SECURITY RESEARCH FOR BLOCKCHAIN IN SMART GRID

Sang, Lanqin

01 May 2023

Smart grid is a power supply system that uses digital communication technology to detect and react to local changes for power demand. Modern and future power supply system requires a distributed system for effective communication and management. Blockchain, a distributed technology, has been applied in many fields, e.g., cryptocurrency exchange, secure sharing of medical data, and personal identity security. Much research has been done on the application of blockchain to smart grid. While blockchain has many advantages, such as security and no interference from third parties, it also has inherent disadvantages, such as untrusted network environment, lacking data source privacy, and low network throughput.In this research, three systems are designed to tackle some of these problems in blockchain technology. In the first study, Information-Centric Blockchain Model, we focus on data privacy. In this model, the transactions created by nodes in the network are categorized into separate groups, such as billing transactions, power generation transactions, etc. In this model, all transactions are first encrypted by the corresponding pairs of asymmetric keys, which guarantees that only the intended receivers can see the data so that data confidentiality is preserved. Secondly, all transactions are sent on behalf of their groups, which hides the data sources to preserve the privacy. Our preliminary implementation verified the feasibility of the model, and our analysis demonstrates its effectiveness in securing data source privacy, increasing network throughput, and reducing storage usage. In the second study, we focus on increasing the network’s trustworthiness in an untrusted network environment. A reputation system is designed to evaluate all node’s behaviors. The reputation of a node is evaluated on its computing power, online time, defense ability, function, and service quality. The performance of a node will affect its reputation scores, and a node’s reputation scores will be used to assess its qualification, privileges, and job assignments. Our design is a relatively thorough, self-operated, and closed-loop system. Continuing evaluation of all node’s abilities and behaviors guarantees that only nodes with good scores are qualified to handle certain tasks. Thus, the reputation system helps enhance network security by preventing both internal and external attacks. Preliminary implementation and security analysis showed that the reputation model is feasible and enhances blockchain system’s security. In the third research, a countermeasure was designed for double spending. Double spending is one of the two most concerned security attacks in blockchain. In this study, one of the most reputable nodes was selected as detection node, which keeps checking for conflict transactions in two consecutive blocks. Upon a problematic transaction was discovered, two punishment transactions were created to punish the current attack behavior and to prevent it to happen in future. The experiment shows our design can detect the double spending effectively while using much less detection time and resources.

Blockchain

Double-Spending

Information-Centric

Reputation-based

Security

Smart Grid

An identity- and trust-based computational model for privacy

Anwar, Mohd M.

19 January 2009

<p>The seemingly contradictory need and want of online users for information sharing and privacy has inspired this thesis work. The crux of the problem lies in the fact that a user has inadequate control over the flow (with whom information to be shared), boundary (acceptable usage), and persistence (duration of use) of their personal information. This thesis has built a privacy-preserving information sharing model using context, identity, and trust to manage the flow, boundary, and persistence of disclosed information.</p> <p>In this vein, privacy is viewed as context-dependent selective disclosures of information. This thesis presents the design, implementation, and analysis of a five-layer Identity and Trust based Model for Privacy (ITMP). Context, trust, and identity are the main building blocks of this model. The application layer identifies the counterparts, the purpose of communication, and the information being sought. The context layer determines the context of a communication episode through identifying the role of a partner and assessing the relationship with the partner. The trust layer combines partner and purpose information with the respective context information to determine the trustworthiness of a purpose and a partner. Given that the purpose and the partner have a known level of trustworthiness, the identity layer constructs a contextual partial identity from the user's complete identity. The presentation layer facilitates in disclosing a set of information that is a subset of the respective partial identity. It also attaches expiration (time-to-live) and usage (purpose-to-live) tags into each piece of information before disclosure.</p> <p>In this model, roles and relationships are used to adequately capture the notion of context to address privacy. A role is a set of activities assigned to an actor or expected of an actor to perform. For example, an actor in a learner role is expected to be involved in various learning activities, such as attending lectures, participating in a course discussion, appearing in exams, etc. A relationship involves related entities performing activities involving one another. Interactions between actors can be heavily influenced by roles. For example, in a learning-teaching relationship, both the learner and the teacher are expected to perform their respective roles. The nuances of activities warranted by each role are dictated by individual relationships. For example, two learners seeking help from an instructor are going to present themselves differently.</p> <p>In this model, trust is realized in two forms: trust in partners and trust of purposes. The first form of trust assesses the trustworthiness of a partner in a given context. For example, a stranger may be considered untrustworthy to be given a home phone number. The second form of trust determines the relevance or justification of a purpose for seeking data in a given context. For example, seeking/providing a social insurance number for the purpose of a membership in a student organization is inappropriate. A known and tested trustee can understandably be re-trusted or re-evaluated based on the personal experience of a trustor. In online settings, however, a software manifestation of a trusted persistent public actor, namely a guarantor, is required to help find a trustee, because we interact with a myriad of actors in a large number of contexts, often with no prior relationships.</p> <p>The ITMP model is instantiated as a suite of Role- and Relationship-based Identity and Reputation Management (RRIRM) features in iHelp, an e-learning environment in use at the University of Saskatchewan. This thesis presents the results of a two-phase (pilot and larger-scale) user study that illustrates the effectiveness of the RRIRM features and thus the ITMP model in enhancing privacy through identity and trust management in the iHelp Discussion Forum. This research contributes to the understanding of privacy problems along with other competing interests in the online world, as well as to the development of privacy-enhanced communications through understanding context, negotiating identity, and using trust.</p>

