Sandeep K. Sood

Secure authentication scheme for IoT and cloud servers

Internet of Things (IoT) is an upcoming platform where information and communication technology connect multiple embedded devices to the Internet for performing information exchange. Owing to the immense development of this technology, embedded devices are becoming more sophisticated every day and are being deployed in various arenas of life. An important advancement in todays technology is the ability to connect such devices to large resource pools such as cloud. Integration of embedded devices and cloud servers brings wide applicability of IoT in many commercial as well as Government sectors. However, the security concerns such as authentication and data privacy of these devices play a fundamental role in successful integration of these two technologies. Elliptic Curve Cryptography (ECC) based algorithms give better security solutions in comparison to other Public Key Cryptography (PKC) algorithms due to small key sizes and efficient computations. In this paper, a secure ECC based mutual authentication protocol for secure communication of embedded devices and cloud servers using Hyper Text Transfer Protocol (HTTP) cookies has been proposed. The proposed scheme achieves mutual authentication and provides essential security requirements. The security analysis of the proposed protocol proves that it is robust against multiple security attacks. The formal verification of the proposed protocol is performed using AVISPA tool, which confirms its security in the presence of a possible intruder.

Secure Dynamic Identity-Based Authentication Scheme Using Smart Cards

ABSTRACT In 2004, Das et al. proposed a dynamic identity-based remote user authentication scheme using smart cards. This scheme allows users to choose and change their passwords freely, and the server does not maintain any verification table. Das et al. claimed that their scheme is secure against stolen verifier attack, replay attack, forgery attack, dictionary attack, insider attack and identity theft. However, many researchers have demonstrated that Das et al.s scheme is susceptible to various attacks. Furthermore, this scheme does not achieve mutual authentication and thus cannot resist malicious server attack. In 2009, Wang et al. argued that Das et al.s scheme is susceptible to stolen smart card attack. If an attacker obtains the smart card of the user and chooses any random password, the attacker gets through the authentication process to get access of the remote server. Therefore, Wang et al. suggested an improved scheme to preclude the weaknesses of Das et al.s scheme. However, we found that Wang et al.s scheme is susceptible to impersonation attack, stolen smart card attack, offline password guessing attack, denial of service attack and fails to preserve the user anonymity. This paper improves Wang et al.s scheme to resolve the aforementioned problems, while keeping the merits of different dynamic identity based smart card authentication schemes.

An Energy-Efficient Architecture for the Internet of Things (IoT)

Internet of things (IoT) is a smart technology that connects anything anywhere at any time. Such ubiquitous nature of IoT is responsible for draining out energy from its resources. Therefore, the energy efficiency of IoT resources has emerged as a major research issue. In this paper, an energy-efficien t architecture for IoT has been proposed, which consists of three layers, namely, sensing and control, information processing, and presentation. The architectural design allows the system to predict the sleep interval of sensors based upon their remaining battery level, their previous usage history, and quality of information required for a particular application. The predicted value can be used to boost the utilization of cloud resources by reprovisioning the allocated resources when the corresponding sensory nodes are in sleep mode. This mechanism allows the energy-efficient utilization of all the IoT resources. The experimental results show a significant amount of energy saving in the case of sensor nodes and improved resource utilization of cloud resources.

Security Issues in Cloud Computing

The cloud is next generation platform that provides dynamic resource pooling, virtualization and high resource availability. It is one of today’s most enticing technology areas due to its advantages like cost efficiency and flexibility. There are significant or persistent concerns about the cloud computing those are impeding momentum and will compromise the vision of cloud computing as a new information technology procurement model. A general understanding of cloud computing refers to the concept of grid computing, utility computing, software as a service, storage in cloud and virtualization. It enables the virtual organization to share geographically distributed resources as they pursue common goals, assuming the absence of central location, omniscience and an existing trust relationship. This paper is a survey more specific to the different security issues that has emanated due to the nature of the service delivery models of a cloud computing system.

A cybersecurity framework to identify malicious edge device in fog computing and cloud-of-things environments

Device security is one of the major challenges for successful implementation of Internet of Things and fog computing environment in current IT space. Researchers and Information Technology (IT) organizations have explored many solutions to protect systems from unauthenticated device attacks (known as outside device attacks). Fog computing uses network devices (e.g. router, switch and hub) for latency-aware processing of collected data using IoT. Then, identification of malicious edge device is one of the critical activities in data security of fog computing environment. Preventing attacks from malicious edge devices in fog computing environment is more difficult because they have certain granted privileges to use and process the data. In this paper, proposed cybersecurity framework uses three technologies which are Markov model, Intrusion Detection System (IDS) and Virtual Honeypot Device (VHD) to identify malicious edge device in fog computing environment. A two-stage hidden Markov model is used to effectively categorize edge devices in four different levels. VHD is designed to store and maintain log repository of all identified malicious devices which assists the system to defend itself from any unknown attacks in the future. Proposed cybersecurity framework is tested with real attacks in virtual environment created using OpenStack and Microsoft Azure. Results indicated that proposed cybersecurity framework is successful in identifying the malicious device as well as reducing the false IDS alarm rate.

