Search results for: smart devices security

Authors: Chalee Thammarat

Abstract:

Mobile phones are equipped with increased short-range communication functionality called Near Field Communication (or NFC for short). NFC needs no pairing between devices but suitable for little amounts of data in a very restricted area. A number of researchers presented authentication techniques for NFC communications, however, they still lack necessary authentication, particularly mutual authentication and security qualifications. This paper suggests a new authentication protocol for NFC communication that gives mutual authentication between devices. The mutual authentication is a one of property, of security that protects replay and man-in-the-middle (MitM) attack. The proposed protocols deploy a limited-use offline session key generation and use of distribution technique to increase security and make our protocol lightweight. There are four sub-protocols: NFCAuthv1 is suitable for identification and access control and NFCAuthv2 is suitable for the NFC-enhanced phone by a POS terminal for digital and physical goods and services.

Keywords: cryptographic protocols, NFC, near field communications, security protocols, mutual authentication, network security

Procedia PDF Downloads 412

Authors: Mohamed Rasslan, Doaa Abdelrahman, Mahmoud M. Nasreldin, Ghada Farouk, Heba K. Aslan

Abstract:

Blockchain is a distributed database that endorses transparency while bitcoin is a decentralized cryptocurrency (electronic cash) that endorses anonymity and is powered by blockchain technology. Smart contracts are programs that are stored on a blockchain. Smart contracts are executed when predetermined conditions are fulfilled. Smart contracts automate the agreement execution in order to make sure that all participants immediate-synchronism of the outcome-certainty, without any intermediary's involvement or time loss. Currently, the Bitcoin market worth billions of dollars. Bitcoin could be transferred from one purchaser to another without the need for an intermediary bank. Network nodes through cryptography verify bitcoin transactions, which are registered in a public-book called “blockchain”. Bitcoin could be replaced by other coins, merchandise, and services. Rapid growing of the bitcoin market-value, encourages its counterparts to make use of its weaknesses and exploit vulnerabilities for profit. Moreover, it motivates scientists to define known vulnerabilities, offer countermeasures, and predict future threats. In his paper, we study blockchain technology and bitcoin from the attacker’s point of view. Furthermore, mitigations for the attacks are suggested, and contemporary security solutions are discussed. Finally, research methods that achieve strict security and privacy protocol are elaborated.

Keywords: Cryptocurrencies, Blockchain, Bitcoin, Smart Contracts, Peer-to-Peer Network, Security Issues, Privacy Techniques

Procedia PDF Downloads 56

Authors: Kerem Ok, Cem Cevikbas, Vedat Coskun, Mohammed Alsadi, Busra Ozdenizci

Abstract:

Un-keyed SIM cards do not contain the required security infrastructure to provide end-to-end encryption with Service Providers. Hence, new, emerging, or smart services those require end-to-end encryption between SIM card and a Service Provider is impossible. SIMSec key exchange protocol creates symmetric keys between SIM card and Service Provider. After a successful protocol execution, SIM card and Service Provider creates the symmetric keys and can perform end-to-end data encryption when required. In this paper, our aim is to analyze the SIMSec protocol’s security. According to the results, SIM card and Service Provider can generate keys securely using SIMSec protocol.

Keywords: End-to-end encryption, key exchange, SIM card, smart card

Procedia PDF Downloads 266

Authors: Mustafa Kamoona, Mohamed El-Sharkawy

Abstract:

Although the latest Wireless Local Area Network technology Wi-Fi 802.11i standard addresses many of the security weaknesses of the antecedent Wired Equivalent Privacy (WEP) protocol, there are still scenarios where the network security are still vulnerable. The first security model that 802.11i offers is the Personal model which is very cheap and simple to install and maintain, yet it uses a Pre Shared Key (PSK) and thus has a low to medium security level. The second model that 802.11i provide is the Enterprise model which is highly secured but much more expensive and difficult to install/maintain and requires the installation and maintenance of an authentication server that will handle the authentication and key management for the wireless network. A central issue with the personal model is that the PSK needs to be shared with all the devices that are connected to the specific Wi-Fi network. This pre-shared key, unless changed regularly, can be cracked using offline dictionary attacks within a matter of hours. The key is burdensome to change in all the connected devices manually unless there is some kind of algorithm that coordinate this PSK update. The key idea of this paper is to propose a new algorithm that proactively and effectively coordinates the pre-shared key generation, management, and distribution in the cheap WPA/WPA2 personal security model using only a DD-WRT router.