e-learning environment

computational model

reputation-based trust

identity management

privacy

contextual partial identity

An identity- and trust-based computational model for privacy

Anwar, Mohd M.

19 January 2009

<p>The seemingly contradictory need and want of online users for information sharing and privacy has inspired this thesis work. The crux of the problem lies in the fact that a user has inadequate control over the flow (with whom information to be shared), boundary (acceptable usage), and persistence (duration of use) of their personal information. This thesis has built a privacy-preserving information sharing model using context, identity, and trust to manage the flow, boundary, and persistence of disclosed information.</p> <p>In this vein, privacy is viewed as context-dependent selective disclosures of information. This thesis presents the design, implementation, and analysis of a five-layer Identity and Trust based Model for Privacy (ITMP). Context, trust, and identity are the main building blocks of this model. The application layer identifies the counterparts, the purpose of communication, and the information being sought. The context layer determines the context of a communication episode through identifying the role of a partner and assessing the relationship with the partner. The trust layer combines partner and purpose information with the respective context information to determine the trustworthiness of a purpose and a partner. Given that the purpose and the partner have a known level of trustworthiness, the identity layer constructs a contextual partial identity from the user's complete identity. The presentation layer facilitates in disclosing a set of information that is a subset of the respective partial identity. It also attaches expiration (time-to-live) and usage (purpose-to-live) tags into each piece of information before disclosure.</p> <p>In this model, roles and relationships are used to adequately capture the notion of context to address privacy. A role is a set of activities assigned to an actor or expected of an actor to perform. For example, an actor in a learner role is expected to be involved in various learning activities, such as attending lectures, participating in a course discussion, appearing in exams, etc. A relationship involves related entities performing activities involving one another. Interactions between actors can be heavily influenced by roles. For example, in a learning-teaching relationship, both the learner and the teacher are expected to perform their respective roles. The nuances of activities warranted by each role are dictated by individual relationships. For example, two learners seeking help from an instructor are going to present themselves differently.</p> <p>In this model, trust is realized in two forms: trust in partners and trust of purposes. The first form of trust assesses the trustworthiness of a partner in a given context. For example, a stranger may be considered untrustworthy to be given a home phone number. The second form of trust determines the relevance or justification of a purpose for seeking data in a given context. For example, seeking/providing a social insurance number for the purpose of a membership in a student organization is inappropriate. A known and tested trustee can understandably be re-trusted or re-evaluated based on the personal experience of a trustor. In online settings, however, a software manifestation of a trusted persistent public actor, namely a guarantor, is required to help find a trustee, because we interact with a myriad of actors in a large number of contexts, often with no prior relationships.</p> <p>The ITMP model is instantiated as a suite of Role- and Relationship-based Identity and Reputation Management (RRIRM) features in iHelp, an e-learning environment in use at the University of Saskatchewan. This thesis presents the results of a two-phase (pilot and larger-scale) user study that illustrates the effectiveness of the RRIRM features and thus the ITMP model in enhancing privacy through identity and trust management in the iHelp Discussion Forum. This research contributes to the understanding of privacy problems along with other competing interests in the online world, as well as to the development of privacy-enhanced communications through understanding context, negotiating identity, and using trust.</p>

