IIIT Hyderabad Publications |
|||||||||
|
Design and Analysis of Blockchain-Based Access Control Protocols for Internet of DronesAuthor: Basudeb Bera Date: 2022-11-01 Report no: IIIT/TH/2022/119 Advisor:Ashok Kumar Das AbstractIn recent years, the Internet of Drones (IoD) consisting of Unmanned Aerial Vehicles (UAVs), also called drones, achieves a great momentum due to its high mobility to difficult-to-access places with minimum intervention. The drones are remotely piloted aircrafts, which are widely installed from military mission to civilian applications. For various IoD applications, the drones communicate over public (insecure) channels under the wireless sensor networks (WSN) where the drones are usually deployed in various crucial applications and terrains. Various security threats like replay, man-in-the-middle, impersonation, privileged-insider, physical drones capture attacks, etc. exist in an IoD environment. Therefore, it becomes a challenging job to design security mechanisms for providing the authenticity of transmitted information during communication over the public channels. An access control mechanism is a security mechanism that controls who or what can see, use or access the assets in the IoD system to ensure security/access control for the private data. The IoD applications produce a huge volume of data that is mainly confidential and it needs to be stored securely. Once the data is gathered by the UAVs, the data can be stored securely in the distributed servers (ledgers), such as blockchain, due to a single server failure issue in a traditional centralized storage platform. Once the data is stored in a blockchain, the data cannot be modified, deleted or altered by a malicious entity. Motivated by these issues, in this thesis, the blockchain-based access control schemes have been designed in order to provide strong security in IoD environment to store and access the information for the UAVs applications. The first study presents a new blockchain-based access control scheme in an Internet of Things (IoT)-enabled IoD deployment. In this scheme, several drones are deployed in different flying zones where the drones residing in each zone can securely communicate with each other in order to exchange crucial information. Next, the information is securely collected by their respective Ground Station Server (GSS) of the drones. Secure data gathered by the GSS form transactions, and the transactions are then made into the blocks. The blocks are finally added in the blockchain by the cloud servers which form a peer-to-peer (P2P) cloud servers network via the voting-based “Ripple Protocol Consensus Algorithm (RPCA)”. We provide all sorts of security analysis including formal security under the random oracle model, informal security and simulation-based formal security verification using the widely recognized “Automated Validation of Internet Security Protocols and Applications (AVISPA)” tool to assure that the proposed scheme can resist various potential attacks with high probability needed for an IoD environment. A meticulous comparative analysis among the proposed scheme and other closely related existing schemes shows that our scheme offers more functionality attributes and better security, and also low communication and computation costs as compared to other schemes. In addition, a real testbed experiment has been also demonstrated to show the feasibility study of the proposed scheme for the access control part. In the second study, we propose a novel access control scheme for unauthorized UAV detection and mitigation in an IoD environment, called ACSUD-IoD. With the help of the blockchain-based solution incorporated in ACSUD-IoD, the transactional data having both the normal secure data from a drone (UAV) to the GSS and the abnormal (suspected) data for detection of unauthorized UAVs by the GSS are stored in private blockchain which are considered as authentic and genuine. As a result, the Big data analytics can be performed on the authenticated transactional data stored into the blockchain. Through the detailed security analysis including formal security under the broadly-accepted Real-Or-Random (ROR) model, formal security verification using the widely-applied AVISPA tool and non-mathematical security analysis, we show the robustness of the proposed scheme against a number of potential attacks needed in an IoD environment. The testbed experiments for various cryptographic primitives using the broadly-accepted “Multi-precision Integer and Rational Arithmetic Cryptographic Library (MIRACL)” have been performed under both server and Raspberry PI 3 configurations. Furthermore, a detailed comparative analysis and blockchain-based simulation study have been conducted to show the effectiveness of the proposed scheme. Finally, in the last but not least study, we focus on designing a new blockchain-envisioned secure data delivery and collection scheme for the 5th generation mobile network (5G)-based IoT-enabled IoD environment which relies on the elliptic curve cryptography (ECC). This scheme tackles efficiently the security and privacy challenges during communication that happens either with the control room/ground station server(s) or with the access points for the IoD environment. In this direction, blokchain technology provides a viable solution due to the immutability and traceability of various transactions and decentralized nature. A detailed security analysis along with a comparative analysis, we exhibit that the proposed scheme offers a better security and extra functionality requirements, and also provides less communication and computation overheads as compared to other related competing schemes. Moreover, the blockchain-based simulation study has been conducted to show the effectiveness of the proposed scheme. Full thesis: pdf Centre for Security, Theory and Algorithms |
||||||||
Copyright © 2009 - IIIT Hyderabad. All Rights Reserved. |