Keywords: Wi-Fi, WPS, TLS, DD-WRT

Procedia PDF Downloads 213

Authors: Nam Don Kim, Jungho Moon, Tae Yun Chung

Abstract:

This paper proposes an Internet of Things (IoT) based virtualization platform for providing smart tourism services. The virtualization platform provides a consistent access interface to various types of data by naming IoT devices and legacy information systems as pathnames in a virtual file system. In the other words, the IoT virtualization platform functions as a middleware which uses the metadata for underlying collected data. The proposed platform makes it easy to provide customized tourism information by using tourist locations collected by IoT devices and additionally enables to create new interactive smart tourism services focused on the tourist locations. The proposed platform is very efficient so that the provided tourism services are isolated from changes in raw data and the services can be modified or expanded without changing the underlying data structure.

Keywords: internet of things (IoT), IoT platform, serviceplatform, virtual file system (VSF)

Procedia PDF Downloads 478

Authors: Sima Aznavi, Poria Fajri, Hanif Livani

Abstract:

Smart homes are small energy systems which may be equipped with renewable energy sources, storage devices, and loads. Energy management strategy plays a main role in the efficient operation of smart homes. Effective energy scheduling of the renewable energy sources and storage devices guarantees efficient energy management in households while reducing the energy imports from the grid. Nevertheless, despite such strategies, independently day ahead energy schedules for multiple households can cause undesired effects such as high power exchange with the grid at certain times of the day. Therefore, the interactions between multiple smart home day ahead energy projections is a challenging issue in a smart grid system and if not managed appropriately, the imported energy from the power network can impose additional burden on the distribution grid. In this paper, a central energy management strategy for a network consisting of multiple households each equipped with renewable energy sources, storage devices, and Plug-in Electric Vehicles (PEV) is proposed. The decision-making strategy alongside the smart home energy management system, minimizes the energy purchase cost of the end users, while at the same time reducing the stress on the utility grid. In this approach, the smart home energy management system determines different operating scenarios based on the forecasted household daily load and the components connected to the household with the objective of minimizing the end user overall cost. Then, selected projections for each household that are within the same cost range are sent to the central decision-making system. The central controller then organizes the schedules to reduce the overall peak to average ratio of the total imported energy from the grid. To validate this approach simulations are carried out for a network of five smart homes with different load requirements and the results confirm that by applying the proposed central energy management strategy, the overall power demand from the grid can be significantly flattened. This is an effective approach to alleviate the stress on the network by distributing its energy to a network of multiple households over a 24- hour period.

Keywords: energy management, renewable energy sources, smart grid, smart home

Procedia PDF Downloads 223

Authors: S. Bae, J. Shin, S. Lee

Abstract:

As the development of smart devices such as Smart TV, Smartphone, Tablet PC, Laptop, the interest in N-Screen Services that can be cross-linked with heterogeneous devices is increasing. N-Screen means User-centric services that can share and constantly watch multimedia contents anytime and anywhere. However, the existing N-Screen system has the limitation that N-Screen system has to implement the application for each platform and device to provide multimedia service. To overcome this limitation, Multimedia N-Screen Service System is proposed through the web, and it is independent of different environments. The combination of Web and cloud computing technologies from this study results in increasing efficiency and reduction in costs.

Keywords: N-screen, web, cloud, multimedia

Procedia PDF Downloads 281

Authors: Alec Wells, Aminu Bello Usman, Justin McKeown

Abstract:

The growing usage of smart speakers raises many privacy and trust concerns compared to other technologies such as smart phones and computers. In this study, a proxy measure of trust is used to gauge users’ opinions on three different technologies based on an empirical study, and to understand which technology most people are most likely to trust. The collected data were analysed using the Kruskal-Wallis H test to determine the statistical differences between the users’ trust level of the three technologies: smart speaker, computer and smart phone. The findings of the study revealed that despite the wide acceptance, ease of use and reputation of smart speakers, people find it difficult to trust smart speakers with their sensitive information via the Direct Voice Input (DVI) and would prefer to use a keyboard or touchscreen offered by computers and smart phones. Findings from this study can inform future work on users’ trust in technology based on perceived ease of use, reputation, perceived credibility and risk of using technologies via DVI.

