Abstract
Internet of Things (IoTs) framework involves of a wide range of computing devices that rely on cloud storage for various applications. For instance, monitoring, analytics, surveillance and storing data for later processing within other applications. Due to compliance with security standards and trust issues with third-party cloud storage servers, the IoT data has to be encrypted before moving it to cloud server for storage. However, a major concern with uploading encrypted IoT data to cloud is the management of encryption keys and managing access policies to data. There are several techniques that can be used for storing cryptographic keys used for encryption/decryption of data. For instance, the keys can be stored with encrypted data on the cloud, a third-party key storage vault can be used for storing keys or the keys can stay with client so that they could download and decrypt the data by themselves. In case of encryption keys leakage, the data stored on the cloud storage could be compromised. To resolve the challenge of key management and secure access to data in third-party cloud storage, an end-to-end transparent encryption model has been proposed that securely publishes the cryptographic keys in a blockchain ledger. The data is encrypted at edge gateway before it is transmitted to cloud for storage. The user does not require cryptographic keys to access data; a seamless process involves the client proving their identity to a crypto proxy agent built upon zero trust security principles, ensuring continuous verification.
References
Sathesh, A., Smys, D.S.: A survey on internet of things (IoT) based smart systems. J. IoT Soc. Mob. Anal. Cloud 2(4), 181–189 (2020). https://doi.org/10.36548/jismac.2020.4.001
Cisco, Unlocking the potential of the internet of things (2022). https://www.cisco.com/c/en/us/solutions/collateral/executive-perspectives/annual-internet-report/white-paper-c11-741490.pdf
Manyika, J., et al.: Cisco annual internet report (2018–2023), March 2015. https://www.mckinsey.com/capabilities/mckinsey-digital/our-insights/the-internet-of-things-the-value-of-digitizing-the-physical-world
Noura, H., Couturier, R., Pham, C., Chehab, A.: Lightweight stream cipher scheme for resource-constrained IoT devices. In: 2019 International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), pp. 1–8 (2019). https://doi.org/10.1109/WiMOB.2019.8923144.
Garber, L.: Melissa virus creates a new type of threat. Computer 32(06), 16–19 (1999). https://doi.org/10.1109/MC.1999.769438
Riahi Sfar, A., Natalizio, E., Challal, Y., Chtourou, Z.: A roadmap for security challenges in the internet of things. Digital Commun. Netw. 4(2), 118–137 (2018). https://www.sciencedirect.com/science/article/pii/S2352864817300214, https://doi.org/10.1016/j.dcan.2017.04.003
Lassila, O., Hendler, J.: Embracing “web 3.0’’. IEEE Internet Comput. 11(3), 90–93 (2007). https://doi.org/10.1109/MIC.2007.52
Sajjad, A., Abu-Tair, M., Zia, U.: Transparent IoT edge encryption using offline key exchange over public blockchains (2022). https://shorturl.at/hrKN2
Tayeb, S., Latifi, S., Kim, Y.: A survey on IoT communication and computation frameworks: an industrial perspective. In: 2017 IEEE 7th Annual Computing and Communication Workshop and Conference (CCWC), pp. 1–6 (2017). https://doi.org/10.1109/CCWC.2017.7868354
Rose, S., Borchert, O., Mitchell, S., Connelly, S.: Zero trust architecture (2020-08-10 04:08:00 2020). https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=930420, https://doi.org/10.6028/NIST.SP.800-207
Voundi Koe, A.S., Lin, Y.: Offline privacy preserving proxy re-encryption in mobile cloud computing. Pervas. Mob. Comput. 59, 101081 (2019). https://www.sciencedirect.com/science/article/pii/S1574119219301488, https://doi.org/10.1016/j.pmcj.2019.101081
Alsolami, F., Boult, T.E.: Cloudstash: using secret-sharing scheme to secure data, not keys, in multi-clouds. In: 2014 11th International Conference on Information Technology: New Generations, pp. 315–320 (2014). https://doi.org/10.1109/ITNG.2014.119