e-learning environment

computational model

reputation-based trust

identity management

privacy

contextual partial identity

Hyllningskultur: de samarbetande kvinnornas strategi : En sociologisk studie om hur hyllningskultur tar sig uttryck bland kvinnliga scenkonstnärer i sociala medier

Tingskog, Hedda

January 2018

Det här är en uppsats som sökt svaret på frågorna: Vad är hyllningskultur och hur tar den sig uttryck bland kvinnliga scenkonstnärer i sociala medier idag? Hur kan hyllningskultur förstås ur ett sociologiskt perspektiv? Sammanlagt har material från 119 Instagraminlägg tillhörande 46 personer samlats in via snöbollsurval och bearbetats med hjälp av framinganalys. Detta har möjliggjort för en analys av hur hyllningskultur framställts. Med vetenskapliga begrepp som inkludering, homosocialitet, kapital och ryktesbaserat samarbete har hyllningskultur beskrivits till att innefatta framställningen av huvudpersonens process, framställningen av upphovspersonens position, relationen dem samt andra konstnärer emellan samt det samhälleliga projektet som konsten är en del av. Tillsammans har de beskrivit det sociala fenomenet hyllningskultur. Hyllningskultur är ett samarbete för att uppvärdera ens egna erfarenheter och ställa om maktförhållandet mellan den egna verksamheten och mainstream. Det är en förhandling med kapital för synlighet, makt och resurser. Hyllningskultur är de samarbetande kvinnornas strategi – en tydlig protest mot den ensamme mannens geni. / This study aims to answer the questions: What is is culture of tribute and how is it expressed amongst female performance artists in social media today? How can culture of tribute be understood in sociological terms? A total of 119 Instagram posts from 46 creators have been analysed. The posts were collected by chain sampling and processed by framing analysis, to visualize how culture of tribute has been portrayed. This study applies theories of inclusion, homosociality, capital and reputation-based cooperation and describes culture of tribute as the framing of the chief character's process, the framing of the consignor's position, the framing of the relationship them between and the political and social project of which the art is  part of. Together, these describe the social phenomenon 'culture of tribute'. The results show culture of tribute as a cooperation aiming to upgrade own experiences and challenge the relationship between the own artistic work and mainstream, culture of tribute is a negotiation of capital with social visibility, power and control over resources as a goal. It is the strategy of cooperating women and a protest against the notion of the autonomous male genius.

Culture of tribute

performance art

social media

framing analysis

inclusion

homosociality

cultural capital

reputation-based cooperation

Hyllningskultur

scenkonst

sociala medier

framinganalys

inkludering

homosocialitet

kulturellt kapital

ryktesbaserat samarbete

Sociology

Sociologi

Mobility management and vertical handover decision making in heterogeneous wireless networks

