A blockchain-enabled security management framework for mobile edge computing

Mobile edge computing (MEC) integrates mobile and edge computing technologies to provide efficient computing services with low latency. It includes several Internet of Things (IoT) and edge devices that process the user data at the network's edge. The architectural characteristic of MEC supports many internet-based services, which attract more number of users, including attackers. The safety and privacy of the MEC environment, especially user information is a significant concern. A lightweight accessing and sharing protocol is required because edge devices are resource constraints. This paper addresses this issue by proposing a blockchain-enabled security management framework for MEC environments. This approach provides another level of security and includes blockchain security features like temper resistance, immutable, transparent, traceable, and distributed ledger in the MEC environment. The framework guarantees secure data storage in the MEC environment. The contributions of this paper are twofold: (1) We propose a blockchain-enabled security management framework for MEC environments that address the security and privacy concerns, and (2) we demonstrate through simulations that the framework has high performance and is suitable for resource-constrained MEC devices. In addition, a smart contract-based access and sharing mechanism is proposed. Our research uses a combination of theoretical analysis and simulation experiments to demonstrate that the proposed framework offers high security, low latency, legitimate access, high throughput, and low operations cost.     

移动互联网安全审计云

基于移动互联网的信息技术产品为人们带来随时随地便捷上网的同时,也迫使人们不得不考虑移动互联网对传统安全审计系统的威胁。目前,现有的安全审计系统只能对局域网内部进行监控,无法对具有跨地域、跨网段特点的移动互联网设备进行实时和持续的审计。文中提出了一种针对移动互联网设备的安全审计框架,利用嵌入式智能探针技术,并结合现有云平台和大数据处理技术,提出了跨地区跨网段移动互联网审计云,来应对移动互联网安全审计的新挑战。     

基于物联网技术的智能电网数据安全问题研究进展

为了保护智能电网设备中的核心数据与用户的个人隐私,分布式计算和同态加密等多项物联网安全技术逐渐受到了关注。近年来,物联网技术的发展推动了电网智能化的快速普及,而智能电网的应用又促进了物联网技术的更新。文中通过介绍智能电网所面临的多种攻击方法,回顾、梳理了智能电网数据安全问题的研究背景和现状。在此基础上,探讨与分析了虚假数据注入攻击及个人隐私保护问题的定义,展望了智能电网数据安全技术未来的研究方向和思路。     

Provable analysis and improvement of smart card–based anonymous authentication protocols

Nowadays, authentication protocols are essential for secure communications specially for roaming networks, distributed computer networks, and remote wireless communication. The numerous users in these networks rise vulnerabilities. Thus, privacy‐preserving methods have to be run to provide more reliable services and sustain privacy. Anonymous authentication is a method to remotely authenticate users with no revelation about their identity. In this paper, we analyze 2 smart card–based protocols that the user's identity is anonymous. However, we represent that they are vulnerable to privileged insider attack. It means that the servers can compromise the users' identity for breaking their privacy. Also, we highlight that the Wen et al protocol has flaws in both stolen smart card and stolen server attacks and the Odelu et al protocol is traceable. Then, we propose 2 modified anonymous authentication protocols. Finally, we analyze our improved protocols with both heuristic and formal methods.     

Towards Privacy Protection in Smart Grid

The smart grid is an electronically controlled electrical grid that connects power generation, transmission, distribution, and consumers using information communication technologies. One of the key characteristics of the smart grid is its support for bi-directional information flow between the consumer of electricity and the utility provider. This two-way interaction allows electricity to be generated in real-time based on consumers’ demands and power requests. As a result, consumer privacy becomes an important concern when collecting energy usage data with the deployment and adoption of smart grid technologies. To protect such sensitive information it is imperative that privacy protection mechanisms be used to protect the privacy of smart grid users. We present an analysis of recently proposed smart grid privacy solutions and identify their strengths and weaknesses in terms of their implementation complexity, efficiency, robustness, and simplicity.     

PSMECS: A provably secure ID-based communication in mobile edge computing

Human-centered systems play an important role in the modern world, for example, driverless car, autonomous and smart vehicles, drones, and robotics. The internet of things environment demands a faster real-time response depending on the applications processed in a particular duration. Mobile edge computing (MEC) allows a user to get a real-time response as compared with cloud computing (CC), although ensuring a number of security attributes in MEC environment remains challenging. In this article, a protocol is designed to achieve mutual authentication, anonymous communication, and security against traceability, as these are very crucial factors to ensure the security of data and user's privacy. Moreover, the proposed scheme ensures mutual authentication between a mobile user and an edge server along with the user's anonymity and untraceability. The proof of security and evaluation of performance of the scheme validates that it ensures security attributes and improves efficiency in terms of communication and computation overheads.     

