sensors-logo

Journal Browser

Journal Browser

Special Issue "Security, Trust and Privacy in New Computing Environments"

A special issue of Sensors (ISSN 1424-8220). This special issue belongs to the section "Internet of Things".

Deadline for manuscript submissions: 30 November 2021.

Special Issue Editors

Dr. Wenjuan Li
E-Mail Website
Guest Editor
Department of Computing, Hong Kong Polytechnic University, Hong Kong 100871, China
Interests: network management and security; intrusion detection; spam detection; trust management; web technology; blockchain and E-commerce security
Prof. Dr. Sokratis Katsikas
E-Mail Website
Guest Editor
Department of Information Security and Communication Technology, Norwegian University of Science and Technology, 2815, Gjøvik, Norway
Interests: information and cybersecurity
Special Issues and Collections in MDPI journals
Dr. Peng Jiang
E-Mail Website
Guest Editor
Beijing Institute of Technology (BIT), Beijing 100811, China
Interests: cryptography; information security; blockchain

Special Issue Information

Dear Colleagues,

The dynamics of existing computing models and computing environments change frequently, with the rapid development of mobile computing, big data, and artificial intelligence, Internet-of-Things (IoT), blockchain technology, and many other large-scale computing environments. For example, in IoT and big data environments, many traditional solutions and tools are not suitable. Migrating conventional systems to the new computing environment may cause many unexpected mistakes and errors, resulting in an increasing number of security, trust, and privacy issues. With the popularity of blockchain technology, decentralized solutions are also leading to big changes in current computing environments. Many blockchain-based systems like PKI, audit systems, and insurance systems are under construction. The adoption of blockchain has the potential to help solve the issue of data integrity and transparency.

This Special Issue focuses on all security, trust, and privacy issues, and all efforts to investigate and address these challenges in current new computing environments.

In particular, the topics of interest include but are not limited to the following:

  • User authentication in new computing environments
  • Risk analysis and intrusion response
  • Identity and access management in IoT
  • AI security
  • Measurement of IoT privacy leakage
  • Mobile cloud security
  • New cryptographic techniques
  • Cloud security
  • Security and privacy in big data
  • Blockchain in new computing environments
  • Software security
  • Cybercrime
  • IoT security and privacy
  • Forensic techniques
  • Usable security in new computing environments
  • Cyber intelligence techniques
Dr. Wenjuan Li, Dr. Weizhi Meng, Prof. Dr. Sokratis Katsikas and Dr. Peng Jiang

Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2200 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Published Papers (13 papers)

Order results
Result details
Select all
Export citation of selected articles as:

Research

Article
Steganographic Analysis of Blockchains
Sensors 2021, 21(12), 4078; https://doi.org/10.3390/s21124078 - 13 Jun 2021
Viewed by 381
Abstract
Steganography is one of the ways to hide data between parties. Its use can be worrisome, e.g., to hide illegal communications. Researchers found that public blockchains can be an attractive place to hide communications; however, there is not much evidence of actual use [...] Read more.
Steganography is one of the ways to hide data between parties. Its use can be worrisome, e.g., to hide illegal communications. Researchers found that public blockchains can be an attractive place to hide communications; however, there is not much evidence of actual use in blockchains. Besides, previous work showed a lack of steganalysis methods for blockchains. In this context, we present a steganalysis approach for blockchains, evaluating it in Bitcoin and Ethereum, both popular cryptocurrencies. The main objective is to answer if one can find steganography in real case scenarios, focusing on LSB of addresses and nonces. Our sequential analysis included 253 GiB and 107 GiB of bitcoin and ethereum, respectively. We also analyzed up to 98 million bitcoin clusters. We found that bitcoin clusters could carry up to 360 KiB of hidden data if used for such a purpose. We have not found any concrete evidence of hidden data in the blockchains. The sequential analysis may not capture the perspective of the users of the blockchain network. In this case, we recommend clustering analysis, but it depends on the clustering method’s accuracy. Steganalysis is an essential aspect of blockchain security. Full article
(This article belongs to the Special Issue Security, Trust and Privacy in New Computing Environments)
Show Figures