ZEKRI, Mariem

23 January 2012

Mobility management over heterogeneous wireless networks is becoming a major interest area as new technologies and services continue to proliferate within the wireless networking market. In this context, seamless mobility is considered to be crucial for ubiquitous computing. Service providers aim to increase the revenue and to improve users' satisfaction. However there are still many technical and architectural challenges to overcome before achieving the required interoperability and coexistence of heterogeneous wireless access networks. Indeed, the context of wireless networks is offering multiple and heterogeneous technologies (e.g. 2G to 4G, WiFi, Wimax, TETRA,...). On the one hand, this rich environment allows users to take profit from different capacities and coverage characteristics. Indeed, this diversity can provide users with high flexibility and allow them to seamlessly connect at any time and any where to the access technology that best fits their requirements. Additionally, cooperation between these different technologies can provide higher efficiency in the usage of the scarce wireless resources offering more economic systems for network providers. On the other hand, the heterogeneity of technologies and architectures and the multiplication of networks and service providers creates a complex environment where cooperation becomes challenging at different levels including and not limited to mobility management, radio resource provisioning, Quality of Service and security guarantees. This thesis is focusing on mobility management and mainly on decision making for Vertical handover within heterogeneous wireless network environments. After the analysis of the related state of the art, we first propose a reputation based approach that allows fast vertical handover decision making. A decision making scheme is then built on that approach. Network's reputation, is a new metric that can be gathered from previous users' experiences in the networks. We show that it is an efficient construct to speed up the vertical handover decision making thanks to anticipation functionalities. While the main objective remains guaranteeing the best Quality of Service and optimal radio resource utilization, economical aspects have also to be considered including cost minimization for users and revenue maximization for network providers. For this aim, we propose, in the second part of the thesis, a game theoretic based scheme that allows maximizing benefits for both networks and users. In this solution, each available network plays a Stackelberg game with a finite set of users, while users are playing a Nash game among themselves to share the limited radio resources. A Nash equilibrium point, that maximizes the user's utility and the service provider revenue, is found and used for admission control and vertical handover decision making. The analyses of the optimal bandwidth/prices and the revenue at the equilibrium point show that there are some possible policies to use according to user's requirements in terms of QoS and to network capacities. For instance, we pointed out that networks having same capacities and different reputation values should charge users with different prices which makes reputation management very important to attract users and maximize networks' revenue. In the third part of this thesis, we provide and discuss two different architectural and implementation solutions on which our proposed vertical handover decision mechanisms can be integrated. The first proposed architecture is a centralized one. It is based on the IEEE 802.21 standard to which some extensions are proposed. The second proposed architecture is distributed. It is based on an overlay control level composed of two virtualization layers able to make reasoning on behalf of physical entities within the system. This architecture allows higher flexibility especially for loosely coupled interconnected networks

Heterogeneous wireless networks

Mobility management

Vertical handover

Fast vertical handover

Game theory

Reputation based systems

802.11 architecture

Overlay architecture

An Integration of policy and reputation based trust mechanisms

Siddiqui, Muhammad Yasir, Gir, Alam

January 2011

Context: Due to popularization of internet and e-commerce, more and more people getting involved in online shopping market. A large number of companies have been transferred to the internet where online customers have been increased due to easy access. The online business facilitates people to communicate without knowing each other. The e-commerce systems are the combination of commerce behavior and internet technologies. Therefore, trust aspects are positive elements in buyer-seller transactions and a potential source of competitive e-commerce industry. There are two different approaches to handle the trust. The first approach has a solid authentication set of rules where decisions are made on some digital or logical rules called policy based trust mechanism. The second approach is a decentralized trust approach where reputation assembled and shared in distributed environment called reputation based trust mechanism. Objectives: In this thesis, the strengths and weaknesses of policy and reputation based trust mechanisms have been identified through systematic literature review and industrial interviews. Furthermore, the process of integrated trust mechanism has been proposed. Methods: The integrated trust mechanism is proposed through mapping process, weakness of one mechanism with the strength of other. The proposed integrated trust mechanism was validated by conducting experiment with buyer/seller scenario in auction system. Conclusion: The analysis of collected results indicated that proposed integrated trust mechanism improved the trust of buyer against eBay and Tradera. At the end, we have discussed some key points that may affect trust relationship between seller and buyer. Furthermore, there is a need for further validation of proposed trust mechanism in auction system/e-commerce industry.

Semantic web trust management

Integrated trust mechanism

Policy based trust mechanism

Reputation based trust mechanism

Computer Sciences

Datavetenskap (datalogi)

Human Computer Interaction

Mobility management and vertical handover decision making in heterogeneous wireless networks / Prise de décision de handover vertical pour la gestion de mobilité dans les réseaux hétérogènes sans fil