IoT/CPS的安全体系结构及关键技术

物联网（IoT）和信息物理融合系统（CPS）作为下一代网络的核心技术,被业界广泛关注。与传统网络不同,IoT/CPS异构融合、协同自治、开放互连的网络特性带来了巨大的系统安全方面的挑战。挑战包括安全协议的无缝衔接、用户隐私保护等。研发新的安全模型、关键安全技术和方法是IoT/CPS发展中的重点。文章基于IoT/CPS安全需求和威胁模型,提出了一种层次化的安全体系结构,并针对隐私保护、跨网认证和安全控制等IoT/CPS的关键安全技术展开讨论。     

“互联网+电子政务”云平台构建及云存储安全策略研究

随着云计算、大数据、智慧城市、5G等新兴技术的快速发展,电子政务的体系架构、系统实施与安全保障技术迎来了新的机遇与挑战。同时,云计算在提供服务的同时也面临着诸多安全问题,信息资源的安全存储与用户隐私保护即是其中之一。本文首先基于云计算技术,设计了"互联网+电子政务"云平台的框架体系,然后针对电子政务服务体系中的云存储安全展开研究,提出了平台中信息资源全生命周期安全存储模型,以便保护信息资源在整个生命周期中都不会被攻击者获得。安全性分析表明,方案能够隐藏存储在云端的电子政务资源的特征,保障数据安全存储,并能对用户个人信息提供有效保护。     

智能电网环境下用户行为可信数据安全交换研究

随着智能电网的建设,电力信息网络越来越复杂,为了解决电力信息网络环境下各信息孤岛之间、电力企业与电力用户之间数据交换和共享的安全,提出智能电网环境下用户行为可信数据安全交换:在客户端,记录数据的基本属性及用户操作;通过统一的安全交换协议进行信息传输;在服务端,依据数据属性和用户操作通过配置策略过滤数据,使用关联分析分析用户异常行为,并采用用户行为可信技术对用户行为进行可信检查。通过分析,用户行为可信数据交换能够在异构环境下从数据传输、数据安全和用户行为可信三方面确保数据的安全交换。     

基于簇的分布式认知无线电网络安全体系结构

针对认知无线电网络中出现的模仿主用户攻击和自私行为攻击问题,提出一种基于簇的分布式认知无线电网络安全体系结构.这种安全体系结构通过采用数据加密和认证等安全技术解决无线网络中原有的安全问题,通过在主用户基站与认知用户间使用Hash匹配技术可解决模仿主用户攻击问题,通过簇头向目的节点发送转发节点的可用频谱信息可解决自私行为攻击问题.由分析可知该安全体系结构是安全、高效和可行的.     

基于雾计算的智能电表用户虚拟环隐私保护方案

作为智能电网的基础组件,智能电表(SMS)可以定期向电力公司报告用户的详细用电量数据。但是智能电表也带来了一些安全问题,比如用户隐私泄露。该文提出了一种基于虚拟环的隐私保护方案,可以提供用电数据和用户身份的隐私,使攻击者无法知道匹配电力数据与用户身份的关系。在所提方案中,智能电表可以利用其虚拟环成员身份对其真实身份进行匿名化,并利用非对称加密和Paillier同态系统对其获得的用电量数据生成密文数据;然后智能电表将密文数据发送给其连接的雾节点,雾节点定期采集其管理的智能电表的密文数据。同时,雾节点对这些智能电表的虚拟环身份进行验证,然后将收集到的密文数据聚合并发送给控制中心;最后控制中心对聚合后的密文进行解密,得到用电量数据。实验结果表明所提方案在计算和通信成本上具有一定的优势。     

BDN-GWMNN: Internet of Things (IoT) Enabled Secure Smart City Applications

Nowadays, next-generation networks such as the Internet of Things (IoT) and 6G are played a vital role in providing an intelligent environment. The development of technologies helps to create smart city applications like the healthcare system, smart industry, and smart water plan, etc. Any user accesses the developed applications; at the time, security, privacy, and confidentiality arechallenging to manage. So, this paper introduces the blockchain-defined networks with a grey wolf optimized modular neural network approach for managing the smart environment security. During this process, construction, translation, and application layers are created, in which user authenticated based blocks are designed to handle the security and privacy property. Then the optimized neural network is applied to maintain the latency and computational resource utilization in IoT enabled smart applications. Then the efficiency of the system is evaluated using simulation results, in which system ensures low latency, high security (99.12%) compared to the multi-layer perceptron, and deep learning networks.

