Blockchain-Enabled Technology for IoT Security, Privacy and Trust

A special issue of Symmetry (ISSN 2073-8994). This special issue belongs to the section "Computer".

Deadline for manuscript submissions: closed (3 April 2023) | Viewed by 23393

Special Issue Editors


E-Mail Website
Guest Editor
Department of Information Management, National Taiwan University of Science and Technology, 43 Keelung Rd., Sect. 4, Taipei 106, Taiwan
Interests: IoT/IoV security; blockchain security; cloud security; network security; trusted computing
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleague,

The Internet-of-Things (IoT) is an emerging paradigm seamlessly integrating a great quantity of smart objects connected to the Internet. With the rise in interest around the IoT, further attention must be devoted by the research community and industry to overcoming related trust, security and privacy challenges, to unleash the full potential of IoT. The industry has introduced a variety of technologies for IoT security, privacy, and trust such as trust management, data confidentiality, authentication and authorization, secure communication and computation, and individual privacy protection. Recently, blockchain technology is perceived as a promising solution for managing distributed IoT devices because it has the characteristics of decentralization, openness and tamper-resistance. Although numerous studies have addressed various applications of blockchain technology in the IoT, there are neither consensus regarding their integration nor agreed-upon best practices exist for applying blockchain technology in the IoT with robust security and privacy. As things stand, employing blockchain technologies in the IoT is still particularly challenging.

Symmetry is an extraordinary characteristic which has widely been deployed in diverse research fields of computer engineering. This special issue invites original research that investigates blockchain-enabled technologies involving the concept of Symmetry for IoT security, privacy and trust. Potential topics include, but are not limited to, the following:

  • Accountability for blockchain technology in the IoT
  • Anonymity for blockchain technology in the IoT
  • Blockchain-based applications for IoT security and privacy
  • Blockchain-based authentication and authorization for the IoT
  • Blockchain-based reputation systems for the IoT
  • Distributed consensus of blockchain technology for IoT management
  • Fraud detection and forensics for blockchain technology in the IoT
  • New cryptographic algorithms for blockchain technology in the IoT
  • Proof-of-work for blockchain technology in the IoT
  • Smart contracts for the IoT
  • Trust management for blockchain technology in the IoT

Prof. Dr. Kuo-Hui Yeh
Prof. Dr. Chunhua Su
Prof. Dr. Shi-Cho Cha
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Symmetry is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Published Papers (6 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Editorial

Jump to: Research

3 pages, 159 KiB  
Editorial
Special Issue Editorial “Blockchain-Enabled Technology for IoT Security, Privacy and Trust”
by Kuo-Hui Yeh, Chunhua Su and Shi-Cho Cha
Symmetry 2023, 15(5), 1059; https://doi.org/10.3390/sym15051059 - 10 May 2023
Viewed by 1049
Abstract
The Internet of Things (IoT) is an emerging paradigm, seamlessly integrating a great quantity of smart objects that are connected to the Internet [...] Full article
(This article belongs to the Special Issue Blockchain-Enabled Technology for IoT Security, Privacy and Trust)

Research

Jump to: Editorial

20 pages, 1454 KiB  
Article
Building Trusted Federated Learning on Blockchain
by Yustus Eko Oktian, Brian Stanley and Sang-Gon Lee
Symmetry 2022, 14(7), 1407; https://doi.org/10.3390/sym14071407 - 8 Jul 2022
Cited by 5 | Viewed by 2380
Abstract
Federated learning enables multiple users to collaboratively train a global model using the users’ private data on users’ local machines. This way, users are not required to share their training data with other parties, maintaining user privacy; however, the vanilla federated learning proposal [...] Read more.
Federated learning enables multiple users to collaboratively train a global model using the users’ private data on users’ local machines. This way, users are not required to share their training data with other parties, maintaining user privacy; however, the vanilla federated learning proposal is mainly assumed to be run in a trusted environment, while the actual implementation of federated learning is expected to be performed in untrusted domains. This paper aims to use blockchain as a trusted federated learning platform to realize the missing “running on untrusted domain” requirement. First, we investigate vanilla federate learning issues such as client’s low motivation, client dropouts, model poisoning, model stealing, and unauthorized access. From those issues, we design building block solutions such as incentive mechanism, reputation system, peer-reviewed model, commitment hash, and model encryption. We then construct the full-fledged blockchain-based federated learning protocol, including client registration, training, aggregation, and reward distribution. Our evaluations show that the proposed solutions made federated learning more reliable. Moreover, the proposed system can motivate participants to be honest and perform best-effort training to obtain higher rewards while punishing malicious behaviors. Hence, running federated learning in an untrusted environment becomes possible. Full article
(This article belongs to the Special Issue Blockchain-Enabled Technology for IoT Security, Privacy and Trust)
Show Figures

