Vehicle Ad-hoc Network (VANET) is a type of wireless network that enables communication between vehicles and Road Side Units (RSUs) to improve road safety, traffic efficiency, and service delivery. However, the widespread use of vehicular networks raises serious concerns about users’ privacy and security. Privacy in VANET refers to the protection of personal information and data exchanged between vehicles, RSUs, and other entities. Privacy issues in VANET include unauthorized access to location and speed information, driver and passenger identification, and vehicle tracking. To ensure privacy in VANET, various technologies such as pseudonymization, message authentication, and encryption are employed. When vehicles frequently change their identity to avoid tracking, message authentication ensures messages are received from trusted sources, and encryption is used to prevent unauthorized access to messages. Therefore, researchers have presented various schemes to improve and enhance the privacy efficiency of vehicle networks. This survey article provides an overview of privacy issues as well as an in-depth review of the current state-of-the-art pseudonym-changing tactics and methodologies proposed.
Searchable symmetric encryption (SSE) enables clients to outsource their encrypted documents into a remote server and allows them to search the outsourced data efficiently without violating the privacy of the documents and search queries. Dynamic SSE schemes (DSSE) include performing update queries, where documents can be added or removed at the expense of leaking more information to the server. Two important privacy notions are addressed in DSSE schemes: forward and backward privacy. The first one prevents associating the newly added documents with previously issued search queries. While the second one ensures that the deleted documents cannot be linked with subsequent search queries. Backward has three formal types of leakage ordered from strong to weak security: Type-I, Type-II, and Type-III. In this paper, we propose a new DSSE scheme that achieves Type-II backward and forward privacy by generating fresh keys for each search query and preventing the server from learning the underlying operation (del or add) included in update query. Our scheme improves I/O performance and search cost. We implement our scheme and compare its efficiency against the most efficient backward privacy DSSE schemes in the literature of the same leakage: MITRA and MITRA*. Results show that our scheme outperforms the previous schemes in terms of efficiency in dynamic environments. In our experiments, the server takes 699ms to search and return (100,000) results.
Due to the recent improvements in imaging and computing technologies, a massive quantity of image data is generated every day. For searching image collection, several content-based image retrieval (CBIR) methods have been introduced. However, these methods need more computing and storage resources. Cloud servers can fill this gap by providing huge computational power at a cheap price. However, cloud servers are not fully trusted, thus image owners have legal concerns about the privacy of their private data. In this paper, we proposed and implemented a privacy-preserving CBIR (PP-CBIR) scheme that allows searching and retrieving image databases in a cipher text format. Specifically, we extract aggregated feature vectors to represent the corresponding image collection and employ the asymmetric scalar-product-preserving encryption scheme (ASPE) method to protect these vectors while allowing for similarity computation between these encrypted vectors. To enhance search time, all encrypted features are clustered by the k-means algorithm recursively to construct a tree index. Results show that PP-CBIR has faster indexing and retrieving with good retrieval precision and scalability than previous schemes.
Preserving privacy and security plays a key role in allowing each component in the healthcare system to access control and gain privileges for services and resources. Over recent years, there have been several role-based access control and authentication schemes, but we noticed some drawbacks in target schemes such as failing to resist well-known attacks, leaking privacy-related information, and operational cost. To defeat the weakness, this paper proposes a secure electronic healthcare record scheme based on Schnorr Signcryption, crypto hash function, and Distributed Global Database (DGDB) for the healthcare system. Based on security theories and the Canetti-Krawczyk model (CK), we notice that the proposed scheme has suitable matrices such as scalability, privacy preservation, and mutual authentication. Furthermore, findings from comparisons with comparable schemes reveal that the suggested approach provides greater privacy and security characteristics than the other schemes and has enough efficiency in computational and communicational aspects.
Radio frequency identification (RFID) technology is being used widely in the last few years. Its applications classifies into auto identification and data capturing issues. The purpose of this paper is to design and implement RFID active tags and reader using microcontroller ATmega328 and 433 MHz RF links. The paper also includes a proposed mutual authentication protocol between RFID reader and active tags with ownership transfer stage. Our protocol is a mutual authentication protocol with tag’s identifier updating mechanism. The updating mechanism has the purpose of providing forward security which is important in any authentication protocol to prevent the attackers from tracking the past transactions of the compromised tags. The proposed protocol gives the privacy and security against all famous attacks that RFID system subjected for due to the transfer of data through unsecure wireless channel, such as replay, denial of service, tracking and cloning attacks. It also ensures ownership privacy when the ownership of the tag moves to a new owner.
