Blockchain-based Privacy Preservation for 5G-enabled Drone Communications
11 Blockchain-based Privacy Preservation for5G-enabled Drone Communications
Yulei Wu,
Senior Member, IEEE,
Hong-Ning Dai,
Senior Member, IEEE,
Hao Wang,
Member, IEEE, Kim-KwangRaymond Choo, Senior Member, IEEE
Abstract —5G-enabled drones have potential applications in avariety of both military and civilian settings (e.g., monitoringand tracking of individuals in demonstrations and/or enforc-ing of social / physical distancing during pandemics such asCOVID-19). Such applications generally involve the collectionand dissemination of (massive) data from the drones to remotedata centres for storage and analysis, for example via 5Gnetworks. Consequently, there are security and privacy consid-erations underpinning 5G-enabled drone communications. Weposit the potential of leveraging blockchain to facilitate privacypreservation, and therefore in this article we will review existingblockchain-based solutions after introducing the architecture for5G-enabled drone communications and blockchain. We will alsoreview existing legislation and data privacy regulations that needto be considered in the design of blockchain-based solutions, aswell as identifying potential challenges and open issues whichwill hopefully inform future research agenda.
Index Terms —Drones, 5G, Blockchain, Privacy Preservation,Legislation and Data Privacy Regulations.
I. I
NTRODUCTION
Drones (also referred to as unmanned aerial vehicles in theliterature) are gaining popularity in a wide spectrum of tasks,ranging from military settings (e.g., reconnaissance and obser-vation) to civilian scenarios (e.g., supporting search and rescueoperations, monitoring weather and traffic flows, deliveringgoods, aerial photography and civilian monitoring and surveil-lance to enforce stay-at-home or social / physical distancingorders, for example during pandemics such as COVID-19), andso on [1]. Generally in these tasks, massive volume of data arecollected and transferred to remote data centres for storage andanalysis; thus, resulting in potential security and privacy chal-lenges for both individuals and businesses. Individual privacyviolations, for example, include being the subject of a targeted,but unauthorised (i.e., non-court approved) surveillance orsome general-purpose aerial photography activities. There arealso potential national security implications associated withdrone activities, for example using drones to take pictures andvideos of key military / sensitive installations.The fifth generation (5G) mobile communication systemhas been deployed in many countries, such as Australia, US,
Y. Wu is with the College of Engineering, Mathematics and Phys-ical Sciences, University of Exeter, Exeter, EX4 4QF, U.K. e-mail:[email protected] (Corresponding author)H.-N. Dai is with the Faculty of Information Technology, Macau Universityof Science and Technology, Macau. email: [email protected]. Wang is with the Department of Computer Science, Norwegian Univer-sity of Science and Technology, Gjøvik, Norway. email: [email protected]. R. Choo is with the Department of Information Systems and CyberSecurity, University of Texas at San Antonio, San Antonio, TX 78249-0631,USA. email: [email protected]
UK and China, to support a wide range of applications withdiversified requirements (e.g., ultra-high bandwidth, ultra-lowlatency and ultra-high reliability). A swarm of 5G-enableddrones, coordinating and collaborating with each other, canform a web of networking, computing and storage resourcesin the sky. These flying resources facilitate sensing, analysing,and transmitting of collected data, particularly for dronesequipped with high definition cameras and 5G-enabled com-munication modules [2]. These drones can also work withother 5G components (e.g., edge computing servers) to en-hance their computing and storage capabilities. There are,however, underlying privacy considerations associated with thedata collection, handling, storage and analysis.Privacy breaches can be examined from two perspectives.First, drones if controlled by a malicious user or successfullycompromised and taken over by a malicious user, can beeasily (ab)used as a surveillance device to track and/or monitorindividuals. Efficient authentication of controlling drones is,therefore, an important factor to minimise privacy breaches.Second, the transparency of data handling also requires furtherstudy. For example, many countries have their own dataprotection regulations, such as the General Data ProtectionRegulation 2016/679 (GDPR) used by countries in the Euro-pean Union and the European Economic Area. Under GDPR,personal private data need to be handled in the way agreed bythe data owner. Ensuring the transparency of data handling iscrucial in ensuring compliance with data protection regulationand minimising privacy breaches. There