Blockchain Cybersecurity, Trust and Privacy (eBook)
VI, 290 Seiten
Springer International Publishing (Verlag)
978-3-030-38181-3 (ISBN)
?This book provides the reader with the most up-to-date knowledge of blockchain in mainstream areas of security, trust, and privacy in the decentralized domain, which is timely and essential (this is due to the fact that the distributed and P2P applications is increasing day-by-day, and the attackers adopt new mechanisms to threaten the security and privacy of the users in those environments). This book also provides the technical information regarding blockchain-oriented software, applications, and tools required for the researcher and developer experts in both computing and software engineering to provide solutions and automated systems against current security, trust and privacy issues in the cyberspace.
Cybersecurity, trust and privacy (CTP) are pressing needs for governments, businesses, and individuals, receiving the utmost priority for enforcement and improvement in almost any societies around the globe. Rapid advances, on the other hand, are being made in emerging blockchain technology with broadly diverse applications that promise to better meet business and individual needs. Blockchain as a promising infrastructural technology seems to have the potential to be leveraged in different aspects of cybersecurity promoting decentralized cyberinfrastructure. Blockchain characteristics such as decentralization, verifiability and immutability may revolve current cybersecurity mechanisms for ensuring the authenticity, reliability, and integrity of data.
Almost any article on the blockchain points out that the cybersecurity (and its derivatives) could be revitalized if it is supported by blockchain technology. Yet, little is known about factors related to decisions to adopt this technology, and how it can systemically be put into use to remedy current CTP's issues in the digital world. Topics of interest for this book include but not limited to:
- Blockchain-based authentication, authorization and accounting mechanisms
- Applications of blockchain technologies in digital forensic and threat hunting
- Blockchain-based threat intelligence and threat analytics techniques
- Formal specification of smart contracts
- Automated tools for outsmarting smart contracts
- Security and privacy aspects of blockchain technologies
- Vulnerabilities of smart contracts
- Blockchain for securing cyber infrastructure and internet of things networks
- Blockchain-based cybersecurity education systems
This book provides information for security and privacy experts in all the areas of blockchain, cryptocurrency, cybersecurity, forensics, smart contracts, computer systems, computer networks, software engineering, applied artificial intelligence for computer security experts, big data analysts, and decentralized systems. Researchers, scientists and advanced level students working in computer systems, computer networks, artificial intelligence, big data will find this book useful as well.
Reza M. Parizi is the director of Decentralized Science Lab (dSL) at Kennesaw State University, GA, USA. He is a consummate technologist and security researcher with an entrepreneurial spirit. He is a senior member of the IEEE, a member of the IEEE Blockchain Community, and ACM. Prior to joining KSU, he was a faculty at the New York Institute of Technology. He received a Ph.D. in Software Engineering in 2012 and M.Sc. and B.Sc. degrees in Software Engineering and Computer Science respectively in 2008 and 2005. His research interests are R&D in blockchain, smart contracts, federated learning, and emerging issues in the practice of secure AI-run world applications.
Contents 6
Blockchain in Cybersecurity Realm: An Overview 8
1 Introduction 9
2 Book Outline 9
References 10
Capability-Based Non-fungible Tokens Approach for a Decentralized AAA Framework in IoT 13
1 Introduction 13
2 Authentication, Authorization and Accounting 14
