E-Mail Alert

Add your e-mail address to receive forthcoming issues of this journal:

Journal Browser

Journal Browser

Special Issue "Privacy and Security for Resource Constrained IoT Devices and Networks"

A special issue of Sensors (ISSN 1424-8220). This special issue belongs to the section "Internet of Things".

Deadline for manuscript submissions: 31 December 2018

Special Issue Editors

Guest Editor
Dr. Shancang Li

University of the West of England, Bristol, UK
Website | E-Mail
Interests: security; CPS; IoT security
Guest Editor
Prof. Dr. Houbing Song

Department of Electrical, Computer, Software, and Systems Engineering, Embry-Riddle Aeronautical University, Daytona Beach, FL 32114, USA
Website | E-Mail
Interests: Cyber-Physical Systems; Signal Processing for Communications and Networking; Cloud Computing/Edge Computing
Guest Editor
Dr. Muddesar Iqbal

School of Computing, London South Bank University, London, UK
Website | E-Mail
Interests: mobile security; IoT; privacy requirements

Special Issue Information

Dear Colleagues,

With the exponential growth of the Internet of Things (IoT) and cyber-physical systems (CPS), a wide range of IoT applications have been developed and deployed in recent years. To match the heterogeneous application requriements in IoT and CPS, many resource-constrained IoT devices are deployed, in which privacy and security have emerged as a big challenges because they have not been designed to have effective security features.

Despite the fact that many security solutions have been developed for the Internet, there are major concerns regarding the resource-constrained environments in IoT, including data encryption, privacy-preservation, vulnerabilities, threats, attacks, controls, etc. To address these privacy and security challenges, appropriate technologies have to be developed for resource-constrained environments in IoT.

This Special Issue aims to unveil and address the privacy-preservation and security issues and challenges in IoT and CPS. Suggested topics include, but are not limited to, the following.

  • Secure data sharing in IoT and CPS
  • Secure computation in resource constrained environment
  • Location privacy in IoT and CPS
  • Lightweight cryptography for low-resource devices in IoT and CPS
  • Searable encryption
  • Access control in IoT and CPS
  • Key mamagement
  • Information diffusion
  • Privacy and security in mobile devices and networks
  • Forensics in IoT and CPS
  • Privacy and security in healthcare-related IoT and CPS
  • Human aspects of security and privacy issues
  • Secure authentications of devices

Dr. Shancang Li
Prof. Dr. Houbing Song
Dr. Muddesar Iqbal
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All papers will be peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Sensors is an international peer-reviewed open access monthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 1800 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Keywords

  • security and privacy-preserving
  • attack model
  • lightweight security solution

Published Papers (7 papers)

View options order results:
result details:
Displaying articles 1-7
Export citation of selected articles as:

Research

Open AccessArticle Joint Relay Selection and Power Allocation through a Genetic Algorithm for Secure Cooperative Cognitive Radio Networks
Sensors 2018, 18(11), 3934; https://doi.org/10.3390/s18113934
Received: 16 October 2018 / Revised: 8 November 2018 / Accepted: 12 November 2018 / Published: 14 November 2018
PDF Full-text (3360 KB) | HTML Full-text | XML Full-text
Abstract
In cooperative cognitive radio networks (CCRNs), there has been growing demand of transmitting secondary user (SU) source information secretly to the corresponding SU destination with the aid of cooperative SU relays. Efficient power allocation (PA) among SU relays and multi-relay selection (MRS) are
[...] Read more.
In cooperative cognitive radio networks (CCRNs), there has been growing demand of transmitting secondary user (SU) source information secretly to the corresponding SU destination with the aid of cooperative SU relays. Efficient power allocation (PA) among SU relays and multi-relay selection (MRS) are a critical problem for operating such networks whereas the interference to the primary user receiver is being kept below a tolerable level and the transmission power requirements of the secondary users are being satisfied. Subsequently, in the paper, we develop the problem to solve the optimal solution for PA and MRS in a collaborative amplify-and-forward-based CCRNs, in terms of maximizing the secrecy rate (SR) of the networks. It is found that the problem is a mixed integer programming problem and difficult to be solved. To cope with this difficulty, we propose a meta-heuristic genetic algorithm-based MRS and PA scheme to maximize the SR of the networks while satisfying transmission power and the interference requirements of the networks. Our simulation results reveal that the proposed scheme achieves near-optimal SR performance, compared to the exhaustive search scheme, and provides a significant SR improvement when compared with some conventional relay selection schemes with equal power allocation. Full article
Figures

