The widespread use of the Internet of Things(IoTs)and the rapid development of artificial intelligence technologies have enabled applications to cross commercial and industrial band settings.Within such systems,all pa...The widespread use of the Internet of Things(IoTs)and the rapid development of artificial intelligence technologies have enabled applications to cross commercial and industrial band settings.Within such systems,all participants related to commercial and industrial systems must communicate and generate data.However,due to the small storage capacities of IoT devices,they are required to store and transfer the generated data to third-party entity called“cloud”,which creates one single point to store their data.However,as the number of participants increases,the size of generated data also increases.Therefore,such a centralized mechanism for data collection and exchange between participants is likely to face numerous challenges in terms of security,privacy,and performance.To address these challenges,Federated Learning(FL)has been proposed as a reasonable decentralizing approach,in which clients no longer need to transfer and store real data in the central server.Instead,they only share updated training models that are trained over their private datasets.At the same time,FL enables clients in distributed systems to share their machine learning models collaboratively without their training data,thus reducing data privacy and security challeges.However,slow model training and the execution of additional unnecessary communication rounds may hinder FL applications from operating properly in a distributed system.Furthermore,these unnecessary communication rounds make the system vulnerable to security and privacy issues,because irrelevant model updates are sent between clients and servers.Thus,in this work,we propose an algorithm for fully homomorphic encryption called Cheon-Kim-Kim-Song(CKKS)to encrypt model parameters for their local information privacy-preserving function.The proposed solution uses the impetus term to speed up model convergence during the model training process.Furthermore,it establishes a secure communication channel between IoT devices and the server.We also use a lightweight secure transport protocol to mitigate the communication overhead,thereby improving communication security and efficiency with low communication latency between client and server.展开更多
Web-based e-commerce applications need a trusted channel,which provides confidential communication,identity authentication and integrity assurance of endpoints,to guarantee the security of electronic transactions.A us...Web-based e-commerce applications need a trusted channel,which provides confidential communication,identity authentication and integrity assurance of endpoints,to guarantee the security of electronic transactions.A user-oriented trusted computing system based on Portable Trusted Module(PTM)is presented.Remote attestation is incorporated into Transport Layer Security(TLS)handshake protocol based on PTM so as to establish a trusted channel between two endpoints in network.This protocol can resist masquerading,trusted path and runtime attacks and propagate the trust in the computing system to the end user effectively.The test results of our proof-of-concept prototype show that our protocol for trusted channel is feasible for deployment in e-commerce applications on the Internet.展开更多
Digital networked communications are the key to all Internet-of-things applications, but especially to smart metering systems and the smart grid. In order to ensure a safe operation of systems and the privacy of users...Digital networked communications are the key to all Internet-of-things applications, but especially to smart metering systems and the smart grid. In order to ensure a safe operation of systems and the privacy of users, the transport layer security (TLS) protocol, a mature and well standardized solution for secure communications, may be used. We implemented the TLS protocol in its latest version in a way suitable for embedded and resource-constrained systems. This paper outlines the challenges and opportunities of deploying TLS in smart metering and smart grid applications and presents performance results of our TLS implementation. Our analysis shows that given an appropriate implementation and configuration, deploying TLS in constrained smart metering systems is possible with acceptable overhead.展开更多
基金supported by the National Key Research and Development Program of China(No.2018YFB0803403)the Fundamental Research Funds for the Central Universities(Nos.FRF-AT-20-11 and FRF-AT-19-009Z)from the Ministry of Education of China.
文摘The widespread use of the Internet of Things(IoTs)and the rapid development of artificial intelligence technologies have enabled applications to cross commercial and industrial band settings.Within such systems,all participants related to commercial and industrial systems must communicate and generate data.However,due to the small storage capacities of IoT devices,they are required to store and transfer the generated data to third-party entity called“cloud”,which creates one single point to store their data.However,as the number of participants increases,the size of generated data also increases.Therefore,such a centralized mechanism for data collection and exchange between participants is likely to face numerous challenges in terms of security,privacy,and performance.To address these challenges,Federated Learning(FL)has been proposed as a reasonable decentralizing approach,in which clients no longer need to transfer and store real data in the central server.Instead,they only share updated training models that are trained over their private datasets.At the same time,FL enables clients in distributed systems to share their machine learning models collaboratively without their training data,thus reducing data privacy and security challeges.However,slow model training and the execution of additional unnecessary communication rounds may hinder FL applications from operating properly in a distributed system.Furthermore,these unnecessary communication rounds make the system vulnerable to security and privacy issues,because irrelevant model updates are sent between clients and servers.Thus,in this work,we propose an algorithm for fully homomorphic encryption called Cheon-Kim-Kim-Song(CKKS)to encrypt model parameters for their local information privacy-preserving function.The proposed solution uses the impetus term to speed up model convergence during the model training process.Furthermore,it establishes a secure communication channel between IoT devices and the server.We also use a lightweight secure transport protocol to mitigate the communication overhead,thereby improving communication security and efficiency with low communication latency between client and server.
基金partially supported by the Fundamental Research Funds for the Central Universities under Grant No.2011JBM228the Ministry of Education Innovation Research Team under Grant No.IRT201206+1 种基金the Program for New Century Excellent Talents in University under Grant No.NCET-11-0565the Research Fund for the Doctoral Program of Higher Education of China under Grant No.2012000911007
文摘Web-based e-commerce applications need a trusted channel,which provides confidential communication,identity authentication and integrity assurance of endpoints,to guarantee the security of electronic transactions.A user-oriented trusted computing system based on Portable Trusted Module(PTM)is presented.Remote attestation is incorporated into Transport Layer Security(TLS)handshake protocol based on PTM so as to establish a trusted channel between two endpoints in network.This protocol can resist masquerading,trusted path and runtime attacks and propagate the trust in the computing system to the end user effectively.The test results of our proof-of-concept prototype show that our protocol for trusted channel is feasible for deployment in e-commerce applications on the Internet.
基金supported in part by the Federal Ministry of Economics and Energy as a cooperative ZIM-KF project under Grant No.KF2471305ED2the good cooperation with the project partner SSV Software Systems GmbH
文摘Digital networked communications are the key to all Internet-of-things applications, but especially to smart metering systems and the smart grid. In order to ensure a safe operation of systems and the privacy of users, the transport layer security (TLS) protocol, a mature and well standardized solution for secure communications, may be used. We implemented the TLS protocol in its latest version in a way suitable for embedded and resource-constrained systems. This paper outlines the challenges and opportunities of deploying TLS in smart metering and smart grid applications and presents performance results of our TLS implementation. Our analysis shows that given an appropriate implementation and configuration, deploying TLS in constrained smart metering systems is possible with acceptable overhead.