     

Channel discovery algorithms for interference avoidance in smart grid communication networks: a survey

Smart grid technology has attracted a lot of attention in the communication and power engineering communities because of its high efficiency and environmental friendly power production and delivery. Smart grid communication networks act as not only a bridge between the end power users and the utility but also a backbone of the entire smart grid system. It is a challenging task to deploy smart grid communication networks because of interference‐intensive environment. The goal of this paper is to explore various issues on deployment of smart grid communication networks. The first half of this paper provides a survey on smart grid communication networks. The background of smart grid communication networks is introduced, and the IEEE 802.15.4g standard for smart utility networks is reviewed. In addition, the issues on network topology and routing protocols of smart utility networks are addressed, followed by the discussions on optimizing gateway deployment. Various methods for addressing coexistence issues in smart grid communication networks are presented. The second half of this paper is to propose a channel discovery algorithm exploiting the inherent CSMA/CA mechanism in the protocols. Because of the use of CSMA/CA mechanism and up‐to‐date channel status table, the proposed algorithm can quickly find an available channel for transmission when interferences occur. Copyright © 2014 John Wiley & Sons, Ltd.     

Improving user content privacy on social networks using rights management systems

Currently, millions and millions of users are using online social networks to share their thoughts, experiences and content with online friends. Documents, videos, music and pictures are shared online, relying on the privacy and security controls offered by the social network platforms, with little control from the end user. This creates serious privacy concerns, since the control over the content shared online on the social network is out of the hands of the user. In this paper, the authors propose an approach for content privacy shared on social networks that is user-centric and not based on the social network platform. In order to achieve that, an architecture based on a rights management platform capable of enforcing the necessary security and privacy mechanisms that extend the original controls provided by the social network platform will be presented. That way, users will be able to control their privacy settings and protect their own content, even when they are no longer part of the social network (suspending or deleting its account).     

面向6G的雾无线接入网内生安全数据共享机制研究

为解决6G移动通信系统中雾无线接入网中数据共享的数据安全问题,提出了一种实现本地差分隐私和动态批量审计的内生安全数据共享机制.首先,用户本地对数据运行RAPPOR算法保护数据隐私;其次,雾接入点对数据进行缓存和预处理;再次,大功率节点对雾接入点上的数据进行基于BLS签名和Merkle哈希树的数据完整性审计;最后,BBU...     

A web service‐based internet of things framework for mobile resource augmentation

Mobile devices are the primary communication tool in day to day life of the people. Nowadays, the enhancement of the mobile applications namely IoTApps and their exploitation in various domains like healthcare monitoring, home automation, smart farming, smart grid, and smart city are crucial. Though mobile devices are providing seamless user experience anywhere, anytime, and anyplace, their restricted resources such as limited battery capacity, constrained processor speed, inadequate storage, and memory are hindering the development of resource‐intensive mobile applications and internet of things (IoT)‐based mobile applications. To solve this resource constraint problem, a web service‐based IoT framework is proposed by exploiting fuzzy logic methodologies. This framework augments the resources of mobile devices by offloading the resource‐intensive subtasks from mobile devices to the service providing entities like Arduino, Raspberry PI controller, edge cloud, and distant cloud. Based on the recommended framework, an online Repository of Instructional Talk (RIoTalk) is successfully implemented to store and analyze the classroom lectures given by faculty in our study site. Simulation results show that there is a significant reduction in energy consumption, execution time, bandwidth utilization, and latency. The proposed research work significantly increases the resources of mobile devices by offloading the resource‐intensive subtasks from the mobile device to the service provider computing entities thereby providing Quality of Service (QoS) and Quality of Experience (QoE) to mobile users.     

Private computing on public platforms: portable application security

As cellular telephones and high capacity memory sticks emerge as users' primary repository for data and applications, users will often run applications and display data on remote hosts. The biggest challenge in supporting this mobile data, mobile applications, stationary platform model is ensuring the security and privacy of user applications and data during execution on the remote platforms. Private computing on public platforms (PCPP) is a new application security approach which isolates applications to allow for secure and private execution on third party systems. This paper introduces PCPP and details its five basic building blocks which together ensure that the PCPP protected application's executable code, context, and data remain unaltered, unmonitored, and unrecorded before, during, and after exposure to the remote platform. Copyright © 2009 John Wiley & Sons, Ltd.     

5G边缘计算安全研究与应用

本论文聚焦在5G边缘计算安全研究与应用,包括5G边缘计算安全风险、5G边缘安计算安全防护要求以及5G边缘计算安全应用。首先从网络服务、硬件环境、虚拟化、边缘计算平台、能力开放、应用、管理、数据方面明确5G边缘计算安全风险,然后针对安全风险提出对应的安全防护要求,并以智能电网为例介绍了5G边缘计算安全应用。论文为5G边缘计算安全的风险以及防护要求分析等研究提供支持,为5G边缘计算安全应用提供发展思路。     

Mobile RFID的安全和隐私问题研究

射频识别技术被广泛应用于物体的自动识别,广泛地部署射频识别的标签会给用户的隐私带来新的安全威胁。目前,射频识别出现一种融合的趋势,阅读器被集成到移动电话中。移动射频识别主要应用于普通终端用户,用户的安全和隐私是最优考虑的问题。论文描述了移动RFID的应用场景和安全及隐私威胁,重点描述了移动环境下特殊的安全和隐私危险及解决移动RFID安全和隐私问题的安全体系构架方案。