Transparent Encryption for IoT using Offline Key Exchange over Public Blockchains

Mamun Abu-Tair, Syed Muhammad Unsub Zia, Jamshed Memon, Bryan Scotney, Jorge Martinez Carracedo, Ali Sajjad

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

28 Downloads (Pure)

Abstract

Internet of Things (IoTs) framework involves of a wide range of com- puting devices that rely on cloud storage for various applications. For instance, monitoring, analytics, surveillance and storing data for later processing within other applications. Due to compliance with security standards and trust issues with third- party cloud storage servers, the IoT data has to be encrypted before moving it to cloud server for storage. However, a major concern with uploading encrypted IoT data to cloud is the management of encryption keys and managing access policies to data. There are several techniques that can be used for storing cryptographic keys used for encryption/decryption of data. For instance, the keys can be stored with encrypted data on the cloud, a third-party key storage vault can be used for storing keys or the keys can stay with client so that they could download and decrypt the data by themselves. In case of encryption keys leakage, the data stored on the cloud storage could be compromised. To resolve the challenge of key management and secure access to data in third-party cloud storage, an end-to-end transparent encryp- tion model has been proposed that securely publishes the cryptographic keys in a blockchain ledger. The data is encrypted at edge gateway before it is transmitted to cloud for storage. The user does not require cryptographic keys to access data; a seamless process involves the client proving their identity to a crypto proxy agent built upon zero trust security principles, ensuring continuous verification.
Original languageEnglish
Title of host publicationThe 38th International Conference on Advanced Information Networking and Applications (AINA-2024)
Publication statusAccepted/In press - 18 Jan 2024
EventThe 38th International Conference on
Advanced Information Networking and Applications (AINA-2024)
- Kitakyushu International Convention Center, Kitakyushu, Japan
Duration: 17 Apr 202419 Apr 2024
Conference number: 2024
http://voyager.ce.fit.ac.jp/conf/aina/2024/

Publication series

NameLecture Notes on Data Engineering and Communications Technologies
PublisherSpringer
ISSN (Print)2367-4512
ISSN (Electronic)2367-4520

Conference

ConferenceThe 38th International Conference on
Advanced Information Networking and Applications (AINA-2024)
Abbreviated titleAINA
Country/TerritoryJapan
CityKitakyushu
Period17/04/2419/04/24
Internet address

Fingerprint

Dive into the research topics of 'Transparent Encryption for IoT using Offline Key Exchange over Public Blockchains'. Together they form a unique fingerprint.

Cite this