Figure 1

Communication
Assessing MITRE ATT&CK Risk Using a Cyber-Security Culture Framework
Sensors 2021, 21(9), 3267; https://doi.org/10.3390/s21093267 - 09 May 2021
Viewed by 636
Abstract
The MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) Framework provides a rich and actionable repository of adversarial tactics, techniques, and procedures. Its innovative approach has been broadly welcomed by both vendors and enterprise customers in the industry. Its usage extends from adversary [...] Read more.
The MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) Framework provides a rich and actionable repository of adversarial tactics, techniques, and procedures. Its innovative approach has been broadly welcomed by both vendors and enterprise customers in the industry. Its usage extends from adversary emulation, red teaming, behavioral analytics development to a defensive gap and SOC (Security Operations Center) maturity assessment. While extensive research has been done on analyzing specific attacks or specific organizational culture and human behavior factors leading to such attacks, a holistic view on the association of both is currently missing. In this paper, we present our research results on associating a comprehensive set of organizational and individual culture factors (as described on our developed cyber-security culture framework) with security vulnerabilities mapped to specific adversary behavior and patterns utilizing the MITRE ATT&CK framework. Thus, exploiting MITRE ATT&CK’s possibilities towards a scientific direction that has not yet been explored: security assessment and defensive design, a step prior to its current application domain. The suggested cyber-security culture framework was originally designed to aim at critical infrastructures and, more specifically, the energy sector. Organizations of these domains exhibit a co-existence and strong interaction of the IT (Information Technology) and OT (Operational Technology) networks. As a result, we emphasize our scientific effort on the hybrid MITRE ATT&CK for Enterprise and ICS (Industrial Control Systems) model as a broader and more holistic approach. The results of our research can be utilized in an extensive set of applications, including the efficient organization of security procedures as well as enhancing security readiness evaluation results by providing more insights into imminent threats and security risks. Full article
(This article belongs to the Special Issue Security, Trust and Privacy in New Computing Environments)
Show Figures

Figure 1

Article
Secure Combination of IoT and Blockchain by Physically Binding IoT Devices to Smart Non-Fungible Tokens Using PUFs
Sensors 2021, 21(9), 3119; https://doi.org/10.3390/s21093119 - 30 Apr 2021
Viewed by 601
Abstract
Non-fungible tokens (NFTs) are widely used in blockchain to represent unique and non-interchangeable assets. Current NFTs allow representing assets by a unique identifier, as a possession of an owner. The novelty introduced in this paper is the proposal of smart NFTs to represent [...] Read more.
Non-fungible tokens (NFTs) are widely used in blockchain to represent unique and non-interchangeable assets. Current NFTs allow representing assets by a unique identifier, as a possession of an owner. The novelty introduced in this paper is the proposal of smart NFTs to represent IoT devices, which are physical smart assets. Hence, they are also identified as the utility of a user, they have a blockchain account (BCA) address to participate actively in the blockchain transactions, they can establish secure communication channels with owners and users, and they operate dynamically with several modes associated with their token states. A smart NFT is physically bound to its IoT device thanks to the use of a physical unclonable function (PUF) that allows recovering its private key and, then, its BCA address. The link between tokens and devices is difficult to break and can be traced during their lifetime, because devices execute a secure boot and carry out mutual authentication processes with new owners and users that could add new software. Hence, devices prove their trusted hardware and software. A whole demonstration of the proposal developed with ESP32-based IoT devices and Ethereum blockchain is presented, using the SRAM of the ESP32 microcontroller as the PUF. Full article
(This article belongs to the Special Issue Security, Trust and Privacy in New Computing Environments)
Show Figures

