The vehicle-to-grid (V2G) network has a clear advantage in terms of economic benefits, and it has grabbed the interest of powergrid and electric vehicle (EV) consumers. Many V2G techniques, at present, for example, use bilinear pairing to execute the authentication scheme, which results in significant computational costs. Furthermore, in the existing V2G techniques, the system master key is issued independently by the third parties, it is vulnerable to leaking if the third party is compromised by an attacker. This paper presents an efficient and secure anonymous authentication scheme for V2G networks to overcome this issue we use a lightweight authentication system for electric vehicles and smart grids. In the proposed technique, the keys are generated by the trusted authority after the successful registration of EVs in the trusted authority and the dispatching center. The suggested scheme not only enhances the verification performance of V2G networks and also protects against inbuilt hackers.

Security in the communication systems rely mainly on a trusted Public Key Infrastructure (PKI) and Certificate Authorities (CAs). Besides the lack of automation, the complexity and the cost of assigning a signed certificate to a device, several allegations against CAs have been discovered, which has created trust issues in adopting this standard model for secure systems. The automation of the servers certificate assignment was achieved by the Automated Certificate Management Environment (ACME) method, but without confirming the trust of assigned certificate. This paper presents a complete tested and implemented solution to solve the trust of the Certificates provided to the servers by using the blockchain platform for certificate validation. The Blockchain network provides an immutable data store, holding the public keys of all domain names, while resolving the trust concerns by applying an automated Blockchain-based Domain Control Validation (B-DCV) for the server and client server verification. The evaluation was performed on the Ethereum Rinkeby testnet adopting the Proof of Authority (PoA) consensus algorithm which is an improved version of Proof of Stake (Po \$S\$) applied on Ethereum 2.0 providing superior performance compared to Ethereum 1.0.

Large-scale onboarding of industrial cyber physical systems requires efficiency and security. In situations with the dynamic addition of devices (e.g., from subcontractors entering a workplace), automation of the onboarding process is desired. The Eclipse Arrowhead framework, which provides a platform for industrial automation, requires reliable, flexible, and secure device onboarding to local clouds. In this paper, we propose a device onboarding method in the Arrowhead framework where decentralized authorization is provided by Power of Attorney. The model allows users to subgrant power to trusted autonomous devices to act on their behalf. We present concepts, an implementation of the proposed system, and a use case for scalable onboarding where Powers of Attorney at two levels are used to allow a subcontractor to onboard its devices to an industrial site. We also present performance evaluation results.

While Smart contracts are agreements stored on Blockchain, NFTs are representation of digital assets encoded as Smart Contracts. The uniqueness of a Non-Fungible Token (NFT) is established through the digital signature of the creator/owner that should be authenticatable and verifiable over a long period of time. This requires possession of assured identities by the entities involved in such transactions, and support for long-term validation, which may pave the way for gaining support from legal systems. Public Key Infrastructure (PKI) is a trusted ecosystem that can assure the identity of an entity, including human users, domain names, devices etc. In PKI, a digital certificate assures the identity by chaining and anchoring to a trusted root, which is currently not the case in Smart Contracts and NFTs. The storage of the digital assets in decentralized nodes need to be assured for availability for a long period of time. This invariably depends on the sustenance of the underlying network that requires monitoring and auditing for assurance. In this paper, we discuss the above challenges in detail and bring out the intricate issues. We also bust the myth that decentralized trust models are flawless and incident free and also indicate that over time, they tend to centralize for optimality. We then present our proposals, and structures that leverages the existing Public Key Infrastructure systems, with mechanisms for creating an environment for reliable Smart Contracts and NFTs.

A huge number of cloud users and cloud providers are threatened of security issues by cloud computing adoption. Cloud computing is a hub of virtualization that provides virtualization-based infrastructure over physically connected systems. With the rapid advancement of cloud computing technology, data protection is becoming increasingly necessary. It's important to weigh the advantages and disadvantages of moving to cloud computing when deciding whether to do so. As a result of security and other problems in the cloud, cloud clients need more time to consider transitioning to cloud environments. Cloud computing, like any other technology, faces numerous challenges, especially in terms of cloud security. Many future customers are wary of cloud adoption because of this. Virtualization Technologies facilitates the sharing of recourses among multiple users. Cloud services are protected using various models such as type-I and type-II hypervisors, OS-level, and unikernel virtualization but also offer a variety of security issues. Unfortunately, several attacks have been built in recent years to compromise the hypervisor and take control of all virtual machines running above it. It is extremely difficult to reduce the size of a hypervisor due to the functions it offers. It is not acceptable for a safe device design to include a large hypervisor in the Trusted Computing Base (TCB). Virtualization is used by cloud computing service providers to provide services. However, using these methods entails handing over complete ownership of data to a third party. This paper covers a variety of topics related to virtualization protection, including a summary of various solutions and risk mitigation in VMM (virtual machine monitor). In this paper, we will discuss issues possible with a malicious virtual machine. We will also discuss security precautions that are required to handle malicious behaviors. We notice the issues of investigating malicious behaviors in cloud computing, give the scientific categorization and demonstrate the future headings. We've identified: i) security specifications for virtualization in Cloud computing, which can be used as a starting point for securing Cloud virtual infrastructure, ii) attacks that can be conducted against Cloud virtual infrastructure, and iii) security solutions to protect the virtualization environment from DDOS attacks.