have been attemptsto leverage blockchain to facilitate privacy preservation, as wewill explain in this article.In this paper, we will introduce the architecture for 5G-enabled drone communications, and briefly review the work-ings of blockchain and how it can facilitate privacy preserva-tion (see Sections II and III, respectively). Then, in Section IV,we will review blockchain-based solutions that can be adoptedfor 5G-enabled drone communications to minimise privacybreaches. In Section V, we will revisit existing legislationand data privacy regulations that need to be considered in thedesign of blockchain-based solutions. Finally, potential chal-lenges and open issues associated with privacy preservationfor 5G-enabled drone communications will be discussed.II. 5G-
ENABLED D RONE C OMMUNICATIONS
In 5G-enabled drone communications, drones typically actin two capacities, namely: 5G base stations/relays and 5Gusers [3]. Existing drones can be equipped with a lightweight a r X i v : . [ c s . N I] S e p (a) (b) (c) Fig. 1. Three typical scenarios in 5G-enabled drone communications: (a) Using 5G base station drones to enhance 5G communication capacity, (b) Using5G user drones to draw a map in a drone-to-drone (D2D) cooperative way, and (c) Using a combination of both 5G base station drones and 5G user dronesto perform search and rescue in a wildfire. base station or a relay. In other words, they become 5G basestation/relay drones that facilitate terrestrial wireless commu-nications. Such settings can be deployed in many different5G application scenarios, such as at events (e.g., concerts)where spikes in traffic are expected only during certain times,and natural disasters (e.g., forest / bush fires) where there isno supporting infrastructure or the infrastructure is damaged.In addition, drones that act as 5G base stations/relays usuallyprovide more reliable line-of-sight (LoS) connection links withtheir ground users compared with their terrestrial counterparts.Drones can also be the users of 5G systems, in order toleverage the features of 5G systems (e.g., ubiquitous coverage,low-latency and high-bandwidth). In such a setting, drones arecontrolled by ground stations to perform the allocated tasks.In addition, device-to-device communications in 5G systemsallow drones to communicate with each other in an ad-hocmanner without the need of an (expensive) infrastructure. Forexample, drones can swiftly form a web of flying resourcesat the region in the immediate aftermath of a disaster, pro-viding the necessary communication, storage and computingresources to facilitate activities such as rescue and search.In addition to the above two broad scenarios, drones can alsoplay the role of both 5G base stations/relays and users in thesame deployment, as demonstrated in Fig. 1. Drones in thefirst two scenarios generally collect and/or produce massivevolume of data, including sensitive (e.g., videos or imagesrelating to a key installation or suspects). Consequently, thisraises the issues of who can legitimately access the data (andhow to enforce such access control), and how to protect theprivacy of the data.
A. Potential Privacy Concerns
As previously discussed, privacy is an ongoing concern [4].In deployments where drones are the 5G base stations/relays(e.g., in public safety or crowd control situations, such asdemonstrations or riots), the collected (sensitive) data can betargeted by (politically or issue-motivated) attackers seekingto exfiltrate the data. When drones are 5G users (e.g., incivilian monitoring and surveillance), attackers may seek tocompromise and take over control of the drones and used themfor nefarious purposes (e.g., as weapons to carry out attacksagainst the crowd [5]). Data acquired by other drones in the vicinity could be eavesdropped by these compromised drones,for example by abusing device-to-device communications.III. B
LOCKCHAIN FOR P RIVACY P RESERVATION
Blockchain is a decentralised distributed ledger databasesystem, which contains cryptographically generated datablocks, where each block comprises a series of transactionsapproved by the majority of the participants in the system [6].Blocks are chained together (hence, the name “blockchain”)in a linear fashion and in a chronological order. Each blockpossesses a hash of its previous block (recorded in the blockheader), which is used as the unique identification of the block.The hash value in a block is the hash value of its parent block,and a block in the blockchain can therefore be found throughthe hash value of its parent block. A chain with the linked listdata structure, as shown in Fig. 2, is formed by the hash valuesequence of each block linked from the last generated one tothe genesis one.
Genesis block Block 1 Block 2 TX TX TX n Block 3
Prev_Hash TimestampTx_Root Nonce DataBlock Header
Fig. 2. A blockchain typical structure.