Figure 1

Article
Ensuring Purpose Limitation in Large-Scale Infrastructures with Provenance-Enabled Access Control
Sensors 2021, 21(9), 3041; https://doi.org/10.3390/s21093041 - 26 Apr 2021
Viewed by 347
Abstract
The amount of data generated in today’s world has a fair share of personal information about individuals that helps data owners and data processors in providing them with personalized services. Different legal and regulatory obligations apply to all data owners collecting personal information, [...] Read more.
The amount of data generated in today’s world has a fair share of personal information about individuals that helps data owners and data processors in providing them with personalized services. Different legal and regulatory obligations apply to all data owners collecting personal information, specifying they use it only for the agreed-upon purposes and in a transparent way to preserve privacy. However, it is difficult to achieve this in large-scale and distributed infrastructures as data is continuously changing its form, such as through aggregation with other sources or the generation of new transformed resources, resulting often in the loss or misinterpretation of the collection purpose. In order to preserve the authorized collection purposes, we propose data is added as a part of immutable and append-only resource metadata (provenance), to be retrieved by an access control mechanism when required for data-usage verification. This not only ensures purpose limitation in large-scale infrastructures but also provides transparency for individuals and auditing authorities to track how personal information is used. Full article
(This article belongs to the Special Issue Security, Trust and Privacy in New Computing Environments)
Show Figures

Figure 1

Article
Privacy-Preserving Task-Matching and Multiple-Submissions Detection in Crowdsourcing
Sensors 2021, 21(9), 3036; https://doi.org/10.3390/s21093036 - 26 Apr 2021
Viewed by 370
Abstract
Crowdsourcing enables requesters to publish tasks to a platform and workers are rewarded for performing tasks of interest. It provides an efficient and low-cost way to aggregate data and solve problems that are difficult for computers but simple for humans. However, the privacy [...] Read more.
Crowdsourcing enables requesters to publish tasks to a platform and workers are rewarded for performing tasks of interest. It provides an efficient and low-cost way to aggregate data and solve problems that are difficult for computers but simple for humans. However, the privacy risks and challenges are still widespread. In the real world, the task content may be sensitive and only workers who meet specific requirements or possess certain skills are allowed to acquire and perform it. When these distributed workers submit their task answers, their identity or attribute privacy may also be exposed. If workers are allowed to submit anonymously, they may have the chance to repeat their answers so as to get more rewards. To address these issues, we develop a privacy-preserving task-matching and multiple-submissions detection scheme based on inner-product cryptography and proof of knowledge (PoK) protocol in crowdsourcing. In such a construction, multi-authority inner-product encryption is introduced to protect task confidentiality and achieve fine-grained task-matching based on the attributes of workers. The PoK protocol helps to restrict multiple submissions. For one task, a suitable worker could only submit once without revealing his/her identity. Moreover, different tasks for one worker are unlinkable. Furthermore, the implementation analysis shows that the scheme is effective and feasible. Full article
(This article belongs to the Special Issue Security, Trust and Privacy in New Computing Environments)
Show Figures

Figure 1

Article
A Smartcard-Based User-Controlled Single Sign-On for Privacy Preservation in 5G-IoT Telemedicine Systems
Sensors 2021, 21(8), 2880; https://doi.org/10.3390/s21082880 - 20 Apr 2021
Viewed by 508
Abstract
Healthcare is now an important part of daily life because of rising consciousness of health management. Medical professionals can know users’ health condition if they are able to access information immediately. Telemedicine systems, which provides long distance medical communication and services, is a [...] Read more.
Healthcare is now an important part of daily life because of rising consciousness of health management. Medical professionals can know users’ health condition if they are able to access information immediately. Telemedicine systems, which provides long distance medical communication and services, is a multi-functional remote medical service that can help patients in bed in long-distance communication environments. As telemedicine systems work in public networks, privacy preservation issue of sensitive and private transmitted information is important. One of the means of proving a user’s identity are user-controlled single sign-on (UCSSO) authentication scheme, which can establish a secure communication channel using authenticated session keys between the users and servers of telemedicine systems, without threats of eavesdropping, impersonation, etc., and allow patients access to multiple telemedicine services with a pair of identity and password. In this paper, we proposed a smartcard-based user-controlled single sign-on (SC-UCSSO) for telemedicine systems that not only remains above merits but achieves privacy preservation and enhances security and performance compared to previous schemes that were proved with BAN logic and automated validation of internet security protocols and applications (AVISPA). Full article
(This article belongs to the Special Issue Security, Trust and Privacy in New Computing Environments)
Show Figures