Keywords: direct voice input, risk, security, technology, trust

Procedia PDF Downloads 167

Authors: Onur Elma, Giray E. Kıral, Ugur S. Selamoğuları, Mehmet Uzunoğlu, Bulent Vural

Abstract:

Electrical energy has become indispensable for people's lives and with rapidly developing technology and continuously changing living standards the need for the electrical energy has been on the rise. Therefore, both energy generation and efficient use of energy are very important topics. Smart grid concept has been introduced to provide monitoring, energy efficiency, reliability and energy quality. Under smart grid concept, smart homes, which can be considered as key component in smart grid operation, have appeared as another research area. In this study, first, smart grid research in the world will be reviewed. Then, overview of smart grid applications in Turkey will be given.

Keywords: energy efficiency, smart grids, smart home, applications

Procedia PDF Downloads 477

Authors: Hanan Fayez Hussein

Abstract:

‘Due to increasing environmental challenges and security problems in the world such as global warming, storms, and terrorism’, humans have discovered new technologies and new materials in order to program daily life. As providing physical and psychological security is one of the primary functions of architecture, so in order to provide security, building must prevents unauthorized entry and harm to occupant and reduce the threat of attack by making building less attractive targets by new technologies such as; Nanotechnology, which has emerged as a major science and technology focus of the 21st century and will be the next industrial revolution. Nanotechnology is control of the properties of matter, and it deals with structures of the size 100 nanometers or smaller in at least one dimension and has wide application in various fields. The construction and architecture sectors were among the first to be identified as a promising application area for nanotechnology. The advantages of using nanomaterials in construction are enormous, and promises heighten building security by utilizing the strength of building materials to make our buildings more secure and get smart home. Access barriers such as wall and windows could incorporate stronger materials benefiting from nano-reinforcement utilizing nanotubes and nano composites to act as protective cover. Carbon nanotubes, as one of nanotechnology application, can be designed up to 250 times stronger than steel. Nano-enabled devices and materials offer both enhanced and, in some cases, completely new defence systems. In the addition, the small amount of carbon nanoparticles to the construction materials such as; cement, concrete, wood, glass, gypson, and steel can make these materials act as defence elements. This paper highlights the fact that nanotechnology can impact the future global security and how building’s envelop can act as a defensive cover for the building and can be resistance to any threats can attack it. Then focus on its effect on construction materials such as; Concrete can obtain by nanoadditives excellent mechanical, chemical, and physical properties with less material, which can acts as a precautionary shield to the building.

Keywords: nanomaterial, global warming, building security, smart homes

Procedia PDF Downloads 60

Authors: Ahmad Mohammad Sharqi, Mohamed Hechmi El Ouni, Saleh Alsulamy

Abstract:

Due to the emerging technologies revolution worldwide, the need to exploit and employ innovative technologies for other functions and purposes in different aspects has become a remarkable matter. Saudi Arabia is considered one of the most powerful economic countries in the world, where the construction sector participates effectively in its economy. Thus, the construction sector in KSA should convoy the rapid digital revolution and transformation and implement smart devices on sites. A Smart Construction Site (SCS) includes smart devices, artificial intelligence, the internet of things, augmented reality, building information modeling, geographical information systems, and cloud information. This paper aims to study the level of implementation of SCS in KSA, analyze the obstacles and challenges of adopting SCS and find out critical success factors for its implementation. A survey of close-ended questions (scale and multi-choices) has been conducted on professionals in the construction sector of Saudi Arabia. A total number of twenty-nine questions has been prepared for respondents. Twenty-four scale questions were established, and those questions were categorized into several themes: quality, scheduling, cost, occupational safety and health, technologies and applications, and general perception. Consequently, the 5-point Likert scale tool (very low to very high) was adopted for this survey. In addition, five close-ended questions with multi-choice types have also been prepared; these questions have been derived from a previous study implemented in the United Kingdom (UK) and the Dominic Republic (DR), these questions have been rearranged and organized to fit the structured survey in order to place the Kingdom of Saudi Arabia in comparison with the United Kingdom (UK) as well as the Dominican Republic (DR). A total number of one hundred respondents have participated in this survey from all regions of the Kingdom of Saudi Arabia: southern, central, western, eastern, and northern regions. The drivers, obstacles, and success factors for implementing smart devices and technologies in KSA’s construction sector have been investigated and analyzed. Besides, it has been concluded that KSA is on the right path toward adopting smart construction sites with attractive results comparable to and even better than the UK in some factors.