3 Blockchain Concepts 16
3.1 Ethereum Blockchain and Smart Contracts 16
3.2 Tokenization in Blockchain 17
4 Access Control Models 17
4.1 Access Models Suitability 18
4.2 Centralized vs. Decentralized Access Control 19
5 Proposed Architecture and Protocol Stack 20
5.1 Foundation Layer 21
5.2 Identity Management Layer 21
5.3 Authentication Layer 22
5.4 Authorization Layer 23
5.5 Accounting Layer 24
6 Details of Smart Contract Implementation 24
6.1 Registrar Smart Contract 25
6.2 Access Control Smart Contract 25
6.3 Non-fungible Capability Token Structure 26
6.4 Authorization Process 27
6.5 Delegation Process 28
6.6 Placement of Policy Management Functions 29
6.7 PEP Process Steps 30
6.8 Accounting Smart Contract 32
7 Test Bed and Performance Evaluation 32
7.1 Timeout Ratio 33
7.2 End-to-End Access Time 34
7.3 Overhead 35
8 Conclusion 35
References 36
IoT Security, Privacy and Trust in Home-Sharing Economy via Blockchain 38
1 Introduction 38
2 Threat Model and Motivation 40
2.1 Threat Model 40
2.2 Motivation 41
2.2.1 Protection of Trust 41
2.2.2 Protection of Privacy 41
2.2.3 Protection of IoT Device Security 42
3 Background 42
3.1 Blockchain 43
3.1.1 Smart Contract 43
3.2 PUFs 43
3.2.1 Weak PUFs 44
4 System Requirements and Smart Contract Implementation 44
4.1 Approach 44
4.2 Implementation of Smart Contract 45
4.2.1 Device Registration 45
4.2.2 Ownership Verification 46
4.2.3 Device Authentication 46
4.2.4 Ownership Transfer 47
4.2.5 Tenancy Transfer 47
4.2.6 Poll Tenancy 47
5 Proposed Methodology 48
5.1 Enrollment of IoT Device by the Manufacturer 48
5.2 Transferring the Ownership 48
5.2.1 Key Generation Module 49
5.2.2 Encryption Module 50
5.2.3 Decryption Module 50
5.3 Transferring Tenancy to a Tenant 51
5.4 Establishing a Shared Encryption Key 51
5.5 Encrypting IoT Data with the Shared Encryption Key 52
5.6 Change of Encryption Key After Tenancy Period 52
6 Hardware Collateral for Smart Contract 52
7 Protocol Demonstration and Discussion 53
8 Conclusion 54
References 54
Scrybe: A Second-Generation Blockchain Technology with Lightweight Mining for Secure Provenance and Related Applications 56
1 Introduction 57
2 Related Literature 57
2.1 Secure Provenance 58
2.2 Blockchain-Based Data Provenance 58
3 Scrybe: A Blockchain-Based Provenance System 58
3.1 Blocks 59
3.2 Transactions 60
3.3 Lightweight Mining 60
3.4 Servers 62
4 Use Cases 62
4.1 Academic Integrity 62
4.2 Digital Forensics 64
4.3 Secure Logging 66
5 Security Verification 67
5.1 Data Integrity 67
5.2 Non-repudiation 67
5.3 Availability 68
5.4 Communications Sequential Process (CSP) Modeling 68
5.5 Resistance to Insider DoS Attacks 69
6 Conclusion 70
References 71
Blockchain for Efficient Public Key Infrastructure and Fault-Tolerant Distributed Consensus 73
1 Introduction 73
1.1 Overview of Blockchain for Efficient Public Key Infrastructure 74
1.2 Preview of Blockchain for Fault-Tolerant Distributed Consensus 75
2 Background and Related Studies 75
2.1 Smart Contract and PKI 75
2.2 Related Studies of Blockchain-Based PKI 76
2.3 Tendermint 78
3 Proposed Methodology for Blockchain-Based PKI 79
3.1 Model 79
3.2 Implementation 80
3.3 Features 80
4 Performance Evaluation and Analysis of Blockchain-Based PKI 81
4.1 Experimental Settings 81
4.1.1 Implementation and Resources 82
4.1.2 Experimental Settings 83
4.1.3 Metrics 83
4.1.4 PKI Models 83
4.2 Results 84
4.3 Security Analysis 84
5 Randition: Blockchain-Based Fault-Tolerant Distributed Consensus with Random Sharding: Goals, Hypothesis, and Assumptions 85
6 Randition: Overview 87
6.1 Cryptographic Sortition 87
6.2 Partition Transfer 89
6.3 Tendermint 90
7 Randition: Adapted Cryptographic Sortition and Adapted Shard Formation 91
7.1 Adapted Cryptographic Sortition 91
7.2 Adapted Shard Formation 93
8 Randition: Implementation and Results 95
8.1 Implementation 95
8.2 Results 95
8.3 Discussion 97
9 Conclusion 98
10 Future Research Directions 99
References 100