Figure 1

Article
TruthTrust: Truth Inference-Based Trust Management Mechanism on a Crowdsourcing Platform
Sensors 2021, 21(8), 2578; https://doi.org/10.3390/s21082578 - 07 Apr 2021
Viewed by 345
Abstract
On a crowdsourcing platform, in order to cheat for rewards or sabotage the crowdsourcing processes, spam workers may submit numerous erroneous answers to the tasks published by requesters. This type of behavior extremely reduces the completion rate of tasks and the enthusiasm of [...] Read more.
On a crowdsourcing platform, in order to cheat for rewards or sabotage the crowdsourcing processes, spam workers may submit numerous erroneous answers to the tasks published by requesters. This type of behavior extremely reduces the completion rate of tasks and the enthusiasm of honest users, which may lead a crowdsourcing platform to a failure. Defending against malicious attacks is an important issue in crowdsourcing, which has been extensively addressed by existing methods, e.g., verification-based defense mechanisms, data analysis solutions, trust-based defense models, and workers’ properties matching mechanisms. However, verification-based defense mechanisms will consume a lot of resources, and data analysis solutions cannot motivate workers to provide high-quality services. Trust-based defense models and workers’ properties matching mechanisms cannot guarantee the authenticity of information when collusion requesters publish shadow tasks to help malicious workers get more participation opportunities. To defend such collusion attacks in crowdsourcing platforms, we propose a new defense model named TruthTrust. Firstly, we define a complete life cycle system that from users’ interaction to workers’ recommendation, and separately define the trust value of each worker and the credence of each requester. Secondly, in order to ensure the authenticity of the information, we establish a trust model based on the CRH framework. The calculated truth value and weight are used to define the global properties of workers and requesters. Moreover, we propose a reverse mechanism to improve the resistance under attacks. Finally, extensive experiments demonstrate that TruthTrust significantly outperforms the state-of-the-art approaches in terms of effective task completion rate. Full article
(This article belongs to the Special Issue Security, Trust and Privacy in New Computing Environments)
Show Figures

Figure 1

Article
Cyber Risk Propagation and Optimal Selection of Cybersecurity Controls for Complex Cyberphysical Systems
Sensors 2021, 21(5), 1691; https://doi.org/10.3390/s21051691 - 01 Mar 2021
Viewed by 641
Abstract
The increasingly witnessed integration of information technology with operational technology leads to the formation of Cyber-Physical Systems (CPSs) that intertwine physical and cyber components and connect to each other to form systems-of-systems. This interconnection enables the offering of functionality beyond the combined offering [...] Read more.
The increasingly witnessed integration of information technology with operational technology leads to the formation of Cyber-Physical Systems (CPSs) that intertwine physical and cyber components and connect to each other to form systems-of-systems. This interconnection enables the offering of functionality beyond the combined offering of each individual component, but at the same time increases the cyber risk of the overall system, as such risk propagates between and aggregates at component systems. The complexity of the resulting systems-of-systems in many cases leads to difficulty in analyzing cyber risk. Additionally, the selection of cybersecurity controls that will effectively and efficiently treat the cyber risk is commonly performed manually, or at best with limited automated decision support. In this work, we propose a method for analyzing risk propagation and aggregation in complex CPSs utilizing the results of risk assessments of their individual constituents. Additionally, we propose a method employing evolutionary programming for automating the selection of an optimal set of cybersecurity controls out of a list of available controls, that will minimize the residual risk and the cost associated with the implementation of these measures. We illustrate the workings of the proposed methods by applying them to the navigational systems of two variants of the Cyber-Enabled Ship (C-ES), namely the autonomous ship and the remotely controlled ship. The results are sets of cybersecurity controls applied to those components of the overall system that have been identified in previous studies as the most vulnerable ones; such controls minimize the residual risk, while also minimizing the cost of implementation. Full article
(This article belongs to the Special Issue Security, Trust and Privacy in New Computing Environments)
Show Figures

