• Title/Summary/Keyword: decentralized access management

Search Result 13, Processing Time 0.018 seconds

Concurrency Conflicts Resolution for IoT Using Blockchain Technology

  • Morgan, Amr;Tammam, Ashraf;Wahdan, Abdel-Moneim
    • International Journal of Computer Science & Network Security
    • /
    • v.21 no.7
    • /
    • pp.331-340
    • /
    • 2021
  • The Internet of Things (IoT) is a rapidly growing physical network that depends on objects, vehicles, sensors, and smart devices. IoT has recently become an important research topic as it autonomously acquires, integrates, communicates, and shares data directly across each other. The centralized architecture of IoT makes it complex to concurrently access control them and presents a new set of technological limitations when trying to manage them globally. This paper proposes a new decentralized access control architecture to manage IoT devices using blockchain, that proposes a solution to concurrency management problems and enhances resource locking to reduce the transaction conflict and avoids deadlock problems. In addition, the proposed algorithm improves performance using a fully distributed access control system for IoT based on blockchain technology. Finally, a performance comparison is provided between the proposed solution and the existing access management solutions in IoT. Deadlock detection is evaluated with the latency of requesting in order to examine various configurations of our solution for increasing scalability. The main goal of the proposed solution is concurrency problem avoidance in decentralized access control management for IoT devices.

Analysis of a Decentralized Mobility Management Support for u-City Wireless Network Infrastructure

  • Caytiles, Ronnie D.;Park, Byungjoo
    • Journal of Advanced Information Technology and Convergence
    • /
    • v.10 no.2
    • /
    • pp.73-81
    • /
    • 2020
  • The number of mobile devices roaming into a ubiquitous city (u-city) continues to rise as wireless systems have been widely deployed. The number of mobile devices also varies with time, and they tend to frequently change their locations. In addition, the available wireless access networks may belong to different domains, administrations, management, and internet service providers (ISPs). A fusion of overlapping heterogeneous wireless access networks (e.g., WiMax, Wi-Fi, LTE, etc.) serves the u-city in order to reach different coverage. In this context, technical challenges arise in mobility management for heterogeneous networks to realize their potential coverage and capacity benefits. This paper deals with the analysis of a decentralized mobility management support for u-City wireless network infrastructure. This scheme takes advantage of the features of the fully-distributed model of networked-based mobility management protocol to alleviate and realize the ubiquitous requirements of a u-City.

Privacy-Preserving Cloud Data Security: Integrating the Novel Opacus Encryption and Blockchain Key Management

  • S. Poorani;R. Anitha
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.17 no.11
    • /
    • pp.3182-3203
    • /
    • 2023
  • With the growing adoption of cloud-based technologies, maintaining the privacy and security of cloud data has become a pressing issue. Privacy-preserving encryption schemes are a promising approach for achieving cloud data security, but they require careful design and implementation to be effective. The integrated approach to cloud data security that we suggest in this work uses CogniGate: the orchestrated permissions protocol, index trees, blockchain key management, and unique Opacus encryption. Opacus encryption is a novel homomorphic encryption scheme that enables computation on encrypted data, making it a powerful tool for cloud data security. CogniGate Protocol enables more flexibility and control over access to cloud data by allowing for fine-grained limitations on access depending on user parameters. Index trees provide an efficient data structure for storing and retrieving encrypted data, while blockchain key management ensures the secure and decentralized storage of encryption keys. Performance evaluation focuses on key aspects, including computation cost for the data owner, computation cost for data sharers, the average time cost of index construction, query consumption for data providers, and time cost in key generation. The results highlight that the integrated approach safeguards cloud data while preserving privacy, maintaining usability, and demonstrating high performance. In addition, we explore the role of differential privacy in our integrated approach, showing how it can be used to further enhance privacy protection without compromising performance. We also discuss the key management challenges associated with our approach and propose a novel blockchain-based key management system that leverages smart contracts and consensus mechanisms to ensure the secure and decentralized storage of encryption keys.

Research on User-Centric Inter-Organizational Collaboration (UCICOIn) framework (사용자 제어 기반 다중 도메인 접근 제어에 대한 연구)

  • Sunghyuck Hong
    • Journal of Industrial Convergence
    • /
    • v.21 no.12
    • /
    • pp.37-43
    • /
    • 2023
  • In today's business landscape, collaboration and interoperability are crucial for organizational success and profitability. However, integrating operations across multiple organizations is challenging due to differing roles and policies in Identity and Access Management (IAM). User-centric identity (UCI) adopts a personalized approach to digital identity management, centering on the end-user for authentication and access control. It provides a decentralized system that ensures secure and customized access for each user. UCI aims to address complex security challenges by aligning access privileges with individual user requirements. This research delves into UCI's ability to streamline resource access amidst conflicting IAM roles and protocols across various organizations. The study presents a UCI-based multi-domain access control (MDAC) framework, which encompasses an ontology, a unified method for articulating access roles and policies across domains, and software services melding with UCI infrastructure. The goal is to enhance organizational resource management and decision-making by offering clear guidelines on access roles and policy management across diverse domains, ultimately boosting companies' return on investment.

