Internet of Drones (IoD) is a decentralized network and management framework that links drones' access to the controlled airspace and provides inter-location navigation services. The interconnection of drones in the IoD network is through the Internet of Things (IoT). Hence the IoD network is vulnerable to all the security and privacy threats that affect IoT networks. It is highly required to safeguard a good atmosphere free from security and privacy threats to get the desired performance from IoD applications. Security and privacy issues have significantly restricted the overall influence of the IoD paradigm. There are existing survey studies that helped lay a vital foundation for understanding the IoD security and privacy issues. However, not all have thoroughly investigated the level of security and privacy threats associated with the various drone categories. Besides, most existing review studies do not examine secured IoD architecture. This paper aims to assess the recent trends in the security and privacy issues that affect the IoD network. We investigate the level of security and privacy threats of the various drone categories. We then highlight the need for secured IoD architecture and propose one. We also give a comprehensive taxonomy of the attacks on the IoD network. Moreover, we review the recent IoD attack mitigating techniques. We also provide the performance evaluation methods and the performance metrics employed by the techniques. Finally, we give research future direction to help researchers identify the latest opportunities in IoD research.
Edge computing is a promising paradigm that enhances the capabilities of cloud computing. In order to continue patronizing the computing services, it is essential to conserve a good atmosphere free from all kinds of security and privacy breaches. The security and privacy issues associated with the edge computing environment have narrowed the overall acceptance of the technology as a reliable paradigm. Many researchers have reviewed security and privacy issues in edge computing, but not all have fully investigated the security and privacy requirements. Security and privacy requirements are the objectives that indicate the capabilities as well as functions a system performs in eliminating certain security and privacy vulnerabilities. The paper aims to substantially review the security and privacy requirements of the edge computing and the various technological methods employed by the techniques used in curbing the threats, with the aim of helping future researchers in identifying research opportunities. This paper investigate the current studies and highlights the following: (1) the classification of security and privacy requirements in edge computing, (2) the state of the art techniques deployed in curbing the security and privacy threats, (3) the trends of technological methods employed by the techniques, (4) the metrics used for evaluating the performance of the techniques, (5) the taxonomy of attacks affecting the edge network, and the corresponding technological trend employed in mitigating the attacks, and, (6) research opportunities for future researchers in the area of edge computing security and privacy.INDEX TERMS Edge computing, edge computing attacks, systematic review, security and privacy requirements.
The implementation of efficient security mechanisms for Radio Frequency Identification (RFID) system has always been a continuous challenge due to its limited computing resources. Previously, hash-based, symmetric-key cryptography-based and elliptic curve cryptography based security protocols were proposed for RFID system. However, these protocols are not suitable because some of them failed to fulfil the RFID security requirements, and some of them produce high computational overhead. Recently researchers have focused on developing an efficient security mechanism based on Hyper Elliptic Curve Cryptography (HECC) which provides high security with 80 bits lower-key size. In this paper, we propose an efficient RFID authentication scheme (RFID-AS) based on hyperelliptic curve Signcryption. The proposed RFID-AS provides the required security features for the RFID system as well as security from potential attacks. We validated the security of proposed RFID-AS by using formal security analysis techniques, such as the Real-Or-Random (ROR) model and Automated Validation of Internet Security Protocols and Applications (AVISPA). Furthermore, the results reveal that the computational, communication and storage overheads of the proposed RFID-AS is much less than the other recently proposed schemes. Compared to the most recently published work based on ECC Signcryption, our scheme is 70% efficient in terms of computational overhead, 42.7% efficient in terms of communication overhead, and 57.7% efficient in terms of storage overhead. Therefore, the proposed RFID-AS is more efficient as compared to the recently published work in this domain. Hence, it is an attractive solution for resource-limited devices like RFID tags.
No abstract
Cybersecurity is a way of protecting organization critical assets, through the identification of cyber threats that can compromise the information stored, it involves the protection, identification, and responding to threats. The main aim of this article is to conduct an ample review of the published cybersecurity capability maturity models using a systematic review of published articles from 2014 to 2019. Features of Hal- vorsen and Conradi’s taxonomy were adopted to explain the models identified. The results indicated adopting a model to a certain organization is not feasible. However, modification is required before implementation, as the cost of implementation is not available when conducting this research.
Edge computing has significantly enhanced the capabilities of cloud computing. Edge data-centres are used for storing data of the end-user devices. Secure communication between the legitimate edge data-centres during the load balancing process has attracted industrial and academic researchers. Recently, Puthal et al. have proposed a technique for authenticating edge datacenters to enable secure load balancing. However, the resource-constraint nature of the edge data-centres is ignored. The scheme is characterized by complex computation and memory intensive cryptographic protocol. It is also vulnerable to key escrow attack because the secret key used for encrypting and decrypting of the communicated messages is been created by the trusted cloud datacenter. Additionally, the key sharing phase of their algorithm is complex. Therefore, to address the highlighted challenges, this paper proposed a lightweight key escrow-less authentication algorithm that will ensure secure communication of resource-constrained edge data-centres during the load balancing process. The security capability of the proposed scheme has been formally evaluated using the automatic cryptographic analytical tool ProVerif. The relatively low computation and communication costs of the proposed scheme compared to the benchmark schemes proved that it is lightweight, thus suitable for resource-constrained edge datacenters.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.