Figure 1

Article
Anonymous Asynchronous Ratchet Tree Protocol for Group Messaging
Sensors 2021, 21(4), 1058; https://doi.org/10.3390/s21041058 - 04 Feb 2021
Viewed by 421
Abstract
Signal is the first application that applies the double ratchet for its end-to-end encryption protocol. The core of the double ratchet protocol is then applied in WhatsApp, the most popular messaging application around the world. Asynchronous Ratchet Tree (ART) is extended from ratchet [...] Read more.
Signal is the first application that applies the double ratchet for its end-to-end encryption protocol. The core of the double ratchet protocol is then applied in WhatsApp, the most popular messaging application around the world. Asynchronous Ratchet Tree (ART) is extended from ratchet and Diffie-Hellman tree. It is the first group protocol that applies Forward Secrecy (FS) with Post-Compromised Security (PCS). However, it does not consider protecting the privacy of user identity. Therefore, it makes sense to provide anonymous features in the conditions of FS and PCS. In this paper, the concepts of Internal Group Anonymity (IGA) and External Group Anonymity (EGA) are formalized. On the basis of IGA and EGA, we develop the “Anonymous Asynchronous Ratchet Tree (AART)” to realize anonymity while preserving FS and PCS. Then, we prove that our AART meets the requirements of IGA and EGA as well as FS and PCS. Finally, the performance and related issues of AART are discussed. Full article
(This article belongs to the Special Issue Security, Trust and Privacy in New Computing Environments)
Show Figures

Figure 1

Article
GAN-Based Differential Private Image Privacy Protection Framework for the Internet of Multimedia Things
Sensors 2021, 21(1), 58; https://doi.org/10.3390/s21010058 - 24 Dec 2020
Cited by 1 | Viewed by 792
Abstract
With the development of the Internet of Multimedia Things (IoMT), an increasing amount of image data is collected by various multimedia devices, such as smartphones, cameras, and drones. This massive number of images are widely used in each field of IoMT, which presents [...] Read more.
With the development of the Internet of Multimedia Things (IoMT), an increasing amount of image data is collected by various multimedia devices, such as smartphones, cameras, and drones. This massive number of images are widely used in each field of IoMT, which presents substantial challenges for privacy preservation. In this paper, we propose a new image privacy protection framework in an effort to protect the sensitive personal information contained in images collected by IoMT devices. We aim to use deep neural network techniques to identify the privacy-sensitive content in images, and then protect it with the synthetic content generated by generative adversarial networks (GANs) with differential privacy (DP). Our experiment results show that the proposed framework can effectively protect users’ privacy while maintaining image utility. Full article
(This article belongs to the Special Issue Security, Trust and Privacy in New Computing Environments)
Show Figures