Hendler, J.: Web 3.0 emerging. Computer 42(01), 111–113 (2009). https://doi.org/10.1109/MC.2009.30
Singh, M., Singh, A., Kim, S.: Blockchain: a game changer for securing IoT data, in: 2018 IEEE 4th World Forum on Internet of Things (WF-IoT), pp. 51–55 (2018). https://doi.org/10.1109/WF-IoT.2018.8355182
Shah, M., Shaikh, M.Z., Mishra, V., Tuscano, G.: Decentralized cloud storage using blockchain. In: 2020 4th International Conference on Trends in Electronics and Informatics (ICOEI), pp. 384–389 (48184) (2020)
Jemel, M., Serhrouchni, A.: Decentralized access control mechanism with temporal dimension based on blockchain. In: 2017 IEEE 14th International Conference on e-Business Engineering (ICEBE), pp. 177–182 (2017). https://doi.org/10.1109/ICEBE.2017.35
Wang, J., Sundaresan, A., Kaza, V.B., Calia, D.: Transparent proxy of encrypted sessions, March 2012. https://image-ppubs.uspto.gov/dirsearch-public/print/downloadPdf/8214635
Zeng, P., Choo, K.-K.R.: A new kind of conditional proxy re-encryption for secure cloud storage. IEEE Access 6, 70017–70024 (2018). https://doi.org/10.1109/ACCESS.2018.2879479
Wang, S., Wang, X., Zhang, Y.: A secure cloud storage framework with access control based on blockchain. IEEE Access 7, 112713–112725 (2019). https://doi.org/10.1109/ACCESS.2019.2929205
Ning, J., Cao, Z., Dong, X., Liang, K., Wei, L., Choo, K.-K.R.: Cryptcloud\(^+\)+: Secure and expressive data access control for cloud storage. IEEE Trans. Serv. Comput. 14(1), 111–124 (2021). https://doi.org/10.1109/TSC.2018.2791538
Xiong, S., Ni, Q., Wang, L., Wang, Q.: Sem-ACSIT: secure and efficient multiauthority access control for IoT cloud storage. IEEE Internet Things J. 7(4), 2914–2927 (2020). https://doi.org/10.1109/JIOT.2020.2963899
Cui, H., Deng, R.H., Lai, J., Yi, X., Nepal, S.: An efficient and expressive ciphertext-policy attribute-based encryption scheme with partially hidden access structures, revisited. Comput. Netw. 133, 157–165 (2018). https://www.sciencedirect.com/science/article/pii/S138912861830046X, https://doi.org/10.1016/j.comnet.2018.01.034
Li, L., Gu, T., Chang, L., Xu, Z., Liu, Y., Qian, J.: A ciphertext-policy attribute-based encryption based on an ordered binary decision diagram. IEEE Access 5, 1137–1145 (2017). https://doi.org/10.1109/ACCESS.2017.2651904
Sukhodolskiy, I., Zapechnikov, S.: A blockchain-based access control system for cloud storage. In: IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus) 2018, pp. 1575–1578 (2018). https://doi.org/10.1109/EIConRus.2018.8317400
Nayak, S.K., Tripathy, S.: Seps: efficient public-key based secure search over outsourced data. J. Inf. Secur. App. 61 102932 (2021). https://doi.org/10.1016/j.jisa.2021.102932, https://www.sciencedirect.com/science/article/pii/S2214212621001514
EdgeXFoundry: Edgex: Open source edge platform, January 2019. https://www.edgexfoundry.org
Nir, Y., Langley, A.: ChaCha20 and Poly1305 for IETF Protocols, RFC 7539, May 2015. https://doi.org/10.17487/RFC7539, https://www.rfc-editor.org/info/rfc7539
B. GmbH. Bigchaindb 2.0 the blockchain database (2018). https://www.bigchaindb.com/whitepaper/bigchaindb-whitepaper.pdf
O.F. Contributors: Node-red (2016). https://nodered.org
PyPi: Pycryptodome (2022). https://pypi.org/project/pycryptodome/
Acknowledgements
This research work was conducted under the BT Ireland Innovation Centre (BTIIC) project and was funded by Invest Northern Ireland and BT.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Abu-Tair, M., Zia, U., Memon, J., Scotney, B., Carracedo, J.M., Sajjad, A. (2024). Transparent Encryption for IoT Using Offline Key Exchange over Public Blockchains. In: Barolli, L. (eds) Advanced Information Networking and Applications. AINA 2024. Lecture Notes on Data Engineering and Communications Technologies, vol 202. Springer, Cham. https://doi.org/10.1007/978-3-031-57916-5_26
Download citation
DOI: https://doi.org/10.1007/978-3-031-57916-5_26
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-57915-8
Online ISBN: 978-3-031-57916-5
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)