Blockchain-Based Cloud-Enabled Security Monitoring Using Internet of Things in Smart Agriculture
Round 1
Reviewer 1 Report
This paper aims to propose new security solutions for smart agriculture and focuses on an interesting topic. However, different areas of improvement could be considered to enhance the quality of this paper :
1) The Blockchain approach may seem interesting but its real interest in this context should be better identified/defined. What does this solution really offer compared to other existing approaches in this context?
2) This paper "Smart Contract-Based Blockchain-Envisioned Authentication Scheme for Smart Farming" seems to propose a very similar approach to that described in this paper. The section on Related Works should in my opinion be developed differently to highlight the real differences compared to Blockchain-based approaches.
3) It is hard to identify the real value of this paper from a research point of view. What were the difficulties of integration? Is it not a simple implementation? The complexity of the implemented solution should be better identified.
4) Similarly, the solution does not appear to have been compared with other implementations or evaluated from a performance point of view. This seems to me to be an important limitation of this paper. Such a comparison might seem more relevant than the description made in section 5.
Author Response
This paper aims to propose new security solutions for smart agriculture and focuses on an interesting topic. However, different areas of improvement could be considered to enhance the quality of this paper :
We thank the reviewer for giving valid comments and helping us to improve our manuscript.
Point 1: The Blockchain approach may seem interesting but its real interest in this context should be better identified/defined. What does this solution really offer compared to other existing approaches in this context?
Response 1: We thank the reviewer for the comment. Our approach inherits the advantage of cloud (scalable data processing, process the IoT data in real-time) and blockchain technology(secured storage of the data anomalies, only required stakeholders can view the data, transparency, and traceability) to improve the smart agriculture IoT device security monitoring. The existing approaches in the context of agriculture IoT security monitoring lack an end-to-end security monitoring solution based on the Blockchain and cloud for application validation and performance evaluation. The description is included in the related work section last paragraph and section 4, advantages of our proposed approach.
Point 2: This paper "Smart Contract-Based Blockchain-Envisioned Authentication Scheme for Smart Farming" seems to propose a very similar approach to that described in this paper. The section on Related Works should in my opinion be developed differently to highlight the real differences compared to Blockchain-based approaches.
Response 2: We thank the reviewer for the comment. As per the suggestion, we have included the mentioned paper. Indeed, the article is relevant in terms of architecture. However, the focus of our work is different than the reviewers mentioned paper in terms of the aim of the work, implementation of the proposed approaches, and the blockchain implementation. The detailed description is included in the Related works section.
We have reviewed the cloud-based solutions (to highlight differences with the Blockchain-based solutions). As our focus is based on handling the agriculture data and monitoring solutions, cloud-based solutions are the alternative solutions to build the data processing, storage, and sending notifications to the customers.
Point 3: It is hard to identify the real value of this paper from a research point of view. What were the difficulties of integration? Is it not a simple implementation? The complexity of the implemented solution should be better identified.
Response 3: We thank the reviewer for the comment. For us, the main difficulty of this integration is finding the core components that support the integration. The components such as AWS Lambda, AWS IoT core, and Smart contract components (Infura API, Metamask, ethers.js for frontend web integration). The overall implementation requires the understanding of the electronics for microcontroller setup, AWS knowledge, and Blockchain web app development experience. From the research perspective, when we review the state-of-the-art works, none of the works implemented an end-to-end solution, which is close to the real-time production application. Also, none of the works provided detailed network latency between the IoT environment to cloud, cloud to blockchain transaction update, and the time to display the alert in the frontend web app.
Point 4: Similarly, the solution does not appear to have been compared with other implementations or evaluated from a performance point of view. This seems to me to be an important limitation of this paper. Such a comparison might seem more relevant than the description made in section 5.
Response 4: We thank the reviewer for the comment. We have included the performance comparison description in section 5. Table 3 is provided to compare our work with closely related existing works related to Blockchain-based smart agriculture. Although there were no works implemented end-to-end solutions (Arduino, AWS cloud, Ethereum) in smart agriculture for performance comparison (network latency), we have provided closely relevant performance results for comparison.
Author Response File: Author Response.pdf
Reviewer 2 Report
The authors present a blockchain based security monitoring application for smart agriculture. The overall work is interesting and the proposed methodology and implementation are adequately explained some extra recommendations are provided below.
