Search results
1 – 10 of 105Embedded systems, Internet of Things (IoT) and mobile computing devices are used in various domains which include public-private infrastructure, industrial installation and…
Abstract
Embedded systems, Internet of Things (IoT) and mobile computing devices are used in various domains which include public-private infrastructure, industrial installation and critical environment. Generally, information handled by these devices is private and critical. Therefore, it must be appropriately secured from different attacks and hackers. Lightweight cryptography is an aspiring field which investigates the implementation of cryptographic primitives and algorithms for resource constrained devices. In this paper, a new compact hybrid lightweight encryption technique has been proposed. Proposed technique uses the fastest bit permutation instruction PERMS with S-box of PRESENT block cipher for non-linearity. An arbitrary n-bit permutation is performed using PERMS instruction in less than log (n) number of instructions. This new hybrid system has been analyzed for software performance on Advanced RISC Machine (ARM) and Intel processor whereas Cadens tool is used to analyze the hardware performance. The result of the proposed technique is improved by the factor of eight as compared to the PRESENT-GRP hybrid block cipher. Moreover, PERMS instruction bit permutation properties result a very good avalanche effect and compact implementation in the both hardware and software environment.
Details
Keywords
Ever since Mark Weiser coined the term “ubiquitous computing” (ubicomp) in 1988, there has been a general interest in proposing various solutions that would support his vision…
Abstract
Purpose
Ever since Mark Weiser coined the term “ubiquitous computing” (ubicomp) in 1988, there has been a general interest in proposing various solutions that would support his vision. However, attacks targeting devices and services of a ubicomp environment have demonstrated not only different privacy issues, but also a risk of endangering user’s life (e.g. by modifying medical sensor readings). Thus, the aim of this paper is to provide a comprehensive overview of security challenges of ubicomp environments and the corresponding countermeasures proposed over the past decade.
Design/methodology/approach
The results of this paper are based on a literature review method originally used in evidence-based medicine called systematic literature review (SLR), which identifies, filters, classifies and summarizes the findings.
Findings
Starting from the bibliometric results that clearly show an increasing interest in the topic of ubicomp security worldwide, the findings reveal specific types of attacks and vulnerabilities that have motivated the research over the past decade. This review describes most commonly proposed countermeasures – context-aware access control and authentication mechanisms, cryptographic protocols that account for device’s resource constraints, privacy-preserving mechanisms, and trust mechanisms for wireless ad hoc and sensor networks.
Originality/value
To the best of our knowledge, this is the first SLR on security challenges in ubicomp. The findings should serve as a reference to an extensive list of scientific contributions, as well as a guiding point for the researchers’ novel to the security research in ubicomp.
Details
Keywords
The growing trends in the usage of hand held devices necessitate the need to design them with low power consumption and less area design. Besides, information security is gaining…
Abstract
Purpose
The growing trends in the usage of hand held devices necessitate the need to design them with low power consumption and less area design. Besides, information security is gaining enormous importance in information transmission and data storage technology. In addition, today’s technology world is connected, communicated and controlled via the Internet of Things (IoT). In many applications, the most standard and widely used cryptography algorithm for providing security is Advanced Encryption Standard (AES). This paper aims to design an efficient model of AES cryptography for low power and less area.
Design/methodology/approach
First, the main issues related to less area and low power consumption in the AES encryption core are addressed. To implement optimized AES core, the authors proposed optimized multiplicative inverse, affine transforms and Xtime multipliers functions, which are the core function of AES’s core. In addition, to achieve the high throughput, it uses the multistage pipeline and resource reuse architectures for SBox and Mixcolumn of AES.
Findings
The results of optimized AES architecture have revealed that the multistage pipe line and resource sharing are optimal design model in Field Programmable Gate Array (FPGA) implementation. It could provide high security with low power and area for IoT and wireless sensors networks.
Originality/value
This proposed optimized modified architecture has been implemented in FPGA to calculate the power, area and delay parameters. This multistage pipeline and resource sharing have promised to minimize the area and power.