The following characteristics of blockchain can be utilizedto facilitate privacy preservation: • Transparency . Each participant in the blockchain systemcan hold a copy of the blockchain; thus, allowing eachparticipant to verify whether a transaction is initiated bya legitimate user. • Temper-proof . Each block is added to the blockchainthrough the confirmation by a consensus algorithm, whichundergoes a verification process of blocks where allparticipants can take part in. The blockchain system, therefore, maintains a tamper-proof ledger shared by theparticipants without relying on a trusted third party. • Security . Blockchain utilizes asymmetric cryptographicbuilding blocks to encrypt data, whose security generallyrelies on the underpinning consensus algorithm (empow-ered by the majority of the participants).Smart contracts [7] are a key component of blockchain,enabling self-execution of a program when certain terms aremet. Hence, they can be used to facilitate automated privacypreservation.IV. R
EVIEW OF B LOCKCHAIN - BASED P RIVACY P RESERVATION S OLUTIONS
We now present blockchain-based solutions for privacypreservation in 5G-enabled drone communications, in terms ofID management, data privacy protection, trajectory protectionand the consensus of drone networks.
A. Blockchain-based Identification Management of Drones
Achieving effective and efficient identification (ID) manage-ment of drones is crucial as they are becoming increasinglycommonplace. The importance of ID management is alsoreinforced by the guideline entitled “Remote ID Notice ofProposed Rule Making (NPRM) for drone ID management” introduced by U.S. Federal Aviation Administration (FAA).However, centralised ID management can incur significantadministrative costs (e.g., due to bureaucracy) and have otherlimitations such as single point of failure / attack. Hence,there have been interests to explore the utility of blockchain indesigning decentralised ID management systems, in order tosimplify the ID management process and lower the administra-tion costs. In a robust blockchain-based system, for example,a drone can register and/or revoke any expired ID in thedecentralised blockchain-based ID management systems. Inaddition, blockchain-based systems are tamper-proof, achievenon-repudiation, and minimise the single point of failure/ attack risk. In addition, blockchains can also ensure theanonymity of drones, since drones only use the generatedaddresses to interact with each other in the system.The blockchain-based ID management of drones can coverthe entire life cycle of a drone, which consists of six mainstages (including the three marked active stages) as shownin Fig. 3(a). In particular, a drone can register its ID in thedecentralised blockchain-based ID management system sincethe date of production (i.e., Creation ). During this process, thetrust can be ensured via decentralised consensus of blockchain-based systems. A post-flight inspection needs to be performedafter every flight (i.e.,
Drone in service ), as well as somemaintenance or repairing tasks. Due to fatigue or attrition,a drone will terminate its service after a number of flights(i.e.,
Termination ). The termination status will be updated inthe blockchain so that the drone ID can be either revokedor removed. For example, a lost or damaged drone alsoneeds to be reported and recorded in the blockchain-based ID management system. In summary, during the entire life cycleof a drone, the status changes of a drone can be traceable viathe blockchain-based ID management system.As discussed earlier, smart contracts can automate the droneID management process. For example, conditions or termsof drone services can be written into contractual clausesin computer programs. When some conditions reach (e.g.,a drone is revoked), the actions (corresponding to programstatements) will be automatically triggered and executed (e.g.,the drone becoming inactive). In this way, the drone IDmanagement process can be simplified and the correspondingadministrative cost can be reduced. B. Blockchain-based Data Privacy Protection of Drones
As mentioned above, data can be collected by or (tem-porarily) stored in the drones (e.g., when drones act as 5Gbase stations, relays, or users). Such data can be of interest toattackers, who may seek to exfiltrate data stored or cached atthese drones using a malicious / compromised drone, either viadrone-to-drone (D2D) link or by drone-to-ground (D2G) linkas shown in Fig. 3(b). In addition, data-in-transit (from droneto base station) via the drone-to-base-station (D2B) link canpotentially be intercepted or wiretapped by a malicious user.There is also the risk that the base station may be targeted.This reinforces the importance of both security and privacypreservation of user data in drone communications.Blockchain can play different roles in ensuring data privacyof drone communications. First, blockchain-based authentica-tion mechanisms can verify whether an access request initiatedfrom a drone is authorised. We remark that the authenticationmechanisms should be fully integrated with blockchain-basedID management systems, with appropriate access control set-tings. To minimise the risk of data being misused at either thedrones or the base stations, blockchain-based cryptographicschemes can be utilized [8], such as asymmetric