1. The introduction explains in detail the concept of the paper and its contributions. However more information can be added with respect to motivation behind this work. For instance, the authors can describe some actual cybersecurity incidents against the agriculture sector. The impact of such attacks can be discussed, including the relevant references.
2. A common section is used for both background info and the description of relevant works. The authors can separate them. First, the section d3voted to related works can provide more similar works, highlighting the contribution of this work, respectively. Also survey papers can be discussed.On the other side, a new section can follow, providing an overview of the technologies used in this paper.
3. The authors do not include enough information about the cyber attacks and threats inspect by the proposed system. A new section for this is necessary.
4. The evaluation of the proposed system is not very clear. A new section for this is necessary.
5. Finally, the paper should be rechecked entirely for potential writing errors and typos.
Author Response
The authors present a Blockchain based security monitoring application for smart agriculture. The overall work is interesting and the proposed methodology and implementation are adequately explained some extra recommendations are provided below.
Point 1. The introduction explains in detail the concept of the paper and its contributions. However more information can be added with respect to motivation behind this work. For instance, the authors can describe some actual cybersecurity incidents against the agriculture sector. The impact of such attacks can be discussed, including the relevant references.
Response 1: We thank the reviewer for the comment. As per the suggestion, we have included the importance of cyber security in the agriculture sector by describing the JBS attack. The description can be found in the introduction section, paragraph 1.
Point 2. A common section is used for both background info and the description of relevant works. The authors can separate them. First, the section d3voted to related works can provide more similar works, highlighting the contribution of this work, respectively. Also survey papers can be discussed.On the other side, a new section can follow, providing an overview of the technologies used in this paper.
Response 2: We thank the reviewer for the comment. We have separated the common section into two separate sections. The background covers IoT, cloud, and Blockchain technologies in smart agriculture. We expect that the background section will give more of an overview of the technologies and how these technologies are used in the smart agriculture context. The related work section highlighted the most relevant works and how our work contributions extend the research in intelligent agriculture.
Point 3. The authors do not include enough information about the cyber attacks and threats inspect by the proposed system. A new section for this is necessary.
Response 3: We thank the reviewer for the comment. We want to mention that our work monitors the sensor anomaly activity, sensor status. Whenever an attack happens, the anomaly activity triggers and reports the farmers on the suspicious activity. But, our solution will not be applicable to directly detecting security attacks. We have described the security monitoring use cases like sensor health status and sensor data anomalies with a description in the “proposed approach” section. Our proposed security monitoring solution can easily detect the following attacks, such as denial of service attacks, physical security, and sensor data manipulation. On the other hand, non-IoT attacks like ransomware attacks are not applicable in our context. We have included the security attacks description in section 4 for the ease of organizing the content and not exceeding nine sections.
Point 4. The evaluation of the proposed system is not very clear. A new section for this is necessary.
Response 4: We thank the reviewer for the comment. We have included the performance evaluation of our proposed system and compared it with the existing works. Table 3 is included in the manuscript highlighting the performance comparison. A new section is created specifically for performance evaluation.
Point 5. Finally, the paper should be rechecked entirely for potential writing errors and typos
Response 5: We thank the reviewer for the comment. We have performed another round of grammar and writing errors. The corrections were highlighted in Red.
Author Response File: Author Response.pdf
Reviewer 3 Report
This is excellent work that should be published. Using the blockchain technology to monitor smart agriculture IoT application is an important topic. The work presented here is important.
The authors should clarify some areas that are in my stand point confusing.
The main value of the blockchain technology is the non-alterability of the data. When a set of documents are hashed to generate a blockchain, it is impossible to alter the information after the fact. The authors should discuss how they could use such an attribute. For example the farmers could present data to insurance companies to prove certain damages.
The second value, when associated with a digital signature (DSA) schemes, is the non-repudiation. It is not possible to deny a transaction after the fact. The authors are not using DSA, but this could be synergistic with the attributes discussed in the paper.
On the other hand the blockchain technology is not always protecting anonymity, and privacy as suggested all along the document (ex: lines 191, 197, 202, ...). In most implementations the information and blockchains are public information. Please explain/justify such assumptions.
You are also suggesting that blockchain allow secure storage (ex: lines 346, 538,...). Why?