Keywords: artificial intelligence, construction projects management, internet of things, smart construction sites, smart devices

Procedia PDF Downloads 119

Authors: Gaurav Kumar Sinha

Abstract:

The oil and gas industry, characterized by its complex and global supply chains, faces significant challenges in ensuring security, transparency, and efficiency. Blockchain technology, with its decentralized and immutable ledger, offers a transformative solution to these issues. This paper explores the application of blockchain technology in the oil and gas supply chain, highlighting its potential to enhance data security, improve transparency, and streamline operations. By leveraging smart contracts, blockchain can automate and secure transactions, reducing the risk of fraud and errors. Additionally, the integration of blockchain with IoT devices enables real-time tracking and monitoring of assets, ensuring data accuracy and integrity throughout the supply chain. Case studies and pilot projects within the industry demonstrate the practical benefits and challenges of implementing blockchain solutions. The findings suggest that blockchain technology can significantly improve trust and collaboration among supply chain participants, ultimately leading to more efficient and resilient operations. This study provides valuable insights for industry stakeholders considering the adoption of blockchain technology to address their supply chain management challenges.

Keywords: blockchain technology, oil and gas supply chain, data security, transparency, smart contracts, IoT integration, real-time tracking, asset monitoring, fraud reduction, supply chain efficiency, data integrity, case studies, industry implementation, trust, collaboration.

Procedia PDF Downloads 8

Authors: Nada Mouchfiq, Ahmed Habbani, Chaimae Benjbara

Abstract:

The security aspect of the IoT occupies a place of great importance especially after the evolution that has known this field lastly because it must take into account the transformations and the new applications .Blockchain is a new technology dedicated to the data sharing. However, this does not work the same way in the different systems with different operating principles. This article will discuss network security using the Blockchain to facilitate the sending of messages and information, enabling the use of new processes and enabling autonomous coordination of devices. To do this, we will discuss proposed solutions to ensure a high level of security in these networks in the work of other researchers. Finally, our article will propose a method of security more adapted to our needs as a team working in the ad hoc networks, this method is based on the principle of the Blockchain and that we named ”MPR Blockchain”.

Keywords: Ad hocs networks, blockchain, MPR, security

Procedia PDF Downloads 154

Authors: Jong-Won Lee

Abstract:

Since Cloud environment has appeared as the most powerful keyword in the computing industry, the growth in VDI (Virtual Desktop Infrastructure) became remarkable in domestic market. In recent years, with the trend that mobile devices such as smartphones and pads spread so rapidly, the strengths of VDI that allows people to access and perform business on the move along with companies' office needs expedite more rapid spread of VDI. However, although this enhanced accessibility and mobility can bring the enhanced productivity, it sometimes conflicts with the security, so there should be more detailed security solution, which is user authentication. In this paper, mobile OTP (One-Time Password) authentication method is proposed to secure mobile device portability through rapid and secure authentication using mobile devices such as mobile phones or pads, which does not require additional purchase or possession of OTP tokens of users. However, in order to use the service continuously and reliably in the cloud environment, both service provider and user have to prepare for security awareness and security threats, and continuously study the conflicting aspect between the improving user convenience and the security and supplement so that cloud service can provide opportunities to develop as a new growth industry in the future and create a new market in IT industry.

Keywords: cloud, OTP, mobility, security, authentication

Procedia PDF Downloads 334

Authors: Ivan Župan

Abstract:

Critical infrastructure is essential for the functioning of a country and is designated for special protection by governments worldwide. Due to the increase in smart technology usage in every facet of the industry, including critical infrastructure, the exposure to malicious cyber-physical attacks has grown in the last few years. Proper security measures must be undertaken in order to defend against cyber-physical threats that can disrupt the normal functioning of critical infrastructure and, consequently the functioning of the country. This paper provides a review of the scientific literature of models, methods and technologies used to protect from cyber-physical threats in industries. The focus of the literature was observed from three aspects. The first aspect, resilience, concerns itself with the robustness of the system’s defense against threats, as well as preparation and education about potential future threats. The second aspect concerns security risk management for systems with cyber-physical aspects, and the third aspect investigates available testbed environments for testing developed models on scaled models of vulnerable infrastructure.