encryptionalgorithms and homomorphic obfuscations. Third, blockchain-based encryption schemes across the entire network stack (e.g.,physical, link and network layers) can also be deployed tomitigate threats at D2D, D2G and D2B links [9]. Furthermore,the adoption of blockchain can preserve the privacy of cachecontent and ensure trust among multiple parties as explainedin [10].In addition to data privacy protection, we also need to ensureefficient management of drone data (e.g., both blockchain dataand user data). In particular, public blockchain systems areknown to have massive blockchain data volume, e.g., Bitcoincontains more than 240GB data as of 2019. It is impractical tostore the entire blockchain data at drones, even for higher-enddrones with a larger storage capacities. Therefore, drones mayonly store user data, such as data from other Internet-of-Things(IoT) devices, and potentially partial blockchain data (e.g.,hash values of blockchain transactions for verification pur-pose). Ground or base stations may store the entire blockchaindata. Other than data storage challenges, there are also latencyand bandwidth challenges associated with the massive datasize. Hence, it becomes an essential to preprocess the dataat drones since user data, especially IoT data, may contain (a) Drone ID management
Blockchain (b) Data Privacy Protection (c) Trajectory Privacy Protection(d) Consensus of Drone Networks
Creation TerminationDrone inservice Post-flightinspectionMaintenanceand reparingLost/Destroyed
Pilot MalicioususerMaliciousdroneDatastored/cachedMalicioususer D B li n k D D li n k D G li n k Datastored/cached D D l e g i t i m a t e li n k Datastored/cachedmisuse MaliciousdroneMalicioususer W i r e t ap li n k Fakedrone
Fig. 3. Blockchain-based Privacy Preservation for Drone Communications duplicates, errors and noises. The miniaturisation of high-performance computing facilities and the rapid developmentof embedding devices can help us meet this emerging demand.In other words, drones may serve as edge computing nodesto complement remote clouds and collaborate with other edgecomputing nodes deployed at base stations.
C. Blockchain-based Trajectory Privacy Protection
The trajectory information of drones is crucial to facilitateand enforce control, route planning and navigation duringadverse weather conditions or natural disasters. However, thetrajectory information of drones is vulnerable to maliciousattacks, as shown in Fig. 3(c). In addition, centralised trajec-tory information management is susceptible to single point offailure / attacks, denial-of-service (DoS) attacks, and privacybreaches. For example, drones can be tracked, interceptedand even hijacked once the trajectories of drones are exposedto malicious users. Moreover, the behaviours of drone userscan be tracked and inferred by analysing the trajectories ofdrones. Such data can also be used to facilitate other nefariousactivities, such as stalking.Similar to the earlier discussion, blockchain-based authen-tication and access control mechanisms can used to authoriseaccess permissions of users to the drone trajectory data. Again,the integration of blockchain-based trajectory managementwith blockchain-based ID management and blockchain-baseddata management is crucial. Second, the decentralisation ofblockchain-based drone trajectory management systems canalso mitigate the risks of single point of failure / attacksassociated with centralised systems. Moreover, incorporat-ing other trajectory privacy-preservation schemes (e.g., k - anonymity scheme) can better improve the trajectory privacyprotection of drones. D. Blockchain-based Consensus of Drone Networks
In some real-world scenarios (e.g., monitoring crowd move-ments in a demonstration), multiple drones may collaboratetogether to complete a complex task. In this case, one taskis divided into a number of sub-tasks, each of which iscompleted by a drone. During this process, it is crucial toensure a reliable drone network that can coordinate betweenmultiple drones. However, it can be extremely challenging tomaintain a dependable network due to the dynamic topology ofdrone networks, unreliable wireless communications betweendrones, and the potential of drones to be compromised orattacked [11]. Take Fig. 3(d) as an example, a maliciousdrone may be disguised as a legitimate drone to join thedrone network so as to carry out malicious activities suchas disrupting the drone network or wiretapping private datatransmission between drones.How can blockchain play a role here? First, blockchain-based ID management system can be used to identify non-member drones by analysing and tracking ID updating histor-ical records. Second, the consensus mechanisms (e.g., Proofof Work and Practical Byzantine Fault-Tolerance [12]) inblockchain can help the majority of legitimate drones to beresistant to malicious attacks, such as Sybil attack. Third,the consensus of drone networks can significantly raise thecost of counterfeiting a fake drone or several fake drones;consequently, mitigating falsification risks. Moreover, the in-centive mechanisms in blockchain systems can be leveragedto motivate drones into participating in the consensus of dronenetworks. Instead of employing digital currencies as the direct incentive, reputation credits might be more suitable in thedrone network scenario.