Figure 1

41 pages, 3920 KiB  
Article
Toward Data Integrity Architecture for Cloud-Based AI Systems
by Elizabeth Nathania Witanto, Yustus Eko Oktian and Sang-Gon Lee
Symmetry 2022, 14(2), 273; https://doi.org/10.3390/sym14020273 - 29 Jan 2022
Cited by 9 | Viewed by 3901
Abstract
AI has been implemented in many sectors such as security, health, finance, national defense, etc. However, together with AI’s groundbreaking improvement, some people exploit AI to do harmful things. In parallel, there is rapid development in cloud computing technology, introducing a cloud-based AI [...] Read more.
AI has been implemented in many sectors such as security, health, finance, national defense, etc. However, together with AI’s groundbreaking improvement, some people exploit AI to do harmful things. In parallel, there is rapid development in cloud computing technology, introducing a cloud-based AI system. Unfortunately, the vulnerabilities in cloud computing will also affect the security of AI services. We observe that compromising the training data integrity means compromising the results in the AI system itself. From this background, we argue that it is essential to keep the data integrity in AI systems. To achieve our goal, we build a data integrity architecture by following the National Institute of Standards and Technology (NIST) cybersecurity framework guidance. We also utilize blockchain technology and smart contracts as a suitable solution to overcome the integrity issue because of its shared and decentralized ledger. Smart contracts are used to automate policy enforcement, keep track of data integrity, and prevent data forgery. First, we analyze the possible vulnerabilities and attacks in AI and cloud environments. Then we draw out our architecture requirements. The final result is that we present five modules in our proposed architecture that fulfilled NIST framework guidance to ensure continuous data integrity provisioning towards secure AI environments. Full article
(This article belongs to the Special Issue Blockchain-Enabled Technology for IoT Security, Privacy and Trust)
Show Figures

Figure 1

20 pages, 1117 KiB  
Article
Trusting Testcases Using Blockchain-Based Repository Approach
by Abdulla Al Zaabi, Chan Yeob Yeun and Ernesto Damiani
Symmetry 2021, 13(11), 2024; https://doi.org/10.3390/sym13112024 - 26 Oct 2021
Cited by 4 | Viewed by 2405
Abstract
Modern vehicles have evolved to support connected and self-driving capabilities. The concepts such as connected driving, cooperative driving, and intelligent transportation systems have resulted in an increase in the connectivity of vehicles and subsequently created new information security risks. The original vehicular ad-hoc [...] Read more.
Modern vehicles have evolved to support connected and self-driving capabilities. The concepts such as connected driving, cooperative driving, and intelligent transportation systems have resulted in an increase in the connectivity of vehicles and subsequently created new information security risks. The original vehicular ad-hoc network term is now emerged to a new term, Internet of Vehicles (IoV), which is a typical application of symmetry of Internet of Things (IoT). Vehicle manufacturers address some critical issues such as software bugs or security issues through remote updates, and this gives rise to concerns regarding the security of updated components. Moreover, aftermarket units such as those imposed by transportation authorities or insurance companies expose vehicles to high risk. Software testing aims to ensure that software products are reliable and behave as expected. Many commercial and open-source software products undergo formal certifications to increase users’ confidence in their accuracy, reliability, and security. There are different techniques for software certification, including test-based certification. Testcase repositories are available to support software testing and certification, such as the Linux Test Project for Linux kernel testing. Previous studies performed various testing and experimental evaluation of different parts of modern vehicles to assess the security risks. Due to the lack of trusted testcase repositories and a common approach for testing, testing efforts are performed individually. In this paper, we propose a blockchain-based approach for a testcase repository to support test-based software and security testing and overcome the lack of trusted testcase repositories. The novel concept Proof-of-Validation to manage global state is proposed to manage updates to the repository. The initial work in this study considers the LTP test suite as a use case for the testcase repository. This research work is expected to contribute to the further development in including evidence generation for testing verification. Full article
(This article belongs to the Special Issue Blockchain-Enabled Technology for IoT Security, Privacy and Trust)
Show Figures