Figure 1

Open AccessArticle BeeKeeper 2.0: Confidential Blockchain-Enabled IoT System with Fully Homomorphic Computation
Sensors 2018, 18(11), 3785; https://doi.org/10.3390/s18113785
Received: 12 September 2018 / Revised: 28 October 2018 / Accepted: 2 November 2018 / Published: 5 November 2018
PDF Full-text (1849 KB) | HTML Full-text | XML Full-text
Abstract
Blockchain-enabled Internet of Things (IoT) systems have received extensive attention from academia and industry. Most previous constructions face the risk of leaking sensitive information since the servers can obtain plaintext data from the devices. To address this issue, in this paper, we propose
[...] Read more.
Blockchain-enabled Internet of Things (IoT) systems have received extensive attention from academia and industry. Most previous constructions face the risk of leaking sensitive information since the servers can obtain plaintext data from the devices. To address this issue, in this paper, we propose a decentralized outsourcing computation (DOC) scheme, where the servers can perform fully homomorphic computations on encrypted data from the data owner according to the request of the data owner. In this process, the servers cannot obtain any plaintext data, and dishonest servers can be detected by the data owner. Then, we apply the DOC scheme in the IoT scenario to achieve a confidential blockchain-enabled IoT system, called BeeKeeper 2.0. To the best of our knowledge, this is the first work in which servers of a blockchain-enabled IoT system can perform any-degree homomorphic multiplications and any number of additions on encrypted data from devices according to the requests of the devices without obtaining any plaintext data of the devices. Finally, we provide a detailed performance evaluation for the BeeKeeper 2.0 system by deploying it on Hyperledger Fabric and using Hyperledger Caliper for performance testing. According to our tests, the time consumed between the request stage and recover stage is no more than 3.3 s, which theoretically satisfies the production needs. Full article
Figures

Figure 1

Open AccessArticle CS-FCDA: A Compressed Sensing-Based on Fault-Tolerant Data Aggregation in Sensor Networks
Sensors 2018, 18(11), 3749; https://doi.org/10.3390/s18113749
Received: 3 September 2018 / Revised: 26 October 2018 / Accepted: 1 November 2018 / Published: 2 November 2018
PDF Full-text (2751 KB) | HTML Full-text | XML Full-text
Abstract
When the nodes in the network are deployed in the target area with an appropriate density, the effective aggregation and transmission of the data gathered in the monitoring area remain to be solved. The existing Compressed Sensing (CS) based on data aggregation schemes
[...] Read more.
When the nodes in the network are deployed in the target area with an appropriate density, the effective aggregation and transmission of the data gathered in the monitoring area remain to be solved. The existing Compressed Sensing (CS) based on data aggregation schemes are accomplished in a centralized manner and the Sink node achieves the task of data aggregation. However, these existing schemes may suffer from load imbalance and coverage void issues. In order to address these problems, we propose a Compressed Sensing based on Fault-tolerant Correcting Data Aggregation (CS-FCDA) scheme to accurately reconstruct the compressed data. Therefore, the network communication overhead can be greatly reduced while maintaining the quality of the reconstructed data. Meanwhile, we adopt the node clustering mechanism to optimize and balance the network load. It is shown via simulation results, compared with other data aggregation schemes, that the proposed scheme shows obvious improvement in terms of the Fault-tolerant correcting capability and the network energy efficiency of the data reconstruction. Full article
Figures

Figure 1

Open AccessArticle Efficient Privacy-Preserving Access Control Scheme in Electronic Health Records System
Sensors 2018, 18(10), 3520; https://doi.org/10.3390/s18103520
Received: 8 September 2018 / Revised: 6 October 2018 / Accepted: 16 October 2018 / Published: 18 October 2018
PDF Full-text (1138 KB) | HTML Full-text | XML Full-text
Abstract
The sharing of electronic health records (EHR) in cloud servers is an increasingly important development that can improve the efficiency of medical systems. However, there are several concerns focusing on the issues of security and privacy in EHR system. The EHR data contains
[...] Read more.
The sharing of electronic health records (EHR) in cloud servers is an increasingly important development that can improve the efficiency of medical systems. However, there are several concerns focusing on the issues of security and privacy in EHR system. The EHR data contains the EHR owner’s sensitive personal information, if these data are obtained by a malicious user, it will not only cause the leakage of patient’s privacy, but also affect the doctor’s diagnosis. It is a very challenging problem for the EHR owner fully controls over own EHR data as well as preserves the privacy of himself. In this paper, we propose a new privacy-preserving access control (PPAC) scheme for EHR. To achieve fine-grained access control of the EHR data, we utilize the attribute-based signcryption (ABSC) mechanism to signcrypt data based on the access policy for the linear secret sharing schemes. Employing the cuckoo filter to hide the access policy, it could protect the EHR owner’s privacy information. In addition, the security analysis shows that the proposed scheme is provably secure under the decisional bilinear Diffie-Hellman exponent assumption and the computational Diffie-Hellman exponent assumption in the standard model. Furthermore, the performance analysis indicates that the proposed scheme achieves low costs of communication and computation compared with the related schemes, meanwhile preserves the EHR owner’s privacy. Therefore, the proposed scheme is better suited to EHR system. Full article
Figures

