT 算法以加密形式存储。在对数据用户进行身份验证时,使用模糊逻辑来选择凭证的数量,从而提高安全性。为确保数据存储安全,数据被分成两块,并使用 SALSA20 和 PRESENT 算法进行加密。在 ifogsim 仿真器中开发了所提出的模型,并从认证时间、存储效率、运行时间、吞吐量、延迟和块大小等方面对性能指标进行了评估。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
CiteScore
5.50
自引率
4.20%
发文量
93
审稿时长
>12 weeks
期刊介绍: Transactions of Electrical Engineering is to foster the growth of scientific research in all branches of electrical engineering and its related grounds and to provide a medium by means of which the fruits of these researches may be brought to the attentionof the world’s scientific communities. The journal has the focus on the frontier topics in the theoretical, mathematical, numerical, experimental and scientific developments in electrical engineering as well as applications of established techniques to new domains in various electical engineering disciplines such as: Bio electric, Bio mechanics, Bio instrument, Microwaves, Wave Propagation, Communication Theory, Channel Estimation, radar & sonar system, Signal Processing, image processing, Artificial Neural Networks, Data Mining and Machine Learning, Fuzzy Logic and Systems, Fuzzy Control, Optimal & Robust ControlNavigation & Estimation Theory, Power Electronics & Drives, Power Generation & Management The editors will welcome papers from all professors and researchers from universities, research centers, organizations, companies and industries from all over the world in the hope that this will advance the scientific standards of the journal and provide a channel of communication between Iranian Scholars and their colleague in other parts of the world.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信