Details
Keywords
This study explores privacy challenges in recommender systems (RSs) and how they have leveraged privacy-preserving technology for risk mitigation. The study also elucidates the…
Abstract
Purpose
This study explores privacy challenges in recommender systems (RSs) and how they have leveraged privacy-preserving technology for risk mitigation. The study also elucidates the extent of adopting privacy-preserving RSs and postulates the future direction of research in RS security.
Design/methodology/approach
The study gathered articles from well-known databases such as SCOPUS, Web of Science and Google scholar. A systematic literature review using PRISMA was carried out on the 41 papers that are shortlisted for study. Two research questions were framed to carry out the review.
Findings
It is evident from this study that privacy issues in the RS have been addressed with various techniques. However, many more challenges are expected while leveraging technology advancements for fine-tuning recommenders, and a research agenda has been devised by postulating future directions.
Originality/value
The study unveils a new comprehensive perspective regarding privacy preservation in recommenders. There is no promising study found that gathers techniques used for privacy protection. The study summarizes the research agenda, and it will be a good reference article for those who develop privacy-preserving RSs.
Details
Keywords
Omerah Yousuf and Roohie Naaz Mir
Internet of Things (IoT) is a challenging and promising system concept and requires new types of architectures and protocols compared to traditional networks. Security is an…
Abstract
Purpose
Internet of Things (IoT) is a challenging and promising system concept and requires new types of architectures and protocols compared to traditional networks. Security is an extremely critical issue for IoT that needs to be addressed efficiently. Heterogeneity being an inherent characteristic of IoT gives rise to many security issues that need to be addressed from the perspective of new architectures such as software defined networking, cryptographic algorithms, federated cloud and edge computing.
Design/methodology/approach
The paper analyzes the IoT security from three perspectives: three-layer security architecture, security issues at each layer and security countermeasures. The paper reviews the current state of the art, protocols and technologies used at each layer of security architecture. The paper focuses on various types of attacks that occur at each layer and provides the various approaches used to countermeasure such type of attacks.
Findings
The data exchanged between the different devices or applications in the IoT environment are quite sensitive; thus, the security aspect plays a key role and needs to be addressed efficiently. This indicates the urgent needs of developing general security policy and standards for IoT products. The efficient security architecture needs to be imposed but not at the cost of efficiency and scalability. The paper provides empirical insights about how the different security threats at each layer can be mitigated.
Originality/value
The paper fulfills the need of having an extensive and elaborated survey in the field of IoT security, along with suggesting the countermeasures to mitigate the threats occurring at each level of IoT protocol stack.
Details
Keywords
Jai Gopal Pandey, Sanskriti Gupta and Abhijit Karmakar
The paper aims to develop a systematic approach to design, integrate, and implement a set of crypto cores in a system-on-chip SoC) environment for data security applications. The…
Abstract
Purpose
The paper aims to develop a systematic approach to design, integrate, and implement a set of crypto cores in a system-on-chip SoC) environment for data security applications. The advanced encryption standard (AES) and PRESENT block ciphers are deployed together, leading to a common crypto chip for performing encryption and decryption operations.
Design/methodology/approach
An integrated very large-scale integration (VLSI) architecture and its implementation for the AES and PRESENT ciphers is proposed. As per the choice, the architecture performs encryption or decryption operations for the selected cipher. Experimental results of the field-programmable gate array (FPGA) and application-specific integrated circuit (ASIC) implementations and related design analysis are provided.
Findings
FPGA implementation of the architecture on Xilinx xc5vfx70t-1-ff1136 device consumes 19% slices, whereas the ASIC design is implemented in 180 nm complementary metal-oxide semiconductor ASIC technology that takes 1.0746 mm2 of standard cell area and consumes 14.26 mW of power at 50 MHz clock frequency. A secure audio application using the designed architecture on an open source SoC environment is also provided. A test methodology for validation of the designed chip using an FPGA-based platform and tools is discussed.
Originality/value
The proposed architecture is compared with a set of existing hardware architectures for analyzing various design metrics such as latency, area, maximum operating frequency, power, and throughput.
Details
Keywords
Shancang Li, Theo Tryfonas and Honglei Li
The purpose of this paper is to provide an in-depth overview of the security requirements and challenges for Internet of Things (IoT) and discuss security solutions for various…
Abstract
Purpose
The purpose of this paper is to provide an in-depth overview of the security requirements and challenges for Internet of Things (IoT) and discuss security solutions for various enabling technologies and implications to various applications.