In the world of modern technology and the huge spread of its use, it has been combined with healthcare systems and the establishment of electronic health records (EHR) to follow up on patients. This merging of technology with healthcare has allowed for more accurate EHRs that follow a patient to different healthcare facilities. Timely exchange of electronic health information (EHR) between providers is critical for aiding medical research and providing fast patient treatment. As a result, security issues and privacy problems are viewed as significant difficulties in the healthcare system. Several remote user authentication methods have been suggested. In this research, we present a feasible patient EHR migration solution for each patient. finally, each patient may securely delegate their current hospital’s information system to a hospital certification authority in order to receive migration proof that can be used to transfer their EHR to a different hospital. In addition, the proposed scheme is based on crypto-hash functions and asymmetric cryptosystems by using homomorphic cryptography. The proposed scheme carried out two exhaustive formal security proofs for the work that was provided. Using Scyther, a formal security tool, we present a secure user authentication technique in the proposed healthcare scheme that ensures security and informal analysis.
The demand for a secured web storage system is increasing daily for its reliability which ensures data privacy and confidentiality. The proposed paper aims to find the most secure ways to maintain integrity and protect privacy and security in healthcare management systems. The Advanced Encryption Standard (AES) algorithm is used to encrypt data transferred by providing a means to check the integrity of information transmitted and make it more immune to cyberattack techniques, this was implemented by using Keyed-Hash Message Authentication Code (HMAC) and Secured Hash Algorithm-256 (SHA-256). The risk of exposure to attackers can be avoided by using honeypot systems combined with Intrusion detection systems (IDSs) as a firewall system is not effective against such attacks alone. The experimental results evaluate the proposed security health information management system by comparing the performance of the encryption algorithm based on encryption time, memory and CPU usage, and entropy for different plaintext lengths. In addition, it can be seen that when changing the AES key size, more memory and time are required the longer the key size is used. The 128 bits AES key is therefore advised if the system must operate in hard real-time.
A wireless body area network (WBAN) connects separate sensors in many places of the human body, such as clothes, under the skin. WBAN can be used in many domains such as health care, sports, and control system. In this paper, a scheme focused on managing a patient’s health care is presented based on building a WBAN that consists of three components, biometric sensors, mobile applications related to the patient, and a remote server. An excellent scheme is proposed for the patient’s device, such as a mobile phone or a smartwatch, which can classify the signal coming from a biometric sensor into two types, normal and abnormal. In an abnormal signal, the device can carry out appropriate activities for the patient without requiring a doctor as a first case. The patient does not respond to the warning message in a critical case sometimes, and the personal device sends an alert to the patient’s family, including his/her location. The proposed scheme can preserve the privacy of the sensitive data of the patient in a protected way and can support several security features such as mutual authentication, key management, anonymous password, and resistance to malicious attacks. These features have been proven depending on the Automated Validation of Internet Security Protocols and Applications. Moreover, the computation and communication costs are efficient compared with other related schemes.
Every day, a tremendous amount of image data is generated as a result of recent advances in imaging and computing technology. Several content-based image retrieval (CBIR) approaches have been introduced for searching image collections. These methods, however, involve greater computing and storage resources. Cloud servers can address this issue by offering a large amount of computational power at a low cost. However, cloud servers are not completely trustworthy, and data owners are concerned about the privacy of their personal information. In this research, we propose and implement a secure CBIR (SCBIR) strategy for searching and retrieving cipher text image databases. In the proposed scheme, the extract aggregated feature vectors to represent the related image collection and use a safe Asymmetric Scalar-Product-Preserving Encryption (ASPE) approach to encrypt these vectors while still allowing for similarity computation. To improve search time, all encrypted features are recursively clustered using the k-means method to create a tree index. The results reveal that SCBIR is faster at indexing and retrieving than earlier systems, with superior retrieval precision and scalability. In addition, our paper introduces the watermark to discover any illegal distributions of the images that are received by unlawful data users. Particularly, the cloud server integrates a unique watermark directly into the encrypted images before sending them to the data users. As a result, if an unapproved image copy is revealed, the watermark can be extracted and the unauthorized data users who spread the image can be identified. The performance of the proposed scheme is proved, while its performance is demonstrated through experimental results.
Address Resolution Protocol (ARP) is used to resolve a host’s MAC address, given its IP address. ARP is stateless, as there is no authentication when exchanging a MAC address between the hosts. Hacking tactics using ARP spoofing are constantly being abused differently; many previous studies have prevented such attacks. However, prevention requires modification of the underlying network protocol or additional expensive equipment, so applying these methods to the existing network can be challenging. In this paper, we examine the limitations of previous research in preventing ARP spoofing. In addition, we propose a defence mechanism that does not require network protocol changes or expensive equipment. Before sending or receiving a packet to or from any device on the network, our method checks the MAC and IP addresses to ensure they are correct. It protects users from ARP spoofing. The findings demonstrate that the proposed method is secure, efficient, and very efficient against various threat scenarios. It also makes authentication safe and easy and ensures data and users’ privacy, integrity, and anonymity through strong encryption techniques.