TABLE IS
UMMARY OF BLOCKCHAIN - BASED SOLUTIONS IN DRONECOMMUNICATIONS
No.
Drone Communications Blockchain solutions
Blockchain is not, however, a panacea for drone securityand privacy. For example, many consensus algorithms ofexisting blockchains have low efficiency and incur significantresource overheads. Such limitations may limit the adoption ofblockchain in drone networks. Directed acyclic graph (DAG),sharding blockchain consensus, off-chain blockchain data arepossible solutions to these challenges. In particular, DAGaccepts the non-conflict side-chain so as to reduce the cost,while the sharding consensus only requires a subset of nodes(corresponding to drones) to participate in the consensusprocedure and multiple subsets (or committees) can then reachconsensus. Consequently, consensus efficiency can be greatlyimproved. In addition, off-chain strategies allow transactions tobe conducted without the involvement of the main blockchain,and all these transactions can be eventually stored as a newblock to the main blockchain.Table I summarises the blockchain-based solutions in 5Gdrone communications.V. P
RIVACY - RELATED L EGISLATION AND S TANDARDS
Similar to other technologies, drone-related regulationsgenerally lag behind research and development advances indrones. For example, St¨ocker et al. [13] presented a com-prehensive review of the status of drone-related regulationsas of 2017. The surveys of Fotouhi et al. [14] and Ullah etal. [15] also discussed recent developments in drone-relatedregulations and standardisation. In this section, we focus onthe regulatory and standardisation advances relating to privacypreservation in drone communications.Public privacy, safety, and data protection are the key fo-cuses in the majority of legislative efforts [13], for example toprotect individuals, environment, and objects from the variousharms (e.g., physical safety and intrusion of private space)associated with drones. While regulations may differ betweenjurisdictions, existing regulations tend to have clear definitionsof no-fly zones, the need to maintain a safe distance fromhuman crowds and prohibit the flying of drones over humancrowds, the need for training and certification of pilots who flydrones over a defined weight limit, flying below a maximumflying height, and liabilities in the event of an incident. Examples of recently released regulations include the EUCommission Delegated Regulations 2019/945 (EU2019/945) and EU2019/947 , which are scheduled to be fully enforcedon July 1 of 2020. These regulations cover the design, man-ufacture, and operation of drones, and has implications tomanufacturers, importers, and distributors. In addition, the newregulations clarify on the technical requirements of drones indifferent classes.Another recent popular topic in the drone industry is theso-called Beyond Visual Line of Sight (BVLOS) flights, whichcan cover larger areas (including areas that are difficult orimpossible for the pilots to keep an eye on). BVLOS flightscan be deployed in adversarial and rough conditions, such asbattlefields, inspection of key installations (e.g., oil and gaspipelines, power grids, and border control) and wild life, andsearch and rescue operations. However, there are also greaterrisky or ill-intentioned use in the operating of BVLOS flights,which may explain why they are generally not allowed inmany countries. For example, the U.S. does not allow BVLOSflights, without a waiver from the relevant authority . However,regulations on BVLOS flights are evolving at a very fastpace. An amendment to EU2019/947 w.r.t. BVLOS flightsis currently in progress, at the time of writing. We expectthat the BVLOS flights will become better regulated acrossdifferent countries in the near future, and it is an importantaspect to consider when we study privacy preservation issuesfor drones.Standards bodies have also been very proactive in drone-related activities. For example, the technical specification TS22.125 of 3GPP “identifies the requirements for operation ofUAVs via the 3GPP system”. The 3GPP Release 16 includes“requirements for meeting the business, security, and publicsafety needs for the remote identification and tracking of Un-manned Aerial System (UAS) linked to a 3GPP subscription”.In the 3GPP Release 17 (scheduled for delivery in 2021), itincludes 5G enhancement for UAVs.As observed by St¨ocker et al. [13], an increase in droneactivities will also result in additional administrative processes,such as those relating to flight registration and approval. Webelieve that the decentralisation of blockchain systems is aviable approach to reducing administrative redtapes.ID of drones has been one of the main artefacts to ensuretraceability and accountability. In the new EU