Design/methodology/approach
Security requirements and solutions are analysed based on a four-layer framework of IoT on sensing layer, network layer, service layer, and application layer. The cross-layer threats are analysed followed by the security discussion for the enabling technologies including identification and tracking technologies, WSN and RFID, communication, networks, and service management.
Findings
IoT calls for new security infrastructure based on the new technical standards. As a consequence, new security design for IoT shall pay attention to these new standards. Security at both the physical devices and service-applications is critical to the operation of IoT, which is indispensable for the success of IoT. Open problems remain in a number of areas, such as security and privacy protection, network protocols, standardization, identity management, trusted architecture, etc.
Practical implications
The implications to various applications including supervisory control and data acquisition, enterprise systems, social IoT are discussed. The paper will serve as a starting point for future IoT security design and management. The security strategies for IoT should be carefully designed by managing the tradeoffs among security, privacy, and utility to provide security in multi-layer architecture of IoT.
Originality/value
The paper synthesizes the current security requirements for IoT and provides a clear framework of security infrastructure based on four layers. Accordingly, the security requirements and potential threats in the four-layer architecture are provided in terms of general devices security, communication security, network security, and application security.
Details
Keywords
Vivek V. Jog and Senthil Murugan T.
Due to the connectivity of the multiple devices and the systems on the same network, rapid development has become possible in Internet of Things (IoTs) for the last decade. But…
Abstract
Purpose
Due to the connectivity of the multiple devices and the systems on the same network, rapid development has become possible in Internet of Things (IoTs) for the last decade. But, IoT is mostly affected with severe security challenges due to the potential vulnerabilities happened through the multiple connectivity of sensors, devices and system. In order to handle the security challenges, literature presents a handful of security protocols for IoT. The purpose of this paper is to present a threat profiling and elliptic curve cryptography (ECC)-based mutual and multi-level authentication for the security of IoTs. This work contains two security attributes like memory and machine-related attributes for maintaining the profile table. Also, the profile table stores the value after encrypting the value with ECC to avoid storage resilience using the proposed protocol. Furthermore, three entities like, IoT device, server and authorization centre (AC) performs the verification based on seven levels mutually to provide the resilience against most of the widely accepted attacks. Finally, DPWSim is utilized for simulation of IoT and verification of proposed protocol to show that the protocol is secure against passive and active attacks.
Design/methodology/approach
In this work, the authors have presented a threat profiling and ECC-based mutual and multi-level authentication for the security of IoTs. This work contains two security attributes like memory and machine-related attributes for maintaining the profile table. Also, the profile table stores the value after encrypting the value with ECC to avoid storage resilience using the proposed protocol. Furthermore, three entities like, IoT device, server and AC performs the verification based on seven levels mutually to provide the resilience against most of the widely accepted attacks.
Findings
DPWSim is utilized for simulation of IoT and verification of the proposed protocol to show that this protocol is secure against passive and active attacks. Also, attack analysis is carried out to prove the robustness of the proposed protocol against the password guessing attack, impersonation attack, server spoofing attack, stolen verifier attack and reply attack.
Originality/value
This paper presents a threat profiling and ECC-based mutual and multi-level authentication for the security of IoTs.
Details
Keywords
Priyanka Kumari Bhansali, Dilendra Hiran and Kamal Gulati
The purpose of this paper is to secure health data collection and transmission (SHDCT). In this system, a native network consists of portable smart devices that interact with…
Abstract
Purpose
The purpose of this paper is to secure health data collection and transmission (SHDCT). In this system, a native network consists of portable smart devices that interact with multiple gateways. It entails IoMT devices and wearables connecting to exchange sensitive data with a sensor node which performs the aggeration process and then communicates the data using a Fog server. If the aggregator sensor loses the connection from the Fog server, it will be unable to submit data directly to the Fog server. The node transmits encrypted information with a neighboring sensor and sends it to the Fog server integrated with federated learning, which encrypts data to the existing data. The fog server performs the operations on the measured data, and the values are stored in the local storage area and later it is updated to the cloud server.