Keywords: critical infrastructure, cyber-physical security, smart industry, security methodology, security technology

Procedia PDF Downloads 54

Authors: Sultan Alharby, Nick Harris, Alex Weddell, Jeff Reeve

Abstract:

The concept of the Internet of Things (IoT) has received much attention over the last five years. It is predicted that the IoT will influence every aspect of our lifestyles in the near future. Wireless Sensor Networks are one of the key enablers of the operation of IoTs, allowing data to be collected from the surrounding environment. However, due to limited resources, nature of deployment and unattended operation, a WSN is vulnerable to various types of attack. Security is paramount for reliable and safe communication between IoT embedded devices, but it does, however, come at a cost to resources. Nodes are usually equipped with small batteries, which makes energy conservation crucial to IoT devices. Nevertheless, security cost in terms of energy consumption has not been studied sufficiently. Previous research has used a security specification of 802.15.4 for IoT applications, but the energy cost of each security level and the impact on quality of services (QoS) parameters remain unknown. This research focuses on the cost of security at the IoT media access control (MAC) layer. It begins by studying the energy consumption of IEEE 802.15.4 security levels, which is followed by an evaluation for the impact of security on data latency and throughput, and then presents the impact of transmission power on security overhead, and finally shows the effects of security on memory footprint. The results show that security overhead in terms of energy consumption with a payload of 24 bytes fluctuates between 31.5% at minimum level over non-secure packets and 60.4% at the top security level of 802.15.4 security specification. Also, it shows that security cost has less impact at longer packet lengths, and more with smaller packet size. In addition, the results depicts a significant impact on data latency and throughput. Overall, maximum authentication length decreases throughput by almost 53%, and encryption and authentication together by almost 62%.

Keywords: energy consumption, IEEE 802.15.4, IoT security, security cost evaluation

Procedia PDF Downloads 144

Authors: Tarun Chand, Michael Jurczyk

Abstract:

With the increasing need and popularity of IoT devices and how integrated they are becoming in our daily lives and industries, these devices make for a very lucrative target for malicious actors. And since these devices have such limited resources, the implementation of robust security features is a tradeoff to be made for the actual functionality the device was intended for. This makes them an easy target with high returns. Several frameworks for the secure firmware update of these devices have been recently proposed in the literature. They focus on methods such as blockchains and distributed file systems to secure firmware updates, but do not go into the details of the actual implementation of these frameworks and the lower-level interactions among these methods used. This work integrates some of these security measures into one overall framework and details the actual lower-level implementation of this framework in a virtual dockerized testbed running on AWS.

Keywords: blockchain, Ethereum, Geth, IPFS, secure IoT-firmware update, virtual testbed development

Procedia PDF Downloads 42

Authors: Basel Halak, Christian Hall, Syed Abdul Father, Nelson Chow Wai Kit, Ruwaydah Widaad Raymode

Abstract:

The attack surface on computing devices is becoming very sophisticated, driven by the sheer increase of interconnected devices, reaching 50B in 2025, which makes it easier for adversaries to have direct access and perform well-known physical attacks. The impact of increased security vulnerability of electronic systems is exacerbated for devices that are part of the critical infrastructure or those used in military applications, where the likelihood of being targeted is very high. This continuously evolving landscape of security threats calls for a new generation of defense methods that are equally effective and adaptive. This paper proposes an intelligent defense mechanism to protect from physical tampering, it consists of a tamper detection system enhanced with machine learning capabilities, which allows it to recognize normal operating conditions, classify known physical attacks and identify new types of malicious behaviors. A prototype of the proposed system has been implemented, and its functionality has been successfully verified for two types of normal operating conditions and further four forms of physical attacks. In addition, a systematic threat modeling analysis and security validation was carried out, which indicated the proposed solution provides better protection against including information leakage, loss of data, and disruption of operation.

Keywords: anti-tamper, hardware, machine learning, physical security, embedded devices, ioT

Procedia PDF Downloads 132

Authors: Arsalan Makinian

Abstract:

Our future cities will constantly evolve the necessary technologies for tomorrow’s needs. Technologies which enable a better kind of prosperity and security. This paper reports on the precedent of a smart city from its beginning to prevalence among urbanism academic literature and reports of tech companies. The article aims to direct urban foresight studies and to build a pathway for the future of smart city concept by gathering theoretical and empirical experiences related to smart cities with both top-down and bottom-up approaches. It hopes to deliver results of different studies, pilot projects, and development strategies of some of the smart cities in order to allow a shareable knowledge to take shape and develop in terms of qualitative aspects of a smart city. Now the definition of the smart city goes beyond removing physical boundaries, changing the concept of mobility and providing electronic service for citizens, it now constitutes fields such as energy efficiency, economic competitiveness, protecting the environment and finally, it takes advantage of technology and data science to improve the quality of life. In the smart city, the role of citizens is considered as both final purpose and contributor. Emerging issues which are almost implications of advanced technologies -as the most important trends of the future- and their reflection on the society need to be foresighted. Educating and fostering knowledge of smartness is one of the targets of the smart city concept. In this regard, some of these smart cites have established research and development units to share their projects and smart city initiatives. Due to this fact, gaining experience and sharing the results of this subject is necessary for technology management and moving toward a smart urban future.