Matrix based proactive resource provisioning in mobile cloud environment

Abstract Mobile cloud computing is a dynamic, virtually scalable and network based computing environment where mobile device acts as a thin client and applications run on remote cloud servers. Mobile cloud computing resources required by different users depend on their respective personalized applications. Therefore, efficient resource provisioning in mobile clouds is an important aspect that needs special attention in order to make the mobile cloud computing a highly optimized entity. This paper proposes an adaptive model for efficient resource provisioning in mobile clouds by predicting and storing resource usages in a two dimensional matrix termed as resource provisioning matrix. These resource provisioning matrices are further used by an independent authority to predict future required resources using artificial neural network. Independent authority also checks and verifies resource usage bill computed by cloud service provider using resource provisioning matrices. It provides cost computation reliability for mobile customers in mobile cloud environment. Proposed model is implemented on Hadoop using three different applications. Results indicate that proposed model provides better mobile cloud resources utilization as well as maintains quality of service for mobile customer. Proposed model increases battery life of mobile device and decreases data usage cost for mobile customer.

Elliptic curve cryptography: survey and its security applications

Elliptic curve cryptosystems are based on ECDLP (Elliptic curve discrete logarithm problem) for their security. The best known method to solve ECDLP (pollards rho algorithm) is fully exponential therefore Elliptic Curve Cryptosystems require substantially smaller key sizes for equivalent security as compared to other public key cryptosystems (RSA, DSA). This paper discusses the technique of Elliptic Curve Cryptography (ECC). Due to its computational benefits such as faster computation, low power and memory consumption, bandwidth saving, ECC is best suited for mobile/wireless environments. The application of ECC in mobile devices and wireless networks has been discussed in the paper. A survey of various protocols based on ECC has been done in the paper which clearly depicts its increasing acceptance over other public key cryptosystems.

Smart monitoring and controlling of Pandemic Influenza A (H1N1) using Social Network Analysis and cloud computing

Abstract H1N1 is an infectious virus which, when spread affects a large volume of the population. It is an airborne disease that spreads easily and has a high death rate. Development of healthcare support systems using cloud computing is emerging as an effective solution with the benefits of better quality of service, reduced costs and flexibility. In this paper, an effective cloud computing architecture is proposed which predicts H1N1 infected patients and provides preventions to control infection rate. It consists of four processing components along with secure cloud storage medical database. The random decision tree is used to initially assess the infection in any patient depending on his/her symptoms. Social Network Analysis (SNA) is used to present the state of the outbreak. The proposed architecture is tested on synthetic data generated for two million users. The system provided 94% accuracy for the classification and around 81% of the resource utilization on Amazon EC2 cloud. The key point of the paper is the use of SNA graphs to calculate role of an infected user in spreading the outbreak known as Outbreak Role Index (ORI). It will help government agencies and healthcare departments to present, analyze and prevent outbreak effectively.

Wearable IoT sensor based healthcare system for identifying and controlling chikungunya virus

Abstract Chikungunya is a vector borne disease that spreads quickly in geographically affected areas. Its outbreak results in acute illness that may lead to chronic phase. Chikungunya virus (CHV) diagnosis solutions are not easily accessible and affordable in developing countries. Also old approaches are very slow in identifying and controlling the spread of CHV outbreak. The sudden development and advancement of wearable internet of things (IoT) sensors, fog computing, mobile technology, cloud computing and better internet coverage have enhanced the quality of remote healthcare services. IoT assisted fog health monitoring system can be used to identify possibly infected users from CHV in an early phase of their illness so that the outbreak of CHV can be controlled. Fog computing provides many benefits such as low latency, minimum response time, high mobility, enhanced service quality, location awareness and notification service itself at the edge of the network. In this paper, IoT and fog based healthcare system is proposed to identify and control the outbreak of CHV. Fuzzy-C means (FCM) is used to diagnose the possibly infected users and immediately generate diagnostic and emergency alerts to users from fog layer. Furthermore on cloud server, social network analysis (SNA) is used to represent the state of CHV outbreak. Outbreak role index is calculated from SNA graph which represents the probability of any user to receive or spread the infection. It also generates warning alerts to government and healthcare agencies to control the outbreak of CHV in risk prone or infected regions. The experimental results highlight the advantages of using both fog computing and cloud computing services together for achieving network bandwidth efficiency, high quality of service and minimum response time in generation of real time notification as compared to a cloud only model.

Cloud-centric IoT based student healthcare monitoring framework

Among the extensive and impressive collection of applications enabled by IoT, smart and interactive healthcare is a particularly important one. To gather rich information indicator of our mental and physical health, IoT based sensors are either worn on the body or embedded in the living environment. Moreover, by incorporating the mobile computing technology in IoT based healthcare systems, the reactive care system can be transformed to proactive and preventive healthcare systems. Relative to this context, a cloud-centric IoT based smart student m-healthcare monitoring framework is proposed. This framework computes the student diseases severity by predicting the potential disease with its level by temporally mining the health measurements collected from medical and other IoT devices. To effectively analyze the student healthcare data, an architectural model for smart student health care system has been designed. In our case study, health dataset of 182 suspected students are simulated to generate relevant waterborne diseses cases. This data is further analyzed to validate our model by using k-cross validation approach. Pattern based diagnosis scheme is applied using various classification algorithms and then results are computed based on accuracy, sensitivity, specificity and response time. Experimental results show that Decision tree (C4.5) and k-neighest neighbour algorithms perform better as compared to other classifiers in terms of above mentioned parameters. Moreover, the proposed methodology is effective in decision making by delivering time sensitive information to caretaker or doctor within specific time. Lastly, the temporal granule pattern based presentation reterives effective diagnosis results for the proposed system.