BACP-IeFC:在物联网支持的雾计算环境中设计基于区块链的访问控制协议

Akhil Chaurasia, Alok Kumar, Udai Pratap Rao
{"title":"BACP-IeFC:在物联网支持的雾计算环境中设计基于区块链的访问控制协议","authors":"Akhil Chaurasia, Alok Kumar, Udai Pratap Rao","doi":"10.1007/s10586-024-04656-4","DOIUrl":null,"url":null,"abstract":"<p>The increasing number of edge layer devices connected to fog servers in fog computing environments has led to a rise in vulnerable and unauthorized actions. Implementing authorized access control with secure key management is essential to address this issue. As the traditional key management methods rely on third-party involvement, which suffers from drawbacks such as single points of failure and inconsistent key management in centralized architecture, so establishing efficient and secure key management between edge devices while ensuring effective access control is the main challenge in the digital environment. This study introduces a novel Blockchain-Based Access Control Protocol in IoT-Enabled Fog Computing (BACP-IeFC) environment for intra-network, inter-network, and mobile device communication models. The BACP-IeFC protocol eliminates the necessity for third-party intermediaries by leveraging Elliptic Curve Cryptography (ECC) for secure data sharing and hash chains for key pair generation. The BACP-IeFC protocol utilizes session keys generated by fog servers, which are securely recorded on a blockchain, ensuring robust authentication at edge devices. A Permissioned Blockchain is also used for secure key storage at the fog layer. The BACP-IeFC security has undergone comprehensive evaluation, including testing its session key (SK) security under the Real-or-Random (ROR) model, confirming its effectiveness in achieving SK security. An informal security analysis confirms the BACP-IeFC protocol resilience against known attacks. For the formal security verification, the BACP-IeFC protocol utilized the ProVerif security tool, and the results show that it is secure against major attacks. Additionally, the performance analysis of the proposed protocol using MIRACL shows a significant improvement in computation overhead, communication, storage cost, and energy consumption cost compared to existing protocols. The scalability and latency analysis of the BACP-IeFC protocol demonstrates that it supports high scalability with low latency costs. The BACP-IeFC protocol is implemented on Truffle Blockchain using Ethereum 2.0, and a lightweight Proof of Authority (PoA) consensus algorithm demonstrates that the BACP-IeFC protocol significantly outperformed existing protocols in terms of average response time for edge device registration time, authentication time, and block preparation time.</p>","PeriodicalId":501576,"journal":{"name":"Cluster Computing","volume":"92 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2024-07-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"BACP-IeFC: designing blockchain-based access control protocol in IoT-enabled fog computing environment\",\"authors\":\"Akhil Chaurasia, Alok Kumar, Udai Pratap Rao\",\"doi\":\"10.1007/s10586-024-04656-4\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>The increasing number of edge layer devices connected to fog servers in fog computing environments has led to a rise in vulnerable and unauthorized actions. Implementing authorized access control with secure key management is essential to address this issue. As the traditional key management methods rely on third-party involvement, which suffers from drawbacks such as single points of failure and inconsistent key management in centralized architecture, so establishing efficient and secure key management between edge devices while ensuring effective access control is the main challenge in the digital environment. This study introduces a novel Blockchain-Based Access Control Protocol in IoT-Enabled Fog Computing (BACP-IeFC) environment for intra-network, inter-network, and mobile device communication models. The BACP-IeFC protocol eliminates the necessity for third-party intermediaries by leveraging Elliptic Curve Cryptography (ECC) for secure data sharing and hash chains for key pair generation. The BACP-IeFC protocol utilizes session keys generated by fog servers, which are securely recorded on a blockchain, ensuring robust authentication at edge devices. A Permissioned Blockchain is also used for secure key storage at the fog layer. The BACP-IeFC security has undergone comprehensive evaluation, including testing its session key (SK) security under the Real-or-Random (ROR) model, confirming its effectiveness in achieving SK security. An informal security analysis confirms the BACP-IeFC protocol resilience against known attacks. For the formal security verification, the BACP-IeFC protocol utilized the ProVerif security tool, and the results show that it is secure against major attacks. Additionally, the performance analysis of the proposed protocol using MIRACL shows a significant improvement in computation overhead, communication, storage cost, and energy consumption cost compared to existing protocols. The scalability and latency analysis of the BACP-IeFC protocol demonstrates that it supports high scalability with low latency costs. The BACP-IeFC protocol is implemented on Truffle Blockchain using Ethereum 2.0, and a lightweight Proof of Authority (PoA) consensus algorithm demonstrates that the BACP-IeFC protocol significantly outperformed existing protocols in terms of average response time for edge device registration time, authentication time, and block preparation time.</p>\",\"PeriodicalId\":501576,\"journal\":{\"name\":\"Cluster Computing\",\"volume\":\"92 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2024-07-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Cluster Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1007/s10586-024-04656-4\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cluster Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1007/s10586-024-04656-4","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