Design/methodology/approach
SHDCT uses an Internet-of-things (IoT)-based monitoring network, making it possible for smart devices to connect and interact with each other. The main purpose of the monitoring network has been in the collection of biological data and additional information from mobile devices to the patients. The monitoring network is composed of three different types of smart devices that is at the heart of the IoT.
Findings
It has been addressed in this work how to design an architecture for safe data aggregation in heterogeneous IoT-federated learning-enabled wireless sensor networks (WSNs), which makes use of basic encoding and data aggregation methods to achieve this. The authors suggest that the small gateway node (SGN) captures all of the sensed data from the SD and uses a simple, lightweight encoding scheme and cryptographic techniques to convey the data to the gateway node (GWN). The GWN gets all of the medical data from SGN and ensures that the data is accurate and up to date. If the data obtained is trustworthy, then the medical data should be aggregated and sent to the Fog server for further processing. The Java programming language simulates and analyzes the proposed SHDCT model for deployment and message initiation. When comparing the SHDCT scheme to the SPPDA and electrohydrodynamic atomisation (EHDA) schemes, the results show that the SHDCT method performs significantly better. When compared with the SPPDA and EHDA schemes, the suggested SHDCT plan necessitates a lower communication cost. In comparison to EHDA and SPPDA, SHDCT achieves 4.72% and 13.59% less, respectively. When compared to other transmission techniques, SHDCT has a higher transmission ratio. When compared with EHDA and SPPDA, SHDCT achieves 8.47% and 24.41% higher transmission ratios, respectively. When compared with other ways it uses less electricity. When compared with EHDA and SPPDA, SHDCT achieves 5.85% and 18.86% greater residual energy, respectively.
Originality/value
In the health care sector, a series of interconnected medical devices collect data using IoT networks in the health care domain. Preventive, predictive, personalized and participatory care is becoming increasingly popular in the health care sector. Safe data collection and transfer to a centralized server is a challenging scenario. This study presents a mechanism for SHDCT. The mechanism consists of Smart healthcare IoT devices working on federated learning that link up with one another to exchange health data. Health data is sensitive and needs to be exchanged securely and efficiently. In the mechanism, the sensing devices send data to a SGN. This SGN uses a lightweight encoding scheme and performs cryptography techniques to communicate the data with the GWN. The GWN gets all the health data from the SGN and makes it possible to confirm that the data is validated. If the received data is reliable, then aggregate the medical data and transmit it to the Fog server for further process. The performance parameters are compared with the other systems in terms of communication costs, transmission ratio and energy use.
Details
Keywords
Manjunath Beemappa Edigar and P.V. Rao
In the past recent years, wireless sensor network (WSN) has progressively grown as an emerging technology. Various research efforts have been made in the literature to address the…
Abstract
Purpose
In the past recent years, wireless sensor network (WSN) has progressively grown as an emerging technology. Various research efforts have been made in the literature to address the problem associated with WSN security. Based on the review analysis, it is found that the existing methods are mostly associated with complex security operations that are not suitable for resource constraint sensor nodes. The proposed paper has presented cost-effective modeling of the security framework that addresses the problem of security and energy in WSN.
Design/methodology/approach
The proposed security framework implements two different protocols to attain maximum security services and optimizes the security operation of the proposed security models to achieve higher energy efficiency and privacy preservation against a majority of the lethal attacks. The first security model introduces a novel cost-efficient pairwise key-based authentication mechanism to identify the availability of optimal routes under the presence of adversary in the network. The second security model introduces an integrated part of the first security model that optimizes security operation to perform secure communication using a lightweight encryption mechanism.
Findings
Based on the experimental outcome and analysis, the proposed system attains a 60% performance improvement in terms of security and computational efficiency compared to the existing Sec-LEACH. The second security model has achieved a 50% improvement in terms of overall aspects like reduction in transmission delay, packet delivery ratio, remaining energy and communication performance.
Originality/value
The proposed study has presented a computationally efficient model that provides lightweight security operations based on secure hash function. It also focuses on the security associations between WSN nodes and the selection of reliable routes for secure data transmission. The design of the proposed security model is best suited for homogeneous and heterogeneous sensor networks, which will be robust to any attacking scenario.
Details