Figure 1

9 pages, 237 KiB  
Communication
Revisited—The Subliminal Channel in Blockchain and Its Application to IoT Security
by Tzung-Her Chen, Wei-Bin Lee, Hsing-Bai Chen and Chien-Lung Wang
Symmetry 2021, 13(5), 855; https://doi.org/10.3390/sym13050855 - 11 May 2021
Cited by 4 | Viewed by 1823
Abstract
Although digital signature has been a fundamental technology for cryptosystems, it still draws considerable attention from both academia and industry due to the recent raising interest in blockchains. This article revisits the subliminal channel existing digital signature and reviews its abuse risk of [...] Read more.
Although digital signature has been a fundamental technology for cryptosystems, it still draws considerable attention from both academia and industry due to the recent raising interest in blockchains. This article revisits the subliminal channel existing digital signature and reviews its abuse risk of the constructor’s private key. From a different perspective on the subliminal channel, we find the new concept named the chamber of secrets in blockchains. The found concept, whereby the secret is hidden and later recovered by the constructor from the common transactions in a blockchain, highlights a new way to encourage implementing various applications to benefit efficiency and security. Thus, the proposed scheme benefits from the following advantages: (1) avoiding the high maintenance cost of certificate chain of certificate authority, or public key infrastructure, and (2) seamlessly integrating with blockchains using the property of chamber of secrets. In order to easily understand the superiority of this new concept, a remote authentication scenario is taken as a paradigm of IoT to demonstrate that the further advantages are achieved: (1) avoiding high demand for storage space in IoT devices, and (2) avoiding maintaining a sensitive table in IoT server. Full article
(This article belongs to the Special Issue Blockchain-Enabled Technology for IoT Security, Privacy and Trust)
25 pages, 1176 KiB  
Article
Threat Defense: Cyber Deception Approach and Education for Resilience in Hybrid Threats Model
by William Steingartner, Darko Galinec and Andrija Kozina
Symmetry 2021, 13(4), 597; https://doi.org/10.3390/sym13040597 - 3 Apr 2021
Cited by 34 | Viewed by 9737
Abstract
This paper aims to explore the cyber-deception-based approach and to design a novel conceptual model of hybrid threats that includes deception methods. Security programs primarily focus on prevention-based strategies aimed at stopping attackers from getting into the network. These programs attempt to use [...] Read more.
This paper aims to explore the cyber-deception-based approach and to design a novel conceptual model of hybrid threats that includes deception methods. Security programs primarily focus on prevention-based strategies aimed at stopping attackers from getting into the network. These programs attempt to use hardened perimeters and endpoint defenses by recognizing and blocking malicious activities to detect and stop attackers before they can get in. Most organizations implement such a strategy by fortifying their networks with defense-in-depth through layered prevention controls. Detection controls are usually placed to augment prevention at the perimeter, and not as consistently deployed for in-network threat detection. This architecture leaves detection gaps that are difficult to fill with existing security controls not specifically designed for that role. Rather than using prevention alone, a strategy that attackers have consistently succeeded against, defenders are adopting a more balanced strategy that includes detection and response. Most organizations deploy an intrusion detection system (IDS) or next-generation firewall that picks up known attacks or attempts to pattern match for identification. Other detection tools use monitoring, traffic, or behavioral analysis. These reactive defenses are designed to detect once they are attacked yet often fail. They also have some limitations because they are not designed to catch credential harvesting or attacks based on what appears as authorized access. They are also often seen as complex and prone to false positives, adding to analyst alert fatigue. The security industry has focused recent innovation on finding more accurate ways to recognize malicious activity with technologies such as user and entity behavioral analytics (UEBA), big data, artificial intelligence (AI), and deception. Full article
(This article belongs to the Special Issue Blockchain-Enabled Technology for IoT Security, Privacy and Trust)
Show Figures

Figure 1

Back to TopTop