Zekri, Mariem

23 January 2012

L’évolution des technologies réseaux sans fil, des terminaux mobiles ainsi que des contenus et des services créent des environnements hétérogènes de plus en plus complexes. Dans ce contexte, un compromis entre la mobilité, la transparence et la performance apparaît. Des utilisateurs mobiles, ayant différents profils et préférences, voudraient être toujours connectés au meilleur réseau à tout moment, sans avoir à se soucier des différentes transitions entre réseaux hétérogènes. Face à cette complexité, il parait nécessaire de proposer de nouvelles approches afin de rendre ces systèmes plus autonomes et de rendre les décisions de handover vertical plus efficaces. Cette thèse se concentre sur la gestion de mobilité verticale, plus précisément sur la prise de décision de handover vertical dans un environnement de réseaux hétérogènes sans fil. Après l’identification des différents paramètres de prise de décision et l’analyse de l’état de l’art relié à la gestion de la mobilité verticale, nous avons proposé un système de réputation qui permet de réduire les délais de prise de décision. La réputation d’un réseau est introduite comme une nouvelle métrique de prise de décision qui peut être recueillie à partir des expériences précédentes des utilisateurs sur ce réseau. Nous montrons que la réputation est une métrique efficace qui permet l’anticipation du handover et accélère la prise de décision. Bien que l’objectif principal soit de garantir la meilleure qualité de service et l’utilisation optimale des ressources radios, les aspects économiques doivent également être considérés, y compris la minimisation des coûts pour les utilisateurs et la maximisation des revenus pour les fournisseurs de services ou les opérateurs. Nous proposons alors, dans la deuxième partie de la thèse, un mécanisme de prise de décision basé sur la théorie des jeux. Ce dernier permet la maximisation des utilités des réseaux et des utilisateurs. Dans cette solution, chaque réseau disponible joue un jeu de Stackelberg avec un ensemble d’utilisateurs, tandis que les utilisateurs jouent un jeu de Nash entre eux pour partager les ressources radios limitées. Un point d’équilibre de Nash, qui maximise l’utilité de l’utilisateur et les revenus des fournisseurs de services, est trouvé et utilisé pour le contrôle d’admission et la prise de décision de handover vertical. Dans la troisième partie de cette thèse, nous proposons et discutons deux différentes solutions architecturales sur lesquelles nos mécanismes de prise de décision proposés peuvent être intégrés. La première architecture proposée est basée sur la norme IEEE 802.21 à laquelle nous proposons certaines extensions. La seconde architecture proposée est basée sur un niveau de contrôle composé de deux couches de virtualisation. La virtualisation est assurée via des agents capables de faire un raisonnement et de prendre des décisions pour le compte d’entités physiques qu’ils représentent au sein du système. Cette architecture permet une plus grande flexibilité / Mobility management over heterogeneous wireless networks is becoming a major interest area as new technologies and services continue to proliferate within the wireless networking market. In this context, seamless mobility is considered to be crucial for ubiquitous computing. Service providers aim to increase the revenue and to improve users’ satisfaction. However there are still many technical and architectural challenges to overcome before achieving the required interoperability and coexistence of heterogeneous wireless access networks. Indeed, the context of wireless networks is offering multiple and heterogeneous technologies (e.g. 2G to 4G, WiFi, Wimax, TETRA,...). On the one hand, this rich environment allows users to take profit from different capacities and coverage characteristics. Indeed, this diversity can provide users with high flexibility and allow them to seamlessly connect at any time and any where to the access technology that best fits their requirements. Additionally, cooperation between these different technologies can provide higher efficiency in the usage of the scarce wireless resources offering more economic systems for network providers. On the other hand, the heterogeneity of technologies and architectures and the multiplication of networks and service providers creates a complex environment where cooperation becomes challenging at different levels including and not limited to mobility management, radio resource provisioning, Quality of Service and security guarantees. This thesis is focusing on mobility management and mainly on decision making for Vertical handover within heterogeneous wireless network environments. After the analysis of the related state of the art, we first propose a reputation based approach that allows fast vertical handover decision making. A decision making scheme is then built on that approach. Network’s reputation, is a new metric that can be gathered from previous users’ experiences in the networks. We show that it is an efficient construct to speed up the vertical handover decision making thanks to anticipation functionalities. While the main objective remains guaranteeing the best Quality of Service and optimal radio resource utilization, economical aspects have also to be considered including cost minimization for users and revenue maximization for network providers. For this aim, we propose, in the second part of the thesis, a game theoretic based scheme that allows maximizing benefits for both networks and users. In this solution, each available network plays a Stackelberg game with a finite set of users, while users are playing a Nash game among themselves to share the limited radio resources. A Nash equilibrium point, that maximizes the user’s utility and the service provider revenue, is found and used for admission control and vertical handover decision making. The analyses of the optimal bandwidth/prices and the revenue at the equilibrium point show that there are some possible policies to use according to user’s requirements in terms of QoS and to network capacities. For instance, we pointed out that networks having same capacities and different reputation values should charge users with different prices which makes reputation management very important to attract users and maximize networks’ revenue. In the third part of this thesis, we provide and discuss two different architectural and implementation solutions on which our proposed vertical handover decision mechanisms can be integrated. The first proposed architecture is a centralized one. It is based on the IEEE 802.21 standard to which some extensions are proposed. The second proposed architecture is distributed. It is based on an overlay control level composed of two virtualization layers able to make reasoning on behalf of physical entities within the system. This architecture allows higher flexibility especially for loosely coupled interconnected networks

