November 2022
Basudeb Bera received his doctorate in Computer Science and Engineering (CSE). His research work was supervised by Dr. Ashok Kumar Das. Here’s a summary of his research work on Design and Analysis of Blockchain-Based Access Control Protocols for Internet of Drones:
In recent years, the Internet of Drones (IoD), consisting of Unmanned Aerial Vehicles (UAVs) (also called drones), achieves a great momentum due to its high mobility to difficult-to-access places with minimum intervention. The drones are remotely piloted aircrafts, which are widely installed from military mission to civilian purpose including audio, video and image surveillance. With the advancement of Information and Communication Technologies (ICT), popularity and awareness across the people in various trades and research, the utilization of drones is not only restricted to the military applications, but it can also be used for smart city environment surveillance, precision agriculture farming, seafood industry, emergency services for medical help, flooding monitoring, wildlife monitoring, and search and rescue missions. For various IoD applications, the drones communicate over public (insecure) channels under the wireless sensor networks (WSN) where the drones are usually deployed in various crucial applications and terrains. As a result, it is quite necessary to provide reliable and secure communications in IoD. Various security threats like replay, man in-the-middle, impersonation, privileged-insider, physical drones capture attacks, etc. exist in an IoD environment. To mitigate the above-mentioned issues and challenges, it becomes a challenging job to design security mechanisms for providing the authenticity of transmitted information during communication over the public channels. Many security mechanisms have been proposed in the literature to overcome these issues by introducing security protocols, like access control, authentication and key agreement, intrusion detection. An access control mechanism is a security mechanism that controls who or what can see, use or access the assets in the IoD system to ensure security/access control for the private data. On the other side, authentication provides the entities’ authenticity of the network as well as messages communicated over the IoD network, whereas key agreement helps in establishing a session key between the network entities for their secure communication. The IoD applications produce a huge volume of data that is mainly confidential and it needs to be stored securely. Once the data is gathered by the UAVs, the data can be stored securely in the distributed servers (ledgers) due to a single server failure issue in a traditional centralized storage platform. The distributed ledger is referred to as a “blockchain” because it is made up of a network of distributed servers that give data transparency and immutability, as well as a chain of blocks that are linked to each other. Once the data is stored in a blockchain, the data cannot be modified, deleted or altered by a malicious entity. Therefore, if any unauthorized entity (called as an adversary) wants to change the blockchain data, he/she needs to change every previous block in the blockchain, which is really an infeasible task for particularly a long chain. For a block verification and addition into a blockchain, a consensus mechanism is needed. Though there are several distributed consensus algorithms for block mining in the literature, a voting-based consensus algorithm (for example, Practical Byzantine Fault Tolerance (PBFT)) can be utilized for the block mining process. Motivated by these issues, in this thesis, the blockchain-based access control schemes have been designed in order to provide strong security in IoD environment to store and access the information for the UAVs applications. The first study presents a new blockchain-based access control scheme in an Internet of Things (IoT)-enabled IoD deployment. In this scheme, several drones are deployed in different flying zones where the drones residing in each zone can communicate with each other in order to exchange crucial information. Next, the information is collected by their respective Ground Station Server (GSS) of the drones. First of all, all the drones and the GSSs are registered with a central trusted authority, Control Room (CR), prior to their deployment. It is worth noticing that the role of the trusted authority is only to register the entities, and the registration is only one-time process. After that we introduce an access control scheme in the IoD environment is suggested to allow secure communication among the drones, and also among the drones and the GSS. Secure data gathered by the GSS form transactions, and the transactions are then made into the blocks. The blocks are finally added in the blockchain by the cloud servers which form a peer-to-peer (P2P) cloud servers network via the voting-based “Ripple Protocol Consensus Algorithm (RPCA)”. We provide all sorts of security analysis including formal security under the random oracle model, informal security and simulation-based formal security verification using the widely recognized “Automated Validation of Internet Security Protocols and Applications (AVISPA)” tool to assure that the proposed scheme can resist various potential attacks with high probability needed for an IoD environment. In addition, a meticulous comparative analysis among the proposed scheme and other closely related existing schemes shows that our scheme offers more functionality attributes and better security, and also low communication and computation costs as compared to other schemes. In addition, a real testbed experiment has been demonstrated to show the feasibility study of the proposed scheme for the access control part. In the second study, we propose a novel access control scheme for unauthorized UAV detection and mitigation in an IoD environment, called ACSUD-IoD. With the help of the blockchain-based solution incorporated in ACSUD-IoD, the transactional data having both the normal secure data from a drone (UAV) to the GSS and the abnormal (suspected) data for detection of unauthorized UAVs by the GSS are stored in private blockchain which are considered as authentic and genuine. As a result, the Big data analytics can be performed on the authenticated transactional data stored into the blockchain. Through the detailed security analysis including formal security under the broadly-accepted Real-OrRandom (ROR) model, formal security verification using the widely-applied AVISPA tool and non-mathematical security analysis show the robustness of the proposed scheme against a number of potential attacks needed in an IoD environment. The test-bed experiments for various cryptographic primitives using the broadly-accepted “Multi-precision Integer and Rational Arithmetic Cryptographic Library (MIRACL)” have been performed under both server and Raspberry PI 3 configurations. Furthermore, a detailed comparative analysis among the proposed scheme and other existing competing schemes shows the efficacy, and a better security and more functionality features as compared to the existing schemes. The blockchain-based simulation study has been also conducted to show the effectiveness of the proposed scheme. Finally, in the last but not least study, we focus on designing a new blockchain-envisioned secure data delivery and collection scheme for the 5th generation mobile network (5G)-based IoT-enabled IoD environment which relies on the elliptic curve cryptography (ECC). This scheme tackles efficiently the security and privacy challenges during communication that happens either with the control room/ground station server(s) or with the access points for the IoD environment. In this direction, blockchain technology provides a viable solution due to the immutability and traceability of various transactions and decentralized nature. The proposed scheme has ability to resist several potential attacks that are essential in IoT-enabled IoD environment which are shown again through all sorts of security analysis (formal, informal and formal security verification using automated validation tool like AVISPA). A detailed comparative analysis exhibits that the proposed scheme offers a better security and extra functionality requirements, and also provides less communication and computation overheads as compared to other related competing schemes. The blockchain based simulation study has been also conducted to show the effectiveness of the proposed scheme. Keywords: Internet of Things (IoT), Internet of Drones (IoD), blockchain, access control, consensus, security, authentication and key agreement, formal security verification, testbed experiments, UAV detection and mitigation, data delivery and collection, distributed system, peer-to-peer network, Practical Byzantine Fault Tolerance (PBFT), Ripple Protocol Consensus Algorithm (RPCA).