In this paper we present techniques for enhancing the security of south bound infrastructure in SDN which includes OpenFlow switches and end hosts. In particular, the proposed security techniques have three main goals: (i) validation and secure configuration of flow rules in the OpenFlow switches by trusted SDN controller in the domain; (ii) securing the flows from the end hosts; and (iii) detecting attacks on the switches by malicious entities in the SDN domain. We have implemented the proposed security techniques as an application for ONOS SDN controller. We have also validated our application by detecting various OpenFlow switch specific attacks such as malicious flow rule insertions and modifications in the switches over a mininet emulated network.

Ubiquitous environment embedded with artificial intelligent consist of heterogenous smart devices communicating each other in several context for the computation of requirements. In such environment the trust among the smart users have taken as the challenge to provide the secure environment during the communication in the ubiquitous region. To provide the secure trusted environment for the users of ubiquitous system proposed approach aims to extract behavior of smart invisible entities by retrieving their behavior of communication in the network and applying the recommendation-based filters using Deep learning (RBF-DL). The proposed model adopts deep learning-based classifier to classify the unfair recommendation with fair ones to have a trustworthy ubiquitous system. The capability of proposed model is analyzed and validated by considering different attacks and additional feature of instances in comparison with generic recommendation systems.

Recommenders are central in many applications today. The most effective recommendation schemes, such as those based on collaborative filtering (CF), exploit similarities between user profiles to make recommendations, but potentially expose private data. Federated learning and decentralized learning systems address this by letting the data stay on user's machines to preserve privacy: each user performs the training on local data and only the model parameters are shared. However, sharing the model parameters across the network may still yield privacy breaches. In this paper, we present Rex, the first enclave-based decentralized CF recommender. Rex exploits Trusted execution environments (TEE), such as Intel software guard extensions (SGX), that provide shielded environments within the processor to improve convergence while preserving privacy. Firstly, Rex enables raw data sharing, which ultimately speeds up convergence and reduces the network load. Secondly, Rex fully preserves privacy. We analyze the impact of raw data sharing in both deep neural network (DNN) and matrix factorization (MF) recommenders and showcase the benefits of trusted environments in a full-fledged implementation of Rex. Our experimental results demonstrate that through raw data sharing, Rex significantly decreases the training time by 18.3 x and the network load by 2 orders of magnitude over standard decentralized approaches that share only parameters, while fully protecting privacy by leveraging trustworthy hardware enclaves with very little overhead.

Blockchain is a relatively new technology, a distributed database used for sharing between nodes of computer networks. A blockchain stores all information in automated digital format as a database. Blockchain innovation ensures the accuracy and security of the data record and generates trust without the need for a trusted third party. The objectives of this paper are to determine the security risk of the blockchain systems, analyze the vulnerabilities exploited on the blockchain, and identify recent security challenges that the blockchain faces. This review paper presents some of the previous studies of the security threats that blockchain faces and reviews the security enhancement solutions for blockchain vulnerabilities. There are some studies on blockchain security issues, but there is no systematic examination of the problem, despite the blockchain system’s security threats. An observational research methodology was used in this research. Through this methodology, many research related to blockchain threats and vulnerabilities obtained. The outcomes of this research are to Identify the most important security threats faced by the blockchain and consideration of security recently vulnerabilities. Processes and methods for dealing with security concerns are examined. Intelligent corporate security academic challenges and limitations are covered throughout this review. The goal of this review is to serve as a platform as well as a reference point for future work on blockchain-based security.

With the rapid development of blockchain technology, it provides a new technical solution for secure storage of data and trusted computing. However, in the actual application of data traceability, blockchain technology has an obvious disadvantage: the large amount of data stored in the blockchain system will lead to a long response time for users to query data. Higher query delay severely restricts the development of block chain technology in the traceability system. In order to solve this problem, we propose an efficient, secure and low storage overhead blockchain query scheme. Specifically, we design an index structure independent of Merkle tree to support efficient intra-block query, and create new fields in the block header to optimize inter-block query. Compared with several existing schemes, our scheme ensures the security of data. Finally, we simulate and evaluate our proposed scheme. The results show that the proposed scheme has better execution efficiency while reducing additional overhead.

Intrusion detection for Controller Area Network (CAN) protocol requires modern methods in order to compete with other electrical architectures. Fingerprint Intrusion Detection Systems (IDS) provide a promising new approach to solve this problem. By characterizing network traffic from known ECUs, hazardous messages can be discriminated. In this article, a modified version of Fingerprint IDS is employed utilizing both step response and spectral characterization of network traffic via neural network training. With the addition of feature set reduction and hyperparameter tuning, this method accomplishes a 99.4% detection rate of trusted ECU traffic.