I assume that you should be able to quickly clarify this.
Good job!
Author Response
This is excellent work that should be published. Using the blockchain technology to monitor smart agriculture IoT application is an important topic. The work presented here is important.
We thank the reviewer for the positive feedback.
The authors should clarify some areas that are in my stand point confusing.
Point 1: The main value of the blockchain technology is the non-alterability of the data. When a set of documents are hashed to generate a blockchain, it is impossible to alter the information after the fact. The authors should discuss how they could use such an attribute. For example the farmers could present data to insurance companies to prove certain damages.
Response 1: We thank the reviewer for the comment. As per the suggestion, we have included the transaction immutability advantages in the context of legal and insurance evidence in the manuscript. The description can be found in section 4, page 2, and paragraph 2.
Point 2: The second value, when associated with a digital signature (DSA) schemes, is the non-repudiation. It is not possible to deny a transaction after the fact. The authors are not using DSA, but this could be synergistic with the attributes discussed in the paper.
Response 2: We thank the reviewer for the comment. We have used the Ethereum blockchain for our solution implementation. Although Ethereum is used to create smart contracts, the transactions added to the Blockchain use the DSA to verify the user and maintain the integrity of the user's actions. The description can be found in section 4, page 2, and paragraph 2.
Point 3: On the other hand the blockchain technology is not always protecting anonymity, and privacy as suggested all along the document (ex: lines 191, 197, 202, ...). In most implementations the information and blockchains are public information. Please explain/justify such assumptions.
Response 3: We thank the reviewer for the comment. Yes, we do agree that the public can see the transactions in the public Blockchain. On the other hand, the consortium and private Blockchain. We meant that anonymity and privacy mean who performed those transactions in any Blockchain type(public, consortium, or private) is not publicly disclosed. The user public key is only available to the public. The user's private key and identity are not available to the public.
Point 4: You are also suggesting that Blockchain allow secure storage (ex: lines 346, 538,...). Why?
Response 4: We thank the reviewer for the comment. Blockchain transactions are stored in multiple nodes in a decentralized manner. Unlike centralized storage, where data loss can only be prevented by copying the data in multiple locations, blockchain storage is stored in multiple nodes and prevents data loss. A compromise of any blockchain node and accessing the storage does not impact the data stored in the blockchain storage.
Author Response File: Author Response.pdf
Reviewer 4 Report
The paper presents a work with a mix of Blockchain combined with Cloud plus IoT in so called Smart Agriculture (i.e. Precision Agriculture).
The topic is very interesting. Its an on-the-day hot topic. The paper is well written and the structure is fine, even that the title of the chapter 4 (Proposed Methodology) is, in my opinion, a wrong title. Authors are describing the conceptual model of the proposed approach and not the R&D methodology used. And, in fact, the conceptual model is very nice. The prototype is fine, even a litle short/lab setup.
It was important to have a clearly work limitations section. This would empower the contribution of the proposed model and the validation of the prototype as a lab setup validation.
Author Response
The paper presents a work with a mix of Blockchain combined with Cloud plus IoT in so called Smart Agriculture (i.e. Precision Agriculture).
Point 1: The topic is very interesting. Its an on-the-day hot topic. The paper is well written and the structure is fine, even that the title of the chapter 4 (Proposed Methodology) is, in my opinion, a wrong title. Authors are describing the conceptual model of the proposed approach and not the R&D methodology used. And, in fact, the conceptual model is very nice. The prototype is fine, even a litle short/lab setup.
Response 1: We thank the reviewer for the comment. As per the suggestion, we have changed the chapter 4 title.
Point 2: It was important to have a clearly work limitations section. This would empower the contribution of the proposed model and the validation of the prototype as a lab setup validation.
Response 2: We thank the reviewer for the comment. We have discussed one of the main limitations in the "Discussion and Future work Section". We have discussed in detail the limitation of our work in the section "Discussion, limitations and Future work." The limitations are highlighted in red.
Author Response File: Author Response.pdf
Round 2
Reviewer 1 Report
The authors of this article have taken into account all the comments that were made. It is difficult to evaluate the contribution of an article that focuses mainly on the deployment of an existing solution, but it seems to me that it can be accepted as it stands.
Reviewer 2 Report
The authors addressed most of the comments sufficiently. Therefore, the paper can be accepted for publication.