Keywords: age of urban tech, bottom-up approach, role of citizens, smart city

Procedia PDF Downloads 121

Authors: Hermann Kuehnle

Abstract:

Developments in ICT totally reshape manufacturing as machines, objects and equipment on the shop floors will be smart and online. Interactions with virtualizations and models of a manufacturing unit will appear exactly as interactions with the unit itself. These virtualizations may be driven by providers with novel ICT services on demand that might jeopardize even well established business models. Context aware equipment, autonomous orders, scalable machine capacity or networkable manufacturing unit will be the terminology to get familiar with in manufacturing and manufacturing management. Such newly appearing smart abilities with impact on network behavior, collaboration procedures and human resource development will make distributed manufacturing a preferred model to produce. Computing miniaturization and smart devices revolutionize manufacturing set ups, as virtualizations and atomization of resources unwrap novel manufacturing principles. Processes and resources obey novel specific laws and have strategic impact on manufacturing and major operational implications. Mechanisms from distributed manufacturing engaging interacting smart manufacturing units and decentralized planning and decision procedures already demonstrate important effects from this shift of focus towards collaboration and interoperability.

Keywords: autonomous unit, networkability, smart manufacturing unit, virtualization

Procedia PDF Downloads 504

Authors: Antonio Horta, Renato Marinho, Raimir Holanda

Abstract:

Considered as an evolution of the Blockchain, the Ethereum platform, besides allowing transactions of its cryptocurrency named Ether, it allows the programming of decentralised applications (DApps) and smart contracts. However, this functionality into blockchains has raised other types of threats, and the exploitation of smart contracts vulnerabilities has taken companies to experience big losses. This research intends to figure out the number of contracts that are under risk of being drained. Through a deep investigation, more than two hundred thousand smart contracts currently available in the Ethereum platform were scanned and estimated how much money is at risk. The experiment was based in a query run on Google Big Query in July 2022 and returned 50,707,133 contracts published on the Ethereum platform. After applying the filtering criteria, the experimentgot 430,584 smart contracts to download and analyse. The filtering criteria consisted of filtering out: ERC20 and ERC721 contracts, contracts without transactions, and contracts without balance. From this amount of 430,584 smart contracts selected, only 268,103 had source codes published on Etherscan, however, we discovered, using a hashing process, that there were contracts duplication. Removing the duplicated contracts, the process ended up with 20,417 source codes, which were analysed using the open source SAST tool smartbugswith oyente and securify algorithms. In the end, there was nearly $100,000 at risk of being drained from the potentially vulnerable smart contracts. It is important to note that the tools used in this study may generate false positives, which may interfere with the number of vulnerable contracts. To address this point, our next step in this research is to develop an application to test the contract in a parallel environment to verify the vulnerability. Finally, this study aims to alert users and companies about the risk on not properly creating and analysing their smart contracts before publishing them into the platform. As any other application, smart contracts are at risk of having vulnerabilities which, in this case, may result in direct financial losses.

Keywords: blockchain, reentrancy, static application security testing, smart contracts

Procedia PDF Downloads 70

Authors: H. Parveen Begam, M. A. Maluk Mohamed

Abstract:

Mobile Grid Computing is an environment that allows sharing and coordinated use of diverse resources in dynamic, heterogeneous and distributed environment using different types of electronic portable devices. In a grid environment the security issues are like authentication, authorization, message protection and delegation handled by GSI (Grid Security Infrastructure). Proving better security between mobile devices and grid infrastructure is a major issue, because of the open nature of wireless networks, heterogeneous and distributed environments. In a mobile grid environment, the individual computing devices may be resource-limited in isolation, as an aggregated sum, they have the potential to play a vital role within the mobile grid environment. Some adaptive methodology or solution is needed to solve the issues like authentication of a base station, security of information flowing between a mobile user and a base station, prevention of attacks within a base station, hand-over of authentication information, communication cost of establishing a session key between mobile user and base station, computing complexity of achieving authenticity and security. The sharing of resources of the devices can be achieved only through the trusted relationships between the mobile hosts (MHs). Before accessing the grid service, the mobile devices should be proven authentic. This paper proposes the dynamic certificate based mutual authentication protocol between two mobile hosts in a mobile grid environment. The certificate generation process is done by CA (Certificate Authority) for all the authenticated MHs. Security (because of validity period of the certificate) and dynamicity (transmission time) can be achieved through the secure service certificates. Authentication protocol is built on communication services to provide cryptographically secured mechanisms for verifying the identity of users and resources.

Keywords: mobile grid computing, certificate authority (CA), SSL/TLS protocol, secured service certificates

Procedia PDF Downloads 286

Authors: Prashansa Singh, Manjot Kaur, Rohit Bajaj

Abstract:

The proliferation of wireless sensor networks and Internet of Things (IoT) devices in the quickly changing digital landscape has highlighted the urgent need for strong security solutions that can handle these systems’ limited resources. A key solution to this problem is the emergence of ultralightweight security protocols, which provide strong security features while respecting the strict computational, energy, and memory constraints imposed on these kinds of devices. This in-depth analysis explores the field of ultralightweight security protocols, offering a thorough examination of their evolution, salient features, and the particular security issues they resolve. We carefully examine and contrast different protocols, pointing out their advantages and disadvantages as well as the compromises between resource limitations and security resilience. We also study these protocols’ application domains, including the Internet of Things, RFID systems, and wireless sensor networks, to name a few. In addition, the review highlights recent developments and advancements in the field, pointing out new trends and possible avenues for future research. This paper aims to be a useful resource for researchers, practitioners, and developers, guiding the design and implementation of safe, effective, and scalable systems in the Internet of Things era by providing a comprehensive overview of ultralightweight security protocols.

Keywords: wireless sensor network, machine-to-machine, MQTT broker, server, ultralightweight, TCP/IP

Procedia PDF Downloads 44

Authors: Nadir A. Carreon, Christa Sonderer, Aakarsh Rao, Roman Lysecky

Abstract:

With the advent of complex software and increased connectivity, the security of life-critical medical devices is becoming an increasing concern, particularly with their direct impact on human safety. Security is essential, but it is impossible to develop completely secure and impenetrable systems at design time. Therefore, it is important to assess the potential impact on the security and safety of exploiting a vulnerability in such critical medical systems. The common vulnerability scoring system (CVSS) calculates the severity of exploitable vulnerabilities. However, for medical devices it does not consider the unique challenges of impacts to human health and privacy. Thus, the scoring of a medical device on which human life depends (e.g., pacemakers, insulin pumps) can score very low, while a system on which human life does not depend (e.g., hospital archiving systems) might score very high. In this paper, we propose a medical vulnerability scoring system (MVSS) that extends CVSS to address the health and privacy concerns of medical devices. We propose incorporating two new parameters, namely health impact, and sensitivity impact. Sensitivity refers to the type of information that can be stolen from the device, and health represents the impact on the safety of the patient if the vulnerability is exploited (e.g., potential harm, life-threatening). We evaluate fifteen different known vulnerabilities in medical devices and compare MVSS against two state-of-the-art medical device-oriented vulnerability scoring systems and the foundational CVSS.

Keywords: common vulnerability system, medical devices, medical device security, vulnerabilities

Procedia PDF Downloads 139

Authors: Thomas Benson

Abstract:

Smart cities have been heralded as multi-faceted entities which utilise information and communication technologies to enhance citizen participation. The purpose of this paper is to outline authoritative definitions of smart cities and citizen participation and investigate smart city citizen-centrism rhetoric by examining urban governance and citizen participation processes. Drawing on extant literature and official city government documents and websites, Singapore (Singapore) and Tokyo (Japan) are chosen as comparable smart city case studies. For the smart city to be truly realised, this paper concludes that smart cities must do more to incorporate genuine citizen participation mechanisms.

