Blog BEEI IJEECS Teknologi

IAES Nawala: Data privasi pada IoT

Salam, rekan Nawala! Semoga kalian selalu dalam keadaan sehat.

Ini adalah IAES Nawala dari Institute of Advanced Engineering and Science. Hari ini kami akan berbagi kabar mengenai privasi pada IoT. Perlunya kesadaran akan serangan siber merupakan sebuah kewajiban di era yang serba modern ini. Fareed dan Yassin (2022) mengusulkan sebuah skema multi-factor authentication untuk sistem e-Healthcare. Skema ini mengatasi keterbatasan skema sebelumnya dan menggunakan fungsi hash kriptografi serta tanda tangan digital Schnorr. Hasilnya menunjukkan bahwa skema yang diusulkan menawarkan fitur keamanan yang lebih baik dan ketahanan terhadap serangan. Selain itu, mereka tetap mempertahankan efisiensi dalam hal biaya komputasi dan komunikasi.

E-healthcare assists medical specialists in remotely collecting patient health data and providing remote health diagnoses. The roles are distributed among the system’s users, contrasted between admin to data entry within certain rules and policies. Role-based access control (RBAC) is a technique of advanced access control that restricts key operations of users (addition, deletion and modification) access based on a user’s role within a healthcare system. This paper proposes a privacy-preserving using RBAC and smart multi-factor authentication for the healthcare system to overcome the limitation flaw in previous schemes such as security risk tolerance, scalability and dynamism. This work relies on low-complexity cryptographic hash functions and symmetric operations to authenticate users while using an asymmetric cryptosystem based on the Schnorr digital signature lightweight operation to authenticate the administrator to provide multi-factor authentication. The administrator represents the system’s core, and any his information leak could attack the entire system and its components. The proposed scheme conducted two thorough formal security proofs for the proposed work based on informal analysis and the Scyther tool. Furthermore, comparisons with other schemes reveal that the proposed scheme provides greater security features, and resisting attacks than the others while also being efficient in computing and communication costs.

Privacy-preserving multi-factor authentication and role-based access control scheme for the E-healthcare system
Mohammad Fareed, Ali A. Yassin

Saputra dan Alfian (2023) mengusulkan kerangka kerja federated learning (FL) yang sadar privasi untuk melindungi pembagian data pada perangkat internet of things (IoT). FL digunakan untuk melatih model prediksi secara lokal di setiap perangkat IoT tanpa perlu membagikan data lokal ke server cloud. Namun, ada kekhawatiran tentang kebocoran privasi ketika data lokal yang sedang dilatih dan model yang telah dilatih dibagikan ke server cloud untuk memperbarui model prediksi global. Untuk mengatasi masalah ini, penelitian ini memperkenalkan metode enkripsi fully homomorphic yang digunakan untuk melindungi privasi data dan model. Kerangka kerja ini menggunakan pendekatan logistic regression. Hasil eksperimen menggunakan dataset acak menunjukkan bahwa kerangka kerja yang diusulkan dapat mencapai hasil yang lebih baik daripada metode lain.

Federated learning (FL) has emerged as one of the most effective solutions to deal with the rapid utilization of internet of things (IoT) in big data markets. Through FL, local data at each IoT device can be trained locally without sharing the local data to the cloud server. However, this conventional FL may still suffer from privacy leakage when the local data are trained, and the trained model is shared to the cloud server to update the global prediction model. This paper proposes a FL framework with privacy awareness to protect data including the trained model for IoT devices. First, a data/model encryption method using fully homomorphic encryption is introduced, aiming at protecting the data/model privacy. Then, the FL framework for the IoT with the encryption method leveraging logistic regression approach is discussed. Experimental results using random datasets show that the proposed framework can obtain higher global model accuracy (up to 4.84%) and lower global model loss (up to 66.4%) compared with other baseline methods.

Privacy aware-based federated learning framework for data sharing protection of internet of things devices
Yuris Mulya Saputra, Ganjar Alfian

Beberapa artikel di atas merupakan bagian kecil dari penelitian mengenai privasi pada IoT. Untuk mendapatkan informasi lebih lanjut, pembaca dapat mengunjungi laman dan membaca artikel secara GRATIS melalui tautan-tautan berikut: https://beei.org/ dan https://ijeecs.iaescore.com/.

Redaksi: I. Busthomi