Réseaux hétérogènes sans fil

Gestion de mobilité

Prise de décision

Handover vertical

Théorie des jeux

Systèmes de réputation

Architecture 802.11

Architecture overlay

Heterogeneous wireless networks

Mobility management

Vertical handover

Fast vertical handover

Game theory

Reputation based systems

802.11 architecture

Overlay architecture

Vers des communications de confiance et sécurisées dans un environnement véhiculaire / Towards trusted and secure communications in a vehicular environment

Tan, Heng Chuan

13 September 2017

Le routage et la gestion des clés sont les plus grands défis dans les réseaux de véhicules. Un comportement de routage inapproprié peut affecter l’efficacité des communications et affecter la livraison des applications liées à la sécurité. D’autre part, la gestion des clés, en particulier en raison de l’utilisation de la gestion des certificats PKI, peut entraîner une latence élevée, ce qui peut ne pas convenir à de nombreuses applications critiques. Pour cette raison, nous proposons deux modèles de confiance pour aider le protocole de routage à sélectionner un chemin de bout en bout sécurisé pour le transfert. Le premier modèle se concentre sur la détection de noeuds égoïstes, y compris les attaques basées sur la réputation, conçues pour compromettre la «vraie» réputation d’un noeud. Le second modèle est destiné à détecter les redirecteurs qui modifient le contenu d’un paquet avant la retransmission. Dans la gestion des clés, nous avons développé un système de gestion des clés d’authentification et de sécurité (SA-KMP) qui utilise une cryptographie symétrique pour protéger la communication, y compris l’élimination des certificats pendant la communication pour réduire les retards liés à l’infrastructure PKI. / Routing and key management are the biggest challenges in vehicular networks. Inappropriate routing behaviour may affect the effectiveness of communications and affect the delivery of safety-related applications. On the other hand, key management, especially due to the use of PKI certificate management, can lead to high latency, which may not be suitable for many time-critical applications. For this reason, we propose two trust models to assist the routing protocol in selecting a secure end-to-end path for forwarding. The first model focusses on detecting selfish nodes, including reputation-based attacks, designed to compromise the “true” reputation of a node. The second model is intended to detect forwarders that modify the contents of a packet before retransmission. In key management, we have developed a Secure and Authentication Key Management Protocol (SA-KMP) scheme that uses symmetric cryptography to protect communication, including eliminating certificates during communication to reduce PKI-related delays.

Règle de combinaison de Dempster

Fusion d’informations

Attaques par paquets

Attaques basées sur la réputation

Attaques à transmission limitée

VANET

WMN

PKI sans certificat

Cryptosystèmes hybrides

Proverif

Accord de clé 3D basé sur un réseau

Dempster’s rule of combination

Information fusion

Packet dropping attacks

Recommendation-based trust model

Reputation-based attacks

Limited transmission power attacks

Merkle tree authentication mechanism

VANET

WMN

Certificate-less PKI

Hybrid cryptosystems

Proverif

3D grid-based key agreement