Keywords: citizen participation, smart cities, urban governance, Singapore, Tokyo

Procedia PDF Downloads 125

Authors: Shahin Zanbaghi, Saeed Samet

Abstract:

The internet has transformed the way we shop. Previously, most of our purchases came in the form of shopping trips to a nearby store. Now, it’s as easy as clicking a mouse. But with great convenience comes great responsibility. We have to be constantly vigilant about our personal information. In this work, our proposed approach is to encrypt the information printed on the physical packages, which include personal information in plain text, using a symmetric encryption algorithm; then, we store that encrypted information into a Blockchain network rather than storing them in companies or corporations centralized databases. We present, implement and assess a blockchain-based system using Ethereum smart contracts. We present detailed algorithms that explain the details of our smart contract. We present the security, cost, and performance analysis of the proposed method. Our work indicates that the proposed solution is economically attainable and provides data integrity, security, transparency, and data traceability.

Keywords: blockchain, Ethereum, smart contract, commit-reveal scheme

Procedia PDF Downloads 129

Authors: Yatin Wadhawan, Clifford Neuman, Anas Al Majali

Abstract:

In this paper, we evaluate the resilience of the smart grid system in the presence of multiple cyber-physical attacks on its distinct functional components. We discuss attack-defense scenarios and their effect on smart grid resilience. Through contingency simulations in the Network and PowerWorld Simulator, we analyze multiple cyber-physical attacks that propagate from the cyber domain to power systems and discuss how such attacks destabilize the underlying power grid. The analysis of such simulations helps system administrators develop more resilient systems and improves the response of the system in the presence of cyber-physical attacks.

Keywords: smart grid, gas pipeline, cyber- physical attack, security, resilience

Procedia PDF Downloads 289

Authors: Muhammad Rana, Quazi Mamun, Rafiqul Islam

Abstract:

In the Internet of Things (IoT), many devices are connected and accumulate a sheer amount of data. These Internet-driven raw data need to be transferred securely to the end-users via dependable networks. Consequently, the challenges of IoT security in various IoT domains are paramount. Cryptography is being applied to secure the networks for authentication, confidentiality, data integrity and access control. However, due to the resource constraint properties of IoT devices, the conventional cipher may not be suitable in all IoT networks. This paper designs a robust and effective lightweight cipher to secure the IoT environment and meet the resource-constrained nature of IoT devices. We also propose a symmetric and block-cipher based lightweight cryptographic algorithm. The proposed algorithm increases the complexity of the block cipher, maintaining the lowest computational requirements possible. The proposed algorithm efficiently constructs the key register updating technique, reduces the number of encryption rounds, and adds a new layer between the encryption and decryption processes.

Keywords: internet of things, cryptography block cipher, S-box, key management, security, network

Procedia PDF Downloads 84

Authors: Debasis Sarkar

Abstract:

Development of a Smart City would depend upon the development of its infrastructure in a smart way. Primarily based on the ideology of the fourth industrial revolution a Smart City project should have Smart governance, smart health care, smart building, smart transportation, smart mobility, smart energy, smart technology and smart citizen. Considering the Indian scenario of current state of cities in India, it has become very essential to decide the specific parameters which would govern the development of a Smart City project. It has been observed that there are significant parameters beyond Information and Communication Technology (ICT), which govern the development of a Smart City project. This paper is an attempt to identify the Critical Success Factors (CSF) which are significantly responsible for the development of a Smart City project in Western India. Responses to questionnaire survey were analyzed on basis of Likert scale. They were further critically evaluated with help of Factor Comparison Method (FCM) and Analytical Hierarchy Process (AHP). The project authorities need to incorporate Building Information Modeling (BIM) to make the smart city project more collaborative. To make the project more sustainable, use of flyash in the concrete used, reduced usage of cement and steel, use of alternate fuels like biodiesel is recommended.

Keywords: analytical hierarchical process, building information modeling, critical success factors, factor comparison method

Procedia PDF Downloads 229

Authors: Shokoufeh Monjezi Kouchak

Abstract:

Cognitive radio network (CRN) is future network .Without this network wireless devices can’t work appropriately in the next decades. Today, wireless devices use static spectrum access methods and these methods don’t use spectrums optimum so we need use dynamic spectrum access methods to solve shortage spectrum challenge and CR is a great device for DSA but first of all its challenges should be solved .security is one of these challenges .In this paper we provided a survey about CR security. You can see this survey in tables 1 to 7 .After that we proposed a multi criteria authentication method in CRN. Our criteria in this method are: sensing results, following sending data rules, position of secondary users and no talk zone. Finally we compared our method with other authentication methods.

Keywords: authentication, cognitive radio, security, radio networks

Procedia PDF Downloads 360