An Autonomous Log Storage Management Protocol with Blockchain Mechanism and Access Control for the Internet of Things
As the Internet of Things (IoT) has become prevalent, a massive number of logs produced by IoT devices are transmitted and processed every day. The logs should contain important contents and private information. Moreover, these logs may be used as evidences for forensic investigations when cyber sec...
Main Authors: | , , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2020-11-01
|
Series: | Sensors |
Subjects: | |
Online Access: | https://www.mdpi.com/1424-8220/20/22/6471 |
_version_ | 1797548054315794432 |
---|---|
author | Chien-Lung Hsu Wei-Xin Chen Tuan-Vinh Le |
author_facet | Chien-Lung Hsu Wei-Xin Chen Tuan-Vinh Le |
author_sort | Chien-Lung Hsu |
collection | DOAJ |
description | As the Internet of Things (IoT) has become prevalent, a massive number of logs produced by IoT devices are transmitted and processed every day. The logs should contain important contents and private information. Moreover, these logs may be used as evidences for forensic investigations when cyber security incidents occur. However, evidence legality and internal security issues in existing works were not properly addressed. This paper proposes an autonomous log storage management protocol with blockchain mechanism and access control for the IoT. Autonomous model allows sensors to encrypt their logs before sending it to gateway and server, so that the logs are not revealed to the public during communication process. Along with blockchain, we introduce the concept “<i>signature chain</i>”. The integration of blockchain and signature chain provides efficient management functions with valuable security properties for the logs, including robust identity verification, data integrity, non-repudiation, data tamper resistance, and the legality. Our work also employs attribute-based encryption to achieve fine-grained access control and data confidentiality. The results of security analysis using AVSIPA toolset, GNY logic and semantic proof indicate that the proposed protocol meets various security requirements. Providing good performance with elliptic curve small key size, short BLS signature, efficient signcryption method, and single sign-on solution, our work is suitable for the IoT. |
first_indexed | 2024-03-10T14:53:57Z |
format | Article |
id | doaj.art-7d62f4d476104cf08c35fe1c74e466c8 |
institution | Directory Open Access Journal |
issn | 1424-8220 |
language | English |
last_indexed | 2024-03-10T14:53:57Z |
publishDate | 2020-11-01 |
publisher | MDPI AG |
record_format | Article |
series | Sensors |
spelling | doaj.art-7d62f4d476104cf08c35fe1c74e466c82023-11-20T20:46:59ZengMDPI AGSensors1424-82202020-11-012022647110.3390/s20226471An Autonomous Log Storage Management Protocol with Blockchain Mechanism and Access Control for the Internet of ThingsChien-Lung Hsu0Wei-Xin Chen1Tuan-Vinh Le2Department Information Management, Chang Gung University, Taoyuan 33302, TaiwanDepartment Information Management, Chang Gung University, Taoyuan 33302, TaiwanGraduate Institute of Business and Management, Chang Gung University, Taoyuan 33302, TaiwanAs the Internet of Things (IoT) has become prevalent, a massive number of logs produced by IoT devices are transmitted and processed every day. The logs should contain important contents and private information. Moreover, these logs may be used as evidences for forensic investigations when cyber security incidents occur. However, evidence legality and internal security issues in existing works were not properly addressed. This paper proposes an autonomous log storage management protocol with blockchain mechanism and access control for the IoT. Autonomous model allows sensors to encrypt their logs before sending it to gateway and server, so that the logs are not revealed to the public during communication process. Along with blockchain, we introduce the concept “<i>signature chain</i>”. The integration of blockchain and signature chain provides efficient management functions with valuable security properties for the logs, including robust identity verification, data integrity, non-repudiation, data tamper resistance, and the legality. Our work also employs attribute-based encryption to achieve fine-grained access control and data confidentiality. The results of security analysis using AVSIPA toolset, GNY logic and semantic proof indicate that the proposed protocol meets various security requirements. Providing good performance with elliptic curve small key size, short BLS signature, efficient signcryption method, and single sign-on solution, our work is suitable for the IoT.https://www.mdpi.com/1424-8220/20/22/6471attribute-based access controldigital forensicsevidence legalitysensor logsignature chain |
spellingShingle | Chien-Lung Hsu Wei-Xin Chen Tuan-Vinh Le An Autonomous Log Storage Management Protocol with Blockchain Mechanism and Access Control for the Internet of Things Sensors attribute-based access control digital forensics evidence legality sensor log signature chain |
title | An Autonomous Log Storage Management Protocol with Blockchain Mechanism and Access Control for the Internet of Things |
title_full | An Autonomous Log Storage Management Protocol with Blockchain Mechanism and Access Control for the Internet of Things |
title_fullStr | An Autonomous Log Storage Management Protocol with Blockchain Mechanism and Access Control for the Internet of Things |
title_full_unstemmed | An Autonomous Log Storage Management Protocol with Blockchain Mechanism and Access Control for the Internet of Things |
title_short | An Autonomous Log Storage Management Protocol with Blockchain Mechanism and Access Control for the Internet of Things |
title_sort | autonomous log storage management protocol with blockchain mechanism and access control for the internet of things |
topic | attribute-based access control digital forensics evidence legality sensor log signature chain |
url | https://www.mdpi.com/1424-8220/20/22/6471 |
work_keys_str_mv | AT chienlunghsu anautonomouslogstoragemanagementprotocolwithblockchainmechanismandaccesscontrolfortheinternetofthings AT weixinchen anautonomouslogstoragemanagementprotocolwithblockchainmechanismandaccesscontrolfortheinternetofthings AT tuanvinhle anautonomouslogstoragemanagementprotocolwithblockchainmechanismandaccesscontrolfortheinternetofthings AT chienlunghsu autonomouslogstoragemanagementprotocolwithblockchainmechanismandaccesscontrolfortheinternetofthings AT weixinchen autonomouslogstoragemanagementprotocolwithblockchainmechanismandaccesscontrolfortheinternetofthings AT tuanvinhle autonomouslogstoragemanagementprotocolwithblockchainmechanismandaccesscontrolfortheinternetofthings |