Figure 1

Article
A Critical Evaluation of Privacy and Security Threats in Federated Learning
Sensors 2020, 20(24), 7182; https://doi.org/10.3390/s20247182 - 15 Dec 2020
Cited by 3 | Viewed by 669
Abstract
With the advent of smart devices, smartphones, and smart everything, the Internet of Things (IoT) has emerged with an incredible impact on the industries and human life. The IoT consists of millions of clients that exchange massive amounts of critical data, which results [...] Read more.
With the advent of smart devices, smartphones, and smart everything, the Internet of Things (IoT) has emerged with an incredible impact on the industries and human life. The IoT consists of millions of clients that exchange massive amounts of critical data, which results in high privacy risks when processed by a centralized cloud server. Motivated by this privacy concern, a new machine learning paradigm has emerged, namely Federated Learning (FL). Specifically, FL allows for each client to train a learning model locally and performs global model aggregation at the centralized cloud server in order to avoid the direct data leakage from clients. However, despite this efficient distributed training technique, an individual’s private information can still be compromised. To this end, in this paper, we investigate the privacy and security threats that can harm the whole execution process of FL. Additionally, we provide practical solutions to overcome those attacks and protect the individual’s privacy. We also present experimental results in order to highlight the discussed issues and possible solutions. We expect that this work will open exciting perspectives for future research in FL. Full article
(This article belongs to the Special Issue Security, Trust and Privacy in New Computing Environments)
Show Figures

Figure 1

Article
Tracing Your Smart-Home Devices Conversations: A Real World IoT Traffic Data-Set
Sensors 2020, 20(22), 6600; https://doi.org/10.3390/s20226600 - 18 Nov 2020
Cited by 1 | Viewed by 981
Abstract
Smart-home installations exponential growth has raised major security concerns. To this direction, the GHOST project, a European Union Horizon 2020 Research and Innovation funded project, aims to develop a reference architecture for securing smart-homes IoT ecosystem. It is required to have automated and [...] Read more.
Smart-home installations exponential growth has raised major security concerns. To this direction, the GHOST project, a European Union Horizon 2020 Research and Innovation funded project, aims to develop a reference architecture for securing smart-homes IoT ecosystem. It is required to have automated and user friendly security mechanisms embedded into smart-home environments, to protect the users’ digital well being. GHOST project aims to fulfill this requirement and one of its main functionalities is the traffic monitoring for all IoT related network protocols. In this paper, the traffic capturing and monitoring mechanism of the GHOST system, called NDFA, is presented, as the first mechanism that is able to monitor smart-home activity in a holistic way. With the help of the NDFA, we compile the GHOST-IoT-data-set, an IoT network traffic data-set, captured in a real world smart-home installation. This data-set contains traffic from multiple network interfaces with both normal real life activity and simulated abnormal functioning of the devices. The GHOST-IoT-data-set is offered to the research community as a proof of concept to demonstrate the ability of the NDFA module to process the raw network traffic from a real world smart-home installation with multiple network interfaces and IoT devices. Full article
(This article belongs to the Special Issue Security, Trust and Privacy in New Computing Environments)
Show Figures

Figure 1

Article
A Privacy-Preserving Healthcare Framework Using Hyperledger Fabric
Sensors 2020, 20(22), 6587; https://doi.org/10.3390/s20226587 - 18 Nov 2020
Cited by 4 | Viewed by 1226
Abstract
Electronic health record (EHR) management systems require the adoption of effective technologies when health information is being exchanged. Current management approaches often face risks that may expose medical record storage solutions to common security attack vectors. However, healthcare-oriented blockchain solutions can provide a [...] Read more.
Electronic health record (EHR) management systems require the adoption of effective technologies when health information is being exchanged. Current management approaches often face risks that may expose medical record storage solutions to common security attack vectors. However, healthcare-oriented blockchain solutions can provide a decentralized, anonymous and secure EHR handling approach. This paper presents PREHEALTH, a privacy-preserving EHR management solution that uses distributed ledger technology and an Identity Mixer (Idemix). The paper describes a proof-of-concept implementation that uses the Hyperledger Fabric’s permissioned blockchain framework. The proposed solution is able to store patient records effectively whilst providing anonymity and unlinkability. Experimental performance evaluation results demonstrate the scheme’s efficiency and feasibility for real-world scale deployment. Full article
(This article belongs to the Special Issue Security, Trust and Privacy in New Computing Environments)
Show Figures

Figure 1

Back to TopTop