rules, with theexception of class C0 (less than 250g), all classes must bear aunique physical serial number and more importantly a directremote ID “allowing the upload of the operator registration Council of European Union, Commission Delegated Regulation(EU)2019/945 on unmanned aircraft systems and on third-countryoperators of unmanned aircraft systems, 2019, https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32019R0945. Council of European Union, Commission Delegated Regulation(EU) 2019/947 on the rules and procedures for the operationof unmanned aircraft, 2019, https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32019R0947. number and in real time during the whole duration of theflight, the direct periodic broadcast from the UA (unmannedaircraft) using an open and documented transmission protocol in a way that they can be received directly by existing mobiledevices within the broadcasting range”. On the other hand,TS 22.125 of 3GPP further elaborates that “The 3GPP systemshall enable UAV to preserve the privacy of the owner ofthe UAV, UAV pilot, and the UAV operator in its broadcastof identity information”. From these recent developments inregulations, it is clear that auditability and anonymity featuresdue to the use of blockchain can facilitate traceability andaccountability of drones.On data privacy protection, we can look at two aspects.First, the privacy of people, environment, and objects thatmay be intruded by drones, and second, the protection oflegitimate data collected by drones and the communicationprivacy between the drone and the pilot. As mentioned earlier,the first aspect has been the focus of recent legislative changes.However, in practice it can be difficult to enforce. The sensoryrange of onboard sensors is constantly improving due totechnology advancement. This compounds the challenge oftracking and identification, especially for smaller drones. Thedirect remote ID and the geo-awareness system required byEU2019/945 for drones in some classes are helpful in thisaspect, so further exploration is necessary. The second aspectis also partially covered by EU2019/945, since drones insome classes are required to “be equipped with a data linkprotected against unauthorised access to the command andcontrol functions” and TS 22.125 of 3GPP states that “3GPPsystem shall support the capability to provide different levelsof integrity and privacy protection for the different connectionsbetween UAS and UTM (UAS Traffic Management) as wellas the data being transferred via those connections”.Table II presents a brief summary of regulations by selectedrepresentative countries , in terms of privacy preservation. Re-call that the new EU regulations EU2019/945 and EU2019/947will be fully enforced on July 1 of 2020. Therefore, existingnational regulations are in the process of being harmonisedwith or superseded by the new EU rules. The communicationprivacy on drones are largely not mentioned by the nationalregulations listed in Table II. In other words, the new EUregulations and the 3GPP standards are more advanced in thisaspect.VI. R ESEARCH C HALLENGES AND O PEN I SSUES
Despite the potential benefits of blockchain in drone com-munication privacy preservation, there remain a number ofopen challenges which will be discussed next. • Resource constraints of drones:
Most existing drones areresource-limited, in terms of energy, size and weight con-siderations. Encryption and/or consensus algorithms aregenerally required for blockchain systems, yet drones aregenerally incapable of computing-intensive tasks due to These countries are selected because they are representative of the mostadvanced development in drone regulations from different continents. St¨ockeret al. [13] also studied these countries in their comparative analysis, with theexception of the new EU regulations EU2019/945 and EU2019/947. computationally constraints and battery life. In addition, aswarm of UAVs can generate and/or collect gigabytes ofdata per second, including both audio and video. Whetherthe storage capacity of blockchain can accommodate suchhigh volume of data is still debatable, and whether andhow to incorporate other storage resources (e.g., edgeservers) with the UAV system remains an open chal-lenge. Apart from these, drones are energy constraineddevices, and thus they need energy efficient solutions.However, miners (i.e., drones) consume a disproportion-ate amount of electricity when generating blocks; thus,existing drones may not be capable of supporting suffi-cient energy required for mining of blocks. In the future,the orchestration of various computing facilities such asremote clouds, nearby edge servers and drones, and othertechnologies such as network coding, becomes a necessityto implement blockchain-based drone communications. • Full privacy preservation of drone data:
In blockchain-based solutions for drone networks, each drone requiresto store a copy of the data blocks (i.e., distributed ledger).This risks the dissemination of sensitive information to allparticipating drones. Although blockchain can guaranteecertain level of privacy preservation of drone data, activ-ities of both users of drone communications and dronescan be inferred (or extracted) via statistical analysis orusing other machine learning tools. For example, userprivate data relayed through drones may be leaked tomalicious users who may compromise the drones with theaim of exfiltrating data. How to fully ensure data privacyof drone communications is still an open research ques-tion. Limiting the information sharing between drones isone potential solution, although this may not be practicalin some applications. • Scalability of blockchain-based drone networks:
Multipledrones can form a drone network for diverse tasks. Asdiscussed earlier, the consensus of drone networks canhelp to mitigate the falsification of malicious drones andother security risks. However, it is challenging to achievea scalable blockchain-based drone network due to thedynamics of drones (i.e., drones can join and leave atany time) as well as the scalability constraints of currentblockchain systems (i.e., low throughput of transactionsper second). For example, poor scalability may lead tothe difficulty of forming a drone network and reaching aconsensus when a new drone joins. Therefore, scalabilityof blockchain-based drone networks is an important issueto explore in the future. • Remote identification:
As mentioned earlier, new regula-tions require drones to periodically broadcast their ID in-formation that can be directly received by existing mobiledevices within the broadcasting range. Such an activityneeds to be conducted without violating the privacy of theowner, the pilot, and the operator. Designing an efficientsolution for remote ID requires an in-depth understandingof the data transmission protocols and the various securityand privacy risks (including emerging risks), and henceremains one of ongoing interest. • Regulation development and compliance enforcement:
TABLE IIC
OMPARISON OF DRONE - RELATED REGULATIONS IN TERMS OF PRIVACY PRESERVATION
Country Data Privacy on Drones Communication Privacy on Drones
EU 2019/945EU 2019/947 Legally regulated Drones in some classes requiredto be equipped with secure data linkAustralia Only advice to respect private privacyPrivacy Act only applies on large organisationsAuthority plans to review privacy issues with recreational drones N/ACanada Privacy Act applies to commercial and government drones N/AChina Not in national lawsbut covered by some provincial laws (e.g., Sichuan) N/AColombia Not allowed to violate the rights of privacy N/AFrance Operators obliged to respect privacy rights of individualsGermany Bundesdatenschutzgesetz (BDSG, federal data protection act) applies N/AItaly Italian Data Protection Code, enacting GDPR, applies N/AJapan Not linked to the Act on the Protection of Personal Information (APPI)but authority plans to cover privacy in next phase in the roadmap N/ARwanda Operators oblighed to respect privacy rights of otherssurveillance of people and property without their consent is prohibited N/AThe Netherlands Operators not allowed to violate other peoples privacy N/AUnited Kingdom The Data Protection Act (DPA) applies N/AUnited States Covered differently by State- or City-level laws N/A
Regulations and standards for drones are still evolving,and privacy preservation remains an prioritised agenda.Drone accidents may occur due to a range of reasons,such as technical malfunction, improper operations, un-foreseen environmental events (e.g., sudden wind gusts),and hijacking. As more automation functionalities arebeing introduced into drones, clear definitions of lia-bilities and responsibilities for all participants involvedacross the entire life cycle of a drone will need to beexplored. A closely related issue is how to enforce thecompliance of regulations for drones. The collection andcertification of digital evidence (enabled by blockchain)on drone accidents or privacy intrusions / breaches arealso potential research topics.VII. C
ONCLUSION
This article discussed blockchain-based privacy preservationsolutions for 5G-enabled drone communications, as well asrelated data privacy legislation and regulations that need to beconsidered in the design of these solutions. We also identifiedpotential challenges and open issues to inform future researchagenda that will allow the community to leverage blockchainto facilitate privacy preservation in drone communications.R