摘要

在雾计算环境中,连接到雾服务器的边缘层设备数量不断增加,导致易受攻击和未经授权的行为增多。要解决这一问题,必须通过安全密钥管理实施授权访问控制。由于传统的密钥管理方法依赖第三方参与,存在单点故障和集中式架构下密钥管理不一致等弊端,因此在确保有效访问控制的同时,在边缘设备之间建立高效、安全的密钥管理是数字环境中面临的主要挑战。本研究针对网络内、网络间和移动设备通信模型,在物联网支持的雾计算(BACP-IeFC)环境中引入了一种新颖的基于区块链的访问控制协议。BACP-IeFC 协议利用椭圆曲线加密算法(ECC)实现安全数据共享,利用哈希链生成密钥对,从而消除了第三方中介的必要性。BACP-IeFC 协议利用雾服务器生成的会话密钥,并将其安全地记录在区块链上,从而确保边缘设备的稳健验证。许可区块链还用于在雾层安全存储密钥。BACP-IeFC 的安全性经过了全面评估,包括在真实或随机(ROR)模型下测试其会话密钥(SK)安全性,确认了其在实现 SK 安全性方面的有效性。非正式安全分析证实了 BACP-IeFC 协议对已知攻击的抵御能力。在正式的安全验证中,BACP-IeFC 协议使用了 ProVerif 安全工具,结果表明它能安全地抵御主要攻击。此外,使用 MIRACL 对拟议协议进行的性能分析表明,与现有协议相比,该协议在计算开销、通信、存储成本和能耗成本方面都有显著改善。BACP-IeFC 协议的可扩展性和延迟分析表明,它支持高扩展性和低延迟成本。BACP-IeFC协议是在使用以太坊2.0的Truffle区块链上实现的,轻量级权威证明(PoA)共识算法表明,BACP-IeFC协议在边缘设备注册时间、认证时间和区块准备时间的平均响应时间方面明显优于现有协议。
本文章由计算机程序翻译,如有差异,请以英文原文为准。

BACP-IeFC: designing blockchain-based access control protocol in IoT-enabled fog computing environment

BACP-IeFC: designing blockchain-based access control protocol in IoT-enabled fog computing environment

The increasing number of edge layer devices connected to fog servers in fog computing environments has led to a rise in vulnerable and unauthorized actions. Implementing authorized access control with secure key management is essential to address this issue. As the traditional key management methods rely on third-party involvement, which suffers from drawbacks such as single points of failure and inconsistent key management in centralized architecture, so establishing efficient and secure key management between edge devices while ensuring effective access control is the main challenge in the digital environment. This study introduces a novel Blockchain-Based Access Control Protocol in IoT-Enabled Fog Computing (BACP-IeFC) environment for intra-network, inter-network, and mobile device communication models. The BACP-IeFC protocol eliminates the necessity for third-party intermediaries by leveraging Elliptic Curve Cryptography (ECC) for secure data sharing and hash chains for key pair generation. The BACP-IeFC protocol utilizes session keys generated by fog servers, which are securely recorded on a blockchain, ensuring robust authentication at edge devices. A Permissioned Blockchain is also used for secure key storage at the fog layer. The BACP-IeFC security has undergone comprehensive evaluation, including testing its session key (SK) security under the Real-or-Random (ROR) model, confirming its effectiveness in achieving SK security. An informal security analysis confirms the BACP-IeFC protocol resilience against known attacks. For the formal security verification, the BACP-IeFC protocol utilized the ProVerif security tool, and the results show that it is secure against major attacks. Additionally, the performance analysis of the proposed protocol using MIRACL shows a significant improvement in computation overhead, communication, storage cost, and energy consumption cost compared to existing protocols. The scalability and latency analysis of the BACP-IeFC protocol demonstrates that it supports high scalability with low latency costs. The BACP-IeFC protocol is implemented on Truffle Blockchain using Ethereum 2.0, and a lightweight Proof of Authority (PoA) consensus algorithm demonstrates that the BACP-IeFC protocol significantly outperformed existing protocols in terms of average response time for edge device registration time, authentication time, and block preparation time.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信