Internet of Drone: Identity Management using Hyperledger Fabric Platforms

  • Etienne, Igugu Tshisekedi;Kang, Sung-Won;Rhee, Kyung-hyune
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2022.05a
    • /
    • pp.204-207
    • /
    • 2022
  • The uses of drones are increasing despite the fact that many of us are still skeptical. In the near future, the data that will be created and used by them will be very voluminous, hence the need to find an architecture that allows good identity management and access control in a decentralized way while guaranteeing security and privacy. In this article, we propose an architecture using hyperledger fabric blockchain platform which will manage the identity in a secure way starting with the registration of the drones on the network then an access control thanks to Public Key Infrastructure (PKI) and membership service provider (MSP) to enable decision-making within the system.

Master Integrity Principle for Effective Management of Role Hierarchy (효과적인 역할계층 관리를 위한 기본 무결성 규칙)

  • Oh Se-Jong
    • The KIPS Transactions:PartC
    • /
    • v.12C no.7 s.103
    • /
    • pp.981-988
    • /
    • 2005
  • Administrative Role-Based Access Control(ARBAC) is a typical model for decentralized authority management by plural security administrators. They have their work range on the role hierarchy. A problem is that legal modification of role hierarch may induce unexpected side effect. Role-Role Assignment 97(RRA97) model introduced some complex integrity principles to prevent the unexpected side effect based on geometric approach. We introduce simple and new one integrity principle based on simple set theory. It is simple and intuitive. It can substitute for all integrity principles of RRA97 model.

An Air-Interface for Ad Hoc Networks Supporting High Mobility

  • Lott, Matthias;Ebner, Andre;Meincke, Michael;Halfmann, Rudiger;Wischhof, Lars;Schulz, Egon;Rohling,
    • Journal of Communications and Networks
    • /
    • v.6 no.4
    • /
    • pp.295-306
    • /
    • 2004
  • In this paper, a novel air-interface is presented for Fleet-Net1, a self-organizing network for inter-vehicle and vehicle-toroadsidecommunication. The air-interface is based upon the lowchip-rate version of UMTS/TDD. To adapt the cellular UMTS standard to an air-interface for ad hoc networks, changes of the physical layer, medium access control sub-layer and radio resource management are required. An overview of the required modifications is given here. Particularly, a decentralized synchronization mechanism is presented and analyzed by means of simulations. Furthermore, changes for the medium access control are explained in detail, which allow for an efficient operation in partly meshed networks and prioritization. Performance results of the overall system considering throughput and delay are derived by means of analytical evaluations and event-driven simulations. Based on realistic mobility models, it is shown that the presented solution provides a robust communication platform even in vehicular environments. The proposed air-interface is a cost-effective solution not only for inter-vehicle communication, but also for ad hoc networking in general, benefiting from the mass-market of UMTS.

An Integrated Management Model of OS-RBAC and Separation Of Duty Policy (OS-RBAC과 임무분리 정책의 통합 관리 모델)

  • Byun, Chang-Woo
    • Journal of the Korea Society of Computer and Information
    • /
    • v.15 no.1
    • /
    • pp.167-175
    • /
    • 2010
  • Like most large organizations, there are business rules such as 'separation of duty' and 'delegation' which should be considered in access control. From a SOD point of view, previous SOD models built on the (Administrative) Role-Based Access Control model cannot present the best solution to security problems such as information integrity by the limited constituent units such as role hierarchy and role inheritance. Thus, we propose a new integrated management model of administration role-based access control model and SOD policy, which is called the OS-SoDAM. The OS-SoDAM defines the authority range in an organizational structure that is separated from role hierarchy and supports a decentralized security officer-level SOD policy in which a local security officer can freely perform SOD policies within a security officer's authority range without the security officer's intervention.

Design of Lab Framework for Effective Blockchain Education (효율적인 블록체인 교육을 위한 실습프레임워크 설계)

  • Kim, Do-Kyu
    • Journal of Industrial Convergence
    • /
    • v.18 no.6
    • /
    • pp.147-154
    • /
    • 2020
  • It is difficult to educate the overall operation of public and private blockchains with different characteristics. Recently, most education for blockchain is targeted at public blockchains such as Bitcoin and Ethereum. However, in an actual business environment, a private blockchain such as HyperLedger Fabric is used because access to corporate data is controlled through user authentication. In the case of HLF-based education, it is necessary to understand various components that are not in the public blockchain, such as peers, orderers, and channels. In this paper, a lab framework for HLF is designed for an efficient and systematic understanding of the functions and operations. The framework consists of HLF network, chaincode, and decentralized software control functions. Through the framework, the network configuration, distribution and activation of chaincode, and dApp execution process were checked step by step, and it was very easy to understand the overall flow for blockchain services. In addition, it is expected that a systematic understanding of the overall flow will be possible even in future network expansion.

A Decentralized Copyright Management Model using Mydata Concept (마이데이터 개념을 활용한 탈중앙화 저작권 관리 모델)

  • Kim, Hyebin;Shin, Weon;Shin, Sang Uk
    • Journal of Korea Multimedia Society
    • /
    • v.23 no.2
    • /
    • pp.262-273
    • /
    • 2020
  • This paper analyzes the existing copyright management and copyright sharing model and discusses the limitations. It then proposes a consortium Blockchain-based copyright management model in which the service platform participates as a node, and discusses how to combine the My Data concept with Blockchain and smart contracts. Also, Blockchain-based CP-ABE is introduced and applied to the proposed model as a way for users to define access policies and store copyright data in encrypted form on the storage of the online service providers (OSP). Compared with the existing copyright management model, the proposed model allows the copyright holder to focus on copyright registration, license content design, and sharing, as the data subject. And it is expected to be able to transparently manage the usage records and the basis for the settlement of the copyrighted data that are shared and used on each platform.