Secure Blockchain-Based Traffic Load Balancing Using Edge Computing and Reinforcement Learning 102
1 Introduction 103
2 Related Work 104
2.1 Literature Review 104
2.2 Similar Systems 106
3 Proposed System 108
3.1 System Architecture 108
3.2 Vehicle Detection 109
3.3 Data Transmission over Kura 110
3.4 Docker Swarm Model Deployment 113
3.5 Observation System 114
3.6 Reinforcement Learning Prediction and Decision Model 115
3.6.1 Data Collection 116
3.6.2 Model Training 116
3.6.3 Model Operation 117
3.7 Blockchain Ledger Operations 118
3.7.1 Blockchain Information 118
3.7.2 Instantiating the Network 119
3.7.3 Instantiating the Transaction 119
4 Evaluation and Results 120
4.1 Use Cases 120
4.1.1 Technology Parkway SE, KSU Marietta Campus 121
4.1.2 I-75/I-85 Merging Point, Downtown Atlanta 123
4.2 Experimental Setup 123
4.2.1 Dataset 123
4.2.2 Experimental Environment 126
4.3 Results and Analysis 126
5 Conclusion 129
References 129
Blockchain Applications in Power Systems: A Bibliometric Analysis 132
1 Introduction 132
2 Methodology 135
3 Findings 136
3.1 Productivity 138
3.2 Research Areas 138
3.3 Institutions 140
3.4 Authors 140
3.5 Publishers 142
3.6 Highly-Cited Articles 143
3.7 Keywords Frequency 144
4 Conclusions 145
References 146
A Systematic Literature Review of Integration of Blockchain and Artificial Intelligence 149
1 Introduction 150
1.1 Research Goals 151
2 Research Methodology 152
2.1 Selection of Primary Studies 152
2.2 Data Analysis 153
3 Findings 154
4 Discussion 154
4.1 RQ1: What Are the Latest Studies on the Integration of Blockchain and AI? 157
4.2 RQ2: What Are the AI Use Cases in Blockchain? 157
4.3 RQ3: What Applications Can Benefit from the Integration of AI and Blockchain? 158
5 Conclusion and Future Work 159
References 160
Primary Studies 161
The Future of Blockchain Technology in Healthcare Internet of Things Security 163
1 Introduction 164
2 Security Requirements for Healthcare IoT 165
2.1 IoT Security Challenges 165
2.2 Known IoT Breaches of Security 166
2.3 Common IoT Security Solutions 167
3 Healthcare IoT Security 169
3.1 Healthcare IoT Architecture 169
3.2 Adversary Attack Models 170
3.2.1 Eavesdropping on Wireless Medical Data 170
3.2.2 Active Attack 170
3.3 Security Requirements for Healthcare IoT 171
3.3.1 Strong User Authentication 171
3.3.2 Mutual Authentication 171
3.3.3 Confidentiality 171
3.3.4 Session Key Establishment 171
3.3.5 Low Communication and Computational Cost 172
3.3.6 Data Freshness 172
3.3.7 Secure Against Popular Attacks 172
3.3.8 User-Friendliness 172
4 Blockchain Overview 172
4.1 Block 172
4.2 Digital Signature 174
4.3 Key Characteristics of Blockchain 174
5 Healthcare IoT Security Preserving Models Using Blockchain 175
5.1 Healthcare Blockchain System Using Smart Contracts for Patient Monitoring 175
5.1.1 System Overview 175
5.1.2 Security Analysis 177
5.2 Privacy-Preserving Blockchain Based IoT Ecosystem 178
5.2.1 System Model 178
5.2.2 Security Analysis 179
5.3 A Decentralized Privacy-Preserving Healthcare Blockchain for IoT 180
5.3.1 System Overview 180
5.3.2 Security 182
5.3.3 Limitations 183
6 Conclusion 184
References 184
Secure Healthcare Framework Using Blockchain and Public Key Cryptography 187
1 Introduction 187
2 Related Work 188
3 Public Key Cryptography 190
4 Proposed Framework for Secure Healthcare 191
4.1 Smart Contract Algorithm for Healthcare Framework 192
4.2 Secure Data Sharing Between Multi-Participants 194
4.3 Healthcare Ecosystem Using Blockchain 195
4.3.1 Healthcare Provider Organization 195
4.3.2 Uniquely Identified Transaction 196
4.3.3 Healthcare Based Query to the Blockchain 196
4.3.4 Patient Can Share Their Identity to Health Organization 197
5 Performance and Security Analysis 197
5.1 Experimental Analysis of Symmetric and Asymmetric Cryptography Techniques 197
5.2 Security Analysis Through Blockchain over Non-blockchain System 198
5.2.1 Denial of Service (DoS) Attacks 198
5.2.2 Sybil Attacks 199
5.2.3 Eclipse Attacks 199
5.3 Implementation of Healthcare Framework Using Permissioned Blockchain 199