Figure 1

Open AccessArticle Exploring Risks Transferred from Cloud-Based Information Systems: A Quantitative and Longitudinal Model
Sensors 2018, 18(10), 3488; https://doi.org/10.3390/s18103488
Received: 30 August 2018 / Revised: 2 October 2018 / Accepted: 12 October 2018 / Published: 16 October 2018
PDF Full-text (1656 KB) | HTML Full-text | XML Full-text
Abstract
With the growing popularity of Internet of Things (IoT) and Cyber-Physical Systems (CPS), cloud- based systems have assumed a greater important role. However, there lacks formal approaches to modeling the risks transferred through information systems implemented in a cloud-based environment. This paper explores
[...] Read more.
With the growing popularity of Internet of Things (IoT) and Cyber-Physical Systems (CPS), cloud- based systems have assumed a greater important role. However, there lacks formal approaches to modeling the risks transferred through information systems implemented in a cloud-based environment. This paper explores formal methods to quantify the risks associated with an information system and evaluate its variation throughout its implementation. Specifically, we study the risk variation through a quantitative and longitudinal model spanning from the launch of a cloud-based information systems project to its completion. In addition, we propose to redefine the risk estimation method to differentiate a mitigated risk from an unmitigated risk. This research makes valuable contributions by helping practitioners understand whether cloud computing presents a competitive advantage or a threat to the sustainability of a company. Full article
Figures

Figure 1

Open AccessArticle An Incentive Mechanism in Mobile Crowdsourcing Based on Multi-Attribute Reverse Auctions
Sensors 2018, 18(10), 3453; https://doi.org/10.3390/s18103453
Received: 24 July 2018 / Revised: 1 October 2018 / Accepted: 11 October 2018 / Published: 14 October 2018
PDF Full-text (6719 KB) | HTML Full-text | XML Full-text
Abstract
In order to avoid malicious competition and select high quality crowd workers to improve the utility of crowdsourcing system, this paper proposes an incentive mechanism based on the combination of reverse auction and multi-attribute auction in mobile crowdsourcing. The proposed online incentive mechanism
[...] Read more.
In order to avoid malicious competition and select high quality crowd workers to improve the utility of crowdsourcing system, this paper proposes an incentive mechanism based on the combination of reverse auction and multi-attribute auction in mobile crowdsourcing. The proposed online incentive mechanism includes two algorithms. One is the crowd worker selection algorithm based on multi-attribute reverse auction that adopts dynamic threshold to make an online decision for whether accept a crowd worker according to its attributes. Another is the payment determination algorithm which determines payment for a crowd worker based on its reputation and quality of sensing data, that is, a crowd worker can get payment equal to the bidding price before performing task only if his reputation reaches good reputation threshold, otherwise he will get payment based on his data sensing quality. We prove that our proposed online incentive mechanism has the properties of computational efficiency, individual rationality, budget-balance, truthfulness and honesty. Through simulations, the efficiency of our proposed online incentive mechanism is verified which can improve the efficiency, adaptability and trust degree of the mobile crowdsourcing system. Full article
Figures

Figure 1

Open AccessArticle A Lightweight Cipher Based on Salsa20 for Resource-Constrained IoT Devices
Sensors 2018, 18(10), 3326; https://doi.org/10.3390/s18103326
Received: 23 August 2018 / Revised: 25 September 2018 / Accepted: 1 October 2018 / Published: 4 October 2018
PDF Full-text (845 KB) | HTML Full-text | XML Full-text
Abstract
The Internet of Things (IoT) paradigm envisions a world where everyday things interchange information between each other in a way that allows users to make smarter decisions in a given context. Even though IoT has many advantages, its characteristics make it very vulnerable
[...] Read more.
The Internet of Things (IoT) paradigm envisions a world where everyday things interchange information between each other in a way that allows users to make smarter decisions in a given context. Even though IoT has many advantages, its characteristics make it very vulnerable to security attacks. Ciphers are a security primitive that can prevent some of the attacks; however, the constrained computing and energy resources of IoT devices impede them from implementing current ciphers. This article presents the stream cipher Generador de Bits Pseudo Aleatorios (GBPA) based on Salsa20 cipher, which is part of the eSTREAM project, but designed for resource-constrained IoT devices of Class 0. GBPA has lower program and data memory requirements compared with Salsa20 and lightweight ciphers. These properties allow low-cost resource-constrained IoT devices, 29.5% of the embedded systems in the market, to be able to implement a security service that they are currently incapable of, to preserve the user’s data privacy and protect the system from attacks that could damage it. For the evaluation of its output, three statistical test suites were used: NIST Statistical Test Suite (STS), DIEHARD and EACirc, with good results. The GBPA cipher provides security without having a negative impact on the computing resources of IoT devices. Full article
Figures

Figure 1

Back to Top