Search for: All records

The adoption of blockchain in the Internet of Things (IoT) has been increasing due to the various benefits that blockchain brings, such as security and privacy. Current blockchain models for mobile IoT assume there are fixed, powerful edge devices capable of providing global communication to all the nodes in the network. However, due to the mobile nature of IoT or network partitioning problems (NPP), nodes can move out of a cell area and split into smaller independent peer-to-peer subnetworks. Existing blockchain structures either do not support the network partitioning problem or have limitations. This paper introduces a multidimensional, graph-based blockchain structure, that utilizes k-dimensional spatiotemporal space, to address the challenges of applying blockchain in mobile networks with limited resources. Experimental results show that a multidimensional blockchain structure can improve scalability and efficiency as the blockchain grows in size, similar to logarithmic growth, and reduce the longest chain length by more than 99.99% compared to the traditional chain-based blockchain structure. 

The Internet of Things (IoT), forming the foundation of Cyber Physical Systems (CPS), connects a huge number of ubiquitous sensing and mobile computing devices. The mobile IoT systems generate an enormous volume of a variety of dynamic context data and typically count on centralized architectures to process them. However, their inability to ensure security and decline in communication efficiency and response time with the increase in the size of IoT network are some of the many concerning weaknesses that are holding back the fast-paced growth of IoT. Realizing the limitations of centralized systems, recently blockchain-based decentralized architecture is being considered as the key to redesigning the IoT systems in a way that is designed to be secure, transparent, highly resistant to outages, auditable, and efficient. However, before realizing the new promise of blockchain for IoT, there are significant challenges to address. One fundamental challenge is the scale issue around data collection, storage, and analytic as IoT sensor devices possess limited computational power and storage capabilities. In particular, since the chain is always growing, IoT devices require more and more resources. Thus, an oversized chain poses storage and scalability problems. With this in mind, the overall goal of our research is to design a lightweight scalable blockchain framework for IoT of mobile devices. This framework, coined as "Sensor-Chain", promises a new generation of lightweight blockchain management with a superior reduction in resource consumption, and at the same time capable of retaining critical information about the IoT systems of mobile devices. 

Recently, blockchain has received much attention from the mobility-centric Internet of Things (IoT). It is deemed the key to ensuring the built-in integrity of information and security of immutability by design in the peer-to-peer network (P2P) of mobile devices. In a permissioned blockchain, the authority of the system has control over the identities of its users. Such information can allow an ill-intentioned authority to map identities with their spatiotemporal data, which undermines the location privacy of a mobile user. In this paper, we study the location privacy preservation problem in the context of permissioned blockchain-based IoT systems under three conditions. First, the authority of the blockchain holds the public and private key distribution task in the system. Second, there exists a spatiotemporal correlation between consecutive location-based transactions. Third, users communicate with each other through short-range communication technologies such that it constitutes a proof of location (PoL) on their actual locations. We show that, in a permissioned blockchain with an authority and a presence of a PoL, existing approaches cannot be applied using a plug-and-play approach to protect location privacy. In this context, we propose BlockPriv, an obfuscation technique that quantifies, both theoretically and experimentally, the relationship between privacy and utility in order to dynamically protect the privacy of sensitive locations in the permissioned blockchain. 

In Location-Based Services (LBS), users are required to disclose their precise location information to query a service provider. An untrusted service provider can abuse those queries to infer sensitive information on a user through spatio-temporal and historical data analyses. Depicting the drawbacks of existing privacy-preserving approaches in LBS, we propose a user-centric obfuscation approach, called KLAP, based on the three fundamental obfuscation requirements: k number of locations, l-diversity, and privacy area preservation. Considering user's sensitivity to different locations and utilizing Real-Time Traffic Information (RTTI), KLAP generates a convex Concealing Region (CR) to hide user's location such that the locations, forming the CR, resemble similar sensitivity and are resilient against a wide range of inferences in spatio-temporal domain. For the first time, a novel CR pruning technique is proposed to significantly improve the delay between successive CR submissions. We carry out an experiment with a real dataset to show its effectiveness for sporadic, frequent, and continuous service use cases. 

The ubiquitous use of location‐based services (LBS) through smart devices produces massive amounts of location data. An attacker, with an access to such data, can reveal sensitive information about users. In this paper, we study location inference attacks based on the probability distribution of historical location data, travel time information between locations using knowledge of a map, and short and long‐term observation of privacy‐preserving queries. We show that existing privacy‐preserving approaches are vulnerable to such attacks. In this context, we propose a novel location privacy‐preserving approach, called KLAP, based on the three fundamental obfuscation requirements: minimumk‐locations,l‐diversity, and privacyareapreservation. KLAP adopts a personalized privacy preference for sporadic, frequent, and continuous LBS use cases. Specifically, it generates a secure concealing region (CR) to obfuscate the user's location and directs that CR to the service provider. The main contribution of this work is twofold. First, a CR pruning technique is devised to establish a balance between privacy and delay in LBS usage. Second, a new attack model called a long‐term obfuscated location tracking attack, and its countermeasure is proposed and evaluated both theoretically and empirically. We assess KLAP with two real‐world datasets. Experimental results show that it can achieve better privacy, reduced delay, and lower communication costs than existing state‐of‐the‐art methods.