Recently, the incorporation of state-of-the-art technology such as Electronic Healthcare Records (EHRs), networks, and cloud computing has transformed the traditional healthcare system. However, security problems have arisen as a result of the integration of technology. Secure remote user authentication is a core part of the healthcare system to validate the user's identification via an unsecure communication network. Since then, several remote user authentication schemes have been presented, each with its own set of pros and limitations. As a result, security, malicious attacks and privacy concerns are considered one of the main challenges related to the healthcare system. In this paper, we propose a safe user authentication scheme for patients in the healthcare system that overcomes these flaws and confirms the security of the proposed work using scyther, a formal security tool. In the healthcare environment, our work provides an effective means to construct an environment capable of setting, registering, storing, searching, analyzing, authentication, and verifying electronic healthcare information in order to protect the information of patients. Furthermore, our suggested scheme uses symmetric encryption based on the crypto- hash function for accessing the anomaly of the patient's identity and One-Time Password (OTP). Towards the end of the study, the performance analysis results indicate a delicate balance of security and performance that is frequently lacking in previous works.
Searchable symmetric encryption (SSE) is a robust cryptographic method that allows users to store and retrieve encrypted data on a remote server, such as a cloud server, while maintaining the privacy of the user’s data. The technique employs symmetric encryption, which utilizes a single secret key for both data encryption and decryption. However, extensive research in this field has revealed that SSE encounters performance issues when dealing with large databases. Upon further investigation, it has become apparent that the issue is due to poor locality, necessitating that the cloud server access multiple memory locations for a single query. Additionally, prior endeavors in this domain centered on locality optimization have often led to expanded storage requirements (the stored encrypted index should not be substantially larger than the original index) or diminished data retrieval efficiency (only required data should be retrieved).we present a simple, secure, searchable, and cost-effective scheme, which addresses the aforementioned problems while achieving a significant improvement in information retrieval performance through site optimization by changing the encrypted inverted index storage mechanism. The proposed scheme has the optimal locality O(1) and the best read efficiency O(1)with no significant negative impact on the storage space, which often increases due to the improvement of the locality. Using real-world data, we demonstrate that our scheme is secure, practical, and highly accurate. Furthermore, our proposed work can resist well-known attacks such as keyword guessing attacks and frequency analysis attacks.
Vehicular network security had spanned and covered a wide range of security related issues. However solar energy harvesting Road Side Unit (RSU) security was not defined clearly, it is this aspect that is considered in this paper. In this work, we will suggest an RSU security model to protect it against different internal and external threats. The main goal is to protect RSU specific data (needed for its operation) as well as its functionality and accessibility. The suggested RSU security model must responds to many objectives, it should ensure that the administrative information exchanged is correct and undiscoverable (information authenticity and privacy), the source (e.g., VANET server) is who he claims to be (message integrity and source authentication) and the system is robust and available (using Intrusion Detection System (IDS)). In this paper, we suggest many techniques to strength RSU security and they were prototyped using an experimental model based on Ubicom IP2022 network processor development kit .
This work addresses the critical need for secure and patient-controlled Electronic Health Records (EHR) migration among healthcare hospitals’ cloud servers (HHS). The relevant approaches often lack robust access control and leave data vulnerable during transfer. Our proposed scheme empowers patients to delegate EHR migration to a trusted Third-Party Hospital (TTPH); which is the Certification Authority (CA) while enforcing access control. The system leverages asymmetric encryption utilizing the Elliptic Curve Digital Signature Algorithm (ECDSA), EEC and ECDSA added robust security and lightness EHR sharing. Patient and user privacy is managed due to anonymity through cryptographic hashing for data protection and utilizes mutual authentication for secure communication. Formal security analysis using the Scyther tool and informal analysis was conducted to validate the system’s robustness. The proposed scheme achieved EHR integrity due to the verification of the communicated HHS and ensuring the integrity of the HHS digital certificate during EHR migration. Ultimately, the result achieved in the proposed work demonstrated the scheme’s high balance between data security and accuracy of communication, where the best result obtained represented 7.7/ ms as computational cost and 1248 /bits as communication cost compared with the relevant approaches.
The use of smart network applications based on the Internet of Things is increasing, which increases the attractiveness of malicious activities, leading to the need to increase the adequate security of these networks. In this paper, the latest recent breakthroughs in blockchain for the Internet of Things are examined in the context of electronic health (e-health), smart cities, smart transportation, and other applications in this article. Research gaps and possible solutions are discussed, such as security, connection, transparency, privacy, and the IoT's blockchain regulatory challenges. In addition, the most important consensus algorithms used in the blockchain have been discussed, including Proof of Work, Proof of Stake, and Proof of Authority, each of which operates within certain rules.