A blockchain based secure authentication technique for ensuring user privacy in edge based smart city networks

IF 7.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Network and Computer Applications Pub Date : 2024-11-06 DOI:10.1016/j.jnca.2024.104052

Abeer Iftikhar , Kashif Naseer Qureshi , Faisal Bashir Hussain , Muhammad Shiraz , Mehdi Sookhak

{"title":"A blockchain based secure authentication technique for ensuring user privacy in edge based smart city networks","authors":"Abeer Iftikhar , Kashif Naseer Qureshi , Faisal Bashir Hussain , Muhammad Shiraz , Mehdi Sookhak","doi":"10.1016/j.jnca.2024.104052","DOIUrl":null,"url":null,"abstract":"<div><div>In the past decade, modernization of Information and Communication Technology (ICT), Edge Computing (EC), and Smart Cities has attracted significant academic interest due to its diverse applications in the fields of healthcare, transportation, agriculture, and defense. EC offers numerous advantages, including faster and more efficient services, lower latency, improved data processing, managed bandwidth consumption, scalable, real-time decision-making, security, reduced network congestion, and increased resilience. Despite these benefits, EC networks face persistent challenges, particularly related to security and privacy concerns. Addressing these security challenges requires strong authentication mechanisms, which demand extra resources like processing power and memory, often surpassing the limited capabilities of lightweight edge devices compared to cloud systems. This highlights the critical need for securing edge nodes and ensuring user privacy before real-world deployment and data transfer. User and edge device authentication is vital to prevent external and internal Impersonation and Reflection attacks that threaten system integrity and confidentiality. This paper presents a BlockChain based Authentication technique for Edge Networks (BCAuthEN) that utilizes a Consortium Blockchain (CB) with key agreements for biometric authentication, incorporating a Fuzzy Extractor (FE) to secure user biometrics and passwords. In addition, BCAuthEN offers multifactor and continuous authentication by monitoring user behavior and biometrics. BCAuthEN has been formally verified through Real-Or-Random (RoR) modeling and AVISPA tool, proving its effectiveness in enhancing privacy, and security. The proposed technique ensures robust security by preventing attackers at the potential entry points (edge nodes). In addition, BCAuthEN reduces computation cost, communication overhead and improves throughput. BCAuthEN provides strong resilience by achieving high detection accuracy and reduces false positives against impersonation and reflection attacks. Results have shown that BCAuthEN improves communication costs and reduces overhead by 10% and 7%, respectively, as compared to the recent biometric and key-based user authentication techniques.</div></div>","PeriodicalId":54784,"journal":{"name":"Journal of Network and Computer Applications","volume":"233 ","pages":"Article 104052"},"PeriodicalIF":7.7000,"publicationDate":"2024-11-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Network and Computer Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1084804524002297","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

In the past decade, modernization of Information and Communication Technology (ICT), Edge Computing (EC), and Smart Cities has attracted significant academic interest due to its diverse applications in the fields of healthcare, transportation, agriculture, and defense. EC offers numerous advantages, including faster and more efficient services, lower latency, improved data processing, managed bandwidth consumption, scalable, real-time decision-making, security, reduced network congestion, and increased resilience. Despite these benefits, EC networks face persistent challenges, particularly related to security and privacy concerns. Addressing these security challenges requires strong authentication mechanisms, which demand extra resources like processing power and memory, often surpassing the limited capabilities of lightweight edge devices compared to cloud systems. This highlights the critical need for securing edge nodes and ensuring user privacy before real-world deployment and data transfer. User and edge device authentication is vital to prevent external and internal Impersonation and Reflection attacks that threaten system integrity and confidentiality. This paper presents a BlockChain based Authentication technique for Edge Networks (BCAuthEN) that utilizes a Consortium Blockchain (CB) with key agreements for biometric authentication, incorporating a Fuzzy Extractor (FE) to secure user biometrics and passwords. In addition, BCAuthEN offers multifactor and continuous authentication by monitoring user behavior and biometrics. BCAuthEN has been formally verified through Real-Or-Random (RoR) modeling and AVISPA tool, proving its effectiveness in enhancing privacy, and security. The proposed technique ensures robust security by preventing attackers at the potential entry points (edge nodes). In addition, BCAuthEN reduces computation cost, communication overhead and improves throughput. BCAuthEN provides strong resilience by achieving high detection accuracy and reduces false positives against impersonation and reflection attacks. Results have shown that BCAuthEN improves communication costs and reduces overhead by 10% and 7%, respectively, as compared to the recent biometric and key-based user authentication techniques.

查看原文本刊更多论文

基于区块链的安全认证技术，确保基于边缘的智慧城市网络中的用户隐私

在过去十年中，信息与通信技术（ICT）的现代化、边缘计算（EC）和智能城市因其在医疗保健、交通、农业和国防等领域的广泛应用而引起了学术界的极大兴趣。边缘计算具有众多优势，包括更快、更高效的服务、更低的延迟、更好的数据处理、可控的带宽消耗、可扩展的实时决策、安全性、减少网络拥塞和提高弹性。尽管有这些优势，EC 网络仍面临持续的挑战，特别是与安全和隐私有关的问题。应对这些安全挑战需要强大的认证机制，这需要额外的资源，如处理能力和内存，与云系统相比，轻量级边缘设备的能力往往有限。这凸显了在实际部署和数据传输之前确保边缘节点安全和用户隐私的迫切需要。用户和边缘设备身份验证对于防止威胁系统完整性和保密性的外部和内部冒名顶替和反射攻击至关重要。本文介绍了一种基于区块链的边缘网络身份验证技术（BCAuthEN），该技术利用具有密钥协议的联盟区块链（CB）进行生物识别身份验证，并结合模糊提取器（FE）来确保用户生物识别和密码的安全。此外，BCAuthEN 还可通过监控用户行为和生物特征，提供多因素和持续的身份验证。BCAuthEN 已通过真实或随机（RoR）建模和 AVISPA 工具进行了正式验证，证明了其在增强隐私和安全性方面的有效性。所提出的技术通过在潜在入口点（边缘节点）防止攻击者，确保了稳健的安全性。此外，BCAuthEN 还降低了计算成本和通信开销，提高了吞吐量。BCAuthEN 具有很高的检测精度，减少了针对冒充和反射攻击的误报，从而提供了强大的恢复能力。结果表明，与最新的基于生物特征和密钥的用户身份验证技术相比，BCAuthEN 的通信成本和开销分别降低了 10% 和 7%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Network and Computer Applications 工程技术-计算机：跨学科应用

CiteScore

21.50

自引率

3.40%

发文量

142

审稿时长

37 days

期刊介绍： The Journal of Network and Computer Applications welcomes research contributions, surveys, and notes in all areas relating to computer networks and applications thereof. Sample topics include new design techniques, interesting or novel applications, components or standards; computer networks with tools such as WWW; emerging standards for internet protocols; Wireless networks; Mobile Computing; emerging computing models such as cloud computing, grid computing; applications of networked systems for remote collaboration and telemedicine, etc. The journal is abstracted and indexed in Scopus, Engineering Index, Web of Science, Science Citation Index Expanded and INSPEC.