5.3.1 List of Doctor 200
5.3.2 List of Patient 200
5.3.3 Shared Information by Patient in Healthcare Framework 200
5.3.4 Types of Transaction in Healthcare Framework 201
5.3.5 History of Transactions in Healthcare Framework 202
6 Conclusion 202
References 203
Public Blockchains Scalability: An Examination of Sharding and Segregated Witness 205
1 Introduction 206
2 Background 209
2.1 Sharding 209
2.2 Segregated Witness 210
3 Research Methodology 211
3.1 Research Protocol 212
3.2 Research Questions (RQs) 212
3.3 Search Strategy 212
3.4 Preliminary Set of Works 214
4 Results 215
4.1 What Are the Design Choices Available for Sharding and Segregated Witness? 216
4.1.1 Sharding Design Choices 216
4.1.2 Segregated Witness (SegWit) 219
4.2 What Are the Limitations of Sharding and Segregated Witness? 222
4.2.1 Sharding Limitations 222
4.2.2 Segregated Witness Limitations 226
4.3 What Is the Major Hindrance in Implementing Sharding and Segregated Witness? 226
5 Open Issues and Future Directions 227
5.1 Data Validation in Sharding 227
5.2 A Threat of Hard Forks 229
6 Conclusions 230
References 231
Immutable and Secure IP Address Protection Using Blockchain 235
1 Introduction 236
1.1 Sender Reputation 237
2 Related Work 238
3 Proposed Solution 238
3.1 Blockchain's Protection from Identity Theft and Fraud 239
3.1.1 Masternodes Can Be Used to Verify User Identity 239
3.1.2 Use of Digital IDs 240
4 Implementation 240
5 Experimental Evidence and Analysis 243
6 Conclusion 244
References 246
On the Application of Financial Security Standards in Blockchain Platforms 249
1 Introduction 249
2 Smart Contracts, Blockchain Transaction Models and the Payment Application Data Security Standard 251
2.1 Smart Contract Anatomy 251
2.2 Blockchain Transaction Models 252
2.3 The PA-DSS Standard 254
3 Security Issues in Blockchain 255
3.1 User Security 256
3.2 Transaction Security 257
3.3 Software Assurance of Contracts 259
3.4 Limitations of Current Blockchain Platforms 260
4 Adapting the PA-DSS Standard to Blockchain Systems 261
5 Case Study: Applying the Revised Standards to QTUM and Ethereum 265
6 Conclusion and Future Work 267
References 268
Blockchain-Based Certification for Education, Employment, and Skill with Incentive Mechanism 270
1 Introduction 271
2 Related Work 274
3 E2C-Chain Overview 276
4 VCG Incentive Mechanism 278
4.1 Desirable Properties 279
4.2 Optimal Social Cost Solution 280
4.3 Proof of Designed Properties 281
5 Experiments Results 283
5.1 Incentive Mechanism 283
5.2 Implementation and Evaluation of E2C-Chain 288
6 Conclusion 289
References 289
| Erscheint lt. Verlag | 2.3.2020 |
|---|---|
| Reihe/Serie | Advances in Information Security | Advances in Information Security |
| Zusatzinfo | VI, 290 p. 111 illus., 93 illus. in color. |
| Sprache | englisch |
| Themenwelt | Informatik ► Theorie / Studium ► Künstliche Intelligenz / Robotik |
| Mathematik / Informatik ► Informatik ► Web / Internet | |
| Schlagworte | Artificial Intelligence • Big Data • blockchain protocol • blockchian • Cryptocurrency • cryptography • cybersecurity • Cyber Space • decentralisation • FinTech • Industry 4.0 • internet of things • IOT • machine learning • Network Security • peer-to-peer networks • privacy • Smart Contract • Smart Grids • Trust |
| ISBN-10 | 3-030-38181-1 / 3030381811 |
| ISBN-13 | 978-3-030-38181-3 / 9783030381813 |
| Haben Sie eine Frage zum Produkt? |
PDF (Wasserzeichen)Größe: 8,2 MB
DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasserzeichen und ist damit für Sie personalisiert. Bei einer missbräuchlichen Weitergabe des eBooks an Dritte ist eine Rückverfolgung an die Quelle möglich.
Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.
Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.
Zusätzliches Feature: Online Lesen
Dieses eBook können Sie zusätzlich zum Download auch online im Webbrowser lesen.
Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.
aus dem Bereich