With the rapid development of Internet Technology in recent years, the demand for security support for complex applications is becoming stronger and stronger. Intel Software Guard Extensions (Intel SGX) is created as an extension of Intel Systems to enhance software security. Intel SGX allows application developers to create so-called enclave. Sensitive application code and data are encapsulated in Trusted Execution Environment (TEE) by enclave. TEE is completely isolated from other applications, operating systems, and administrative programs. Enclave is the core structure of Intel SGX Technology. Enclave supports multi-threading. Thread Control Structure (TCS) stores special information for restoring enclave threads when entering or exiting enclave. Each execution thread in enclave is associated with a TCS. This paper analyzes and verifies the possible security risks of enclave under concurrent conditions. It is found that in the case of multithread concurrency, a single enclave cannot resist flooding attacks, and related threads also throw TCS exception codes.

The security and reliability of power grid dispatching system is the basis of the stable development of the whole social economy. With the development of information, computer science and technology, communication technology, and network technology, using more advanced intelligent technology to improve the performance of security and reliability of power grid dispatching system has important research value and practical significance. In order to provide valuable references for relevant researchers and for the construction of future power system related applications. This paper summarizes the latest technical status of attribute encryption and hierarchical identity encryption methods, and introduces the access control method based on attribute and hierarchical identity encryption, the construction method of attribute encryption scheme, revocable CP-ABE scheme and its application in power grid data security access control. Combined with multi authorization center encryption, third-party trusted entity and optimized encryption algorithm, the parallel access control algorithm of hierarchical identity and attribute encryption and its application in power grid data security access control are introduced.

Embedded devices are becoming increasingly pervasive in safety-critical systems of the emerging cyber-physical world. While trusted execution environments (TEEs), such as ARM TrustZone, have been widely deployed in mobile platforms, little attention has been given to deployment on real-time cyber-physical systems, which present a different set of challenges compared to mobile applications. For safety-critical cyber-physical systems, such as autonomous drones or automobiles, the current TEE deployment paradigm, which focuses only on confidentiality and integrity, is insufficient. Computation in these systems also needs to be completed in a timely manner (e.g., before the car hits a pedestrian), putting a much stronger emphasis on availability.To bridge this gap, we present RT-TEE, a real-time trusted execution environment. There are three key research challenges. First, RT-TEE bootstraps the ability to ensure availability using a minimal set of hardware primitives on commodity embedded platforms. Second, to balance real-time performance and scheduler complexity, we designed a policy-based event-driven hierarchical scheduler. Third, to mitigate the risks of having device drivers in the secure environment, we designed an I/O reference monitor that leverages software sandboxing and driver debloating to provide fine-grained access control on peripherals while minimizing the trusted computing base (TCB).We implemented prototypes on both ARMv8-A and ARMv8-M platforms. The system is tested on both synthetic tasks and real-life CPS applications. We evaluated rover and plane in simulation and quadcopter both in simulation and with a real drone.

With the rapid development of cloud storage technology, an increasing number of enterprises and users choose to store data in the cloud, which can reduce the local overhead and ensure safe storage, sharing, and deletion. In cloud storage, safe data deletion is a critical and challenging problem. This paper proposes an assured data deletion scheme based on multi-authoritative users in the semi-trusted cloud storage scenario (MAU-AD), which aims to realize the secure management of the key without introducing any trusted third party and achieve assured deletion of cloud data. MAU-AD uses access policy graphs to achieve fine-grained access control and data sharing. Besides, the data security is guaranteed by mutual restriction between authoritative users, and the system robustness is improved by multiple authoritative users jointly managing keys. In addition, the traceability of misconduct in the system can be realized by blockchain technology. Through simulation experiments and comparison with related schemes, MAU-AD is proven safe and effective, and it provides a novel application scenario for the assured deletion of cloud storage data.

Frauds in supply chain finance not only result in substantial loss for financial institutions (e.g., banks, trust company, private funds), but also are detrimental to the reputation of the ecosystem. However, such frauds are hard to detect due to the complexity of the operating environment in supply chain finance such as involvement of multiple parties under different agreements. Traditional instruments of financial institutions are time-consuming yet insufficient in countering fraudulent supply chain financing. In this study, we propose a novel blockchain-driven framework for deterring fraud in supply chain finance. Specifically, we use inventory financing in jewelry supply chain as an illustrative scenario. The blockchain technology enables secure and trusted data sharing among multiple parties due to its characteristics of immutability and traceability. Consequently, information on manufacturing, brand license, and warehouse status are available to financial institutions in real time. Moreover, we develop a novel rule-based fraud check module to automatically detect suspicious fraud cases by auditing documents shared by multiple parties through a blockchain network. To validate the effectiveness of the proposed framework, we employ agent-based modeling and simulation. Experimental results show that our proposed framework can effectively deter fraudulent supply chain financing as well as improve operational efficiency.