EFERENCES[1] D. Tezza and M. Andujar, “The state-of-the-art of humandrone interac-tion: A survey,”
IEEE Access , vol. 7, pp. 167 438–167 454, 2019.[2] G. Yang, X. Shi, L. Feng, S. He, Z. Shi, and J. Chen, “Cedar: A cost-effective crowdsensing system for detecting and localizing drones,”
IEEETransactions on Mobile Computing , pp. 1–1, 2019.[3] Y. Zeng, Q. Wu, and R. Zhang, “Accessing From the Sky: A Tutorial onUAV Communications for 5G and Beyond,”
Proceedings of the IEEE ,vol. 107, no. 12, pp. 2327–2375, Dec 2019.[4] C. Lin, D. He, N. Kumar, K.-K. R. Choo, A. Vinel, and X. Huang, “se-curity and privacy for the internet of drones: Challenges and solutions,”
IEEE Communications Magazine .[5] G. D. L. T. Parra, P. Rad, and K. R. Choo, “Driverless vehicle security:Challenges and future research opportunities,”
Future Gener. Comput.Syst. , vol. 108, pp. 1092–1111, 2020. [6] L. Cheng, J. Liu, G. Xu, Z. Zhang, H. Wang, H. Dai, Y. Wu, andW. Wang, “SCTSC: A Semicentralized Traffic Signal Control ModeWith Attribute-Based Blockchain in IoVs,”
IEEE Transactions on Com-putational Social Systems , vol. 6, no. 6, pp. 1373–1385, Dec 2019.[7] W. Zou, D. Lo, P. S. Kochhar, X. D. Le, X. Xia, Y. Feng, Z. Chen,and B. Xu, “Smart contract development: Challenges and opportunities,”
IEEE Transactions on Software Engineering , pp. 1–1, 2019.[8] B. Cao, Y. Li, L. Zhang, L. Zhang, S. Mumtaz, Z. Zhou, and M. Peng,“When Internet of Things Meets Blockchain: Challenges in DistributedConsensus,”
IEEE Network , vol. 33, no. 6, pp. 133–139, 2019.[9] Q. Wu, W. Mei, and R. Zhang, “Safeguarding wireless network withuavs: A physical layer security perspective,”
IEEE Wireless Commun. ,vol. 26, no. 5, pp. 12–18, 2019.[10] Y. Qian, Y. Jiang, L. Hu, M. S. Hossain, M. Alrashoud, and M. Al-Hammadi, “Blockchain-based privacy-aware content caching in cogni-tive internet of vehicles,”
IEEE Network , vol. 34, no. 2, pp. 46–51, 2020.[11] E. Yanmaz, S. Yahyanejad, B. Rinner, H. Hellwagner, and C. Bettstetter,“Drone networks: Communications, coordination, and sensing,”
Ad HocNetworks , vol. 68, pp. 1 – 15, 2018.[12] H.-N. Dai, Z. Zheng, and Y. Zhang, “Blockchain for internet of things: Asurvey,”
IEEE Internet of Things Journal , vol. 6, no. 5, pp. 8076–8094,Oct 2019.[13] C. St¨ocker, R. Bennett, F. Nex, M. Gerke, and J. Zevenbergen, “Reviewof the current state of UAV regulations,”
Remote sensing , vol. 9, no. 5,p. 459, 2017.[14] A. Fotouhi, H. Qiang, M. Ding, M. Hassan, L. G. Giordano, A. Garcia-Rodriguez, and J. Yuan, “Survey on UAV cellular communications:Practical aspects, standardization advancements, regulation, and securitychallenges,”
IEEE Communications Surveys & Tutorials , vol. 21, no. 4,pp. 3417–3442, 2019.[15] Z. Ullah, F. Al-Turjman, and L. Mostarda, “Cognition in UAV-Aided5G and Beyond Communications: A Survey,”
IEEE Transactions onCognitive Communications and Networking , 2020.
Yulei Wu [SM18] is a Senior Lecturer with the Department of ComputerScience, College of Engineering, Mathematics and Physical Sciences, Uni-versity of Exeter, United Kingdom. He received the B.Sc. degree (FirstClass Honours) in Computer Science and the Ph.D. degree in Computingand Mathematics from the University of Bradford, United Kingdom, in2006 and 2010, respectively. His expertise is on networking and his mainresearch interests include computer networks, networked systems, softwaredefined networks and systems, network management, and network securityand privacy. He is an Editor of IEEE Transactions on Network and ServiceManagement, Computer Networks (Elsevier) and IEEE Access.
Hong-Ning Dai [SM16] is currently with Faculty of Information Technologyat Macau University of Science and Technology as an associate professor.He obtained the Ph.D. degree in Computer Science and Engineering fromDepartment of Computer Science and Engineering at the Chinese Universityof Hong Kong. His current research interests include Internet of Thingsand blockchain technology. He has served as an associate editor for IEEEAccess, guest editors for IEEE Transactions on Industrial Informatics, IEEETransactions on Emerging Topics in Computing. He is a senior member ofthe Institute of Electrical and Electronics Engineers (IEEE).
Hao Wang [M07] is an Associate professor in the Department of ComputerScience in Norwegian University of Science & Technology, Norway. Hereceived his Ph.D. degree and a B.Eng. degree, both in computer science andengineering, from South China University of Technology, China in 2006 and2000, respectively. His research interests include big data analytics, industrialinternet of things, high performance computing, and safety-critical systems.He is a member of IEEE and ACM. He is the Chair for Sub TC on Healthcarein IEEE IES Technical Committee on Industrial Informatics.