Next Article in Journal
A Periodic Assessment System for Urban Safety and Security Considering Multiple Hazards Based on WebGIS
Next Article in Special Issue
Revolutionary Strategies Analysis and Proposed System for Future Infrastructure in Internet of Things
Previous Article in Journal
Humanitarian Mapping as a Contribution to Achieving Sustainable Development Goals: Research into the Motivation of Volunteers and the Ideal Setting of Mapathons
Previous Article in Special Issue
Analyzing the Adoption Challenges of the Internet of Things (IoT) and Artificial Intelligence (AI) for Smart Cities in China
 
 
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Blockchain-Based Community Safety Security System with IoT Secure Devices

1
School of Information Engineering, Changchun Sci-Tech University, Changchun 130600, China
2
School of Computer and Information Engineering, Xiamen University of Technology, Xiamen 361024, China
3
Department of Computer Science and Information Engineering, Chaoyang University of Technology, Taichung 41349, Taiwan
*
Authors to whom correspondence should be addressed.
Sustainability 2021, 13(24), 13994; https://doi.org/10.3390/su132413994
Submission received: 20 November 2021 / Revised: 12 December 2021 / Accepted: 15 December 2021 / Published: 18 December 2021

Abstract

:
Humans frequently need to construct a huge number of buildings for occupants in large cities to work or live in a highly developed civilization; people who live in the same building or same area are defined as a community. A thief stealing items, a burglary, fire hazards, flood hazards, earthquakes, emergency aid, abnormal gas leakage, strange behavior, falling in a building, fainting in a building, and other incidents all threaten the community’s safety. Therefore, we proposed a blockchain-based community safety security system that is combined with IoT devices. In the proposed scheme, we designed multiple phases to process the alarm triggered by IoT devices. IoT devices can be set up in two types areas: private and public areas. Both types of IoT devices’ alarms have different process flow for the response and records checking phase. All records are saved in the Blockchain Center to assure the data can be verified and cannot be forged. During the communication between sender and receiver, we implemented some security methods to prevent message repudiation, prevent transmission intercept, prevent replay attacks, and ensure data integrity. We also implemented a clarifying mechanism to ensure that all system participants can have confidence in the system’s processing methods. The proposed scheme can be used in communities to improve community safety and prevent unnecessary conflicts.

1. Introduction

1.1. Background

In a highly developed society, people often need to build a lot of buildings to allow employees or occupants in large cities to work or live; those people in the same building become a community in the city. Generally, working or living in a community is often inseparable from the problem of safety. Recently, there have been serious fire incidents in Taiwan [1,2], causing many injuries and deaths. After the investigation, the building did not have fully functional security sensors or systems, and when a fire broke out, it did not notify the community’s occupants, which resulted in the tragedy. Many incidents can harm the safety of the community, including thieves stealing things, burglary, fire hazards, flood hazards, earthquake, emergency help, abnormal gas leakage, abnormal behavior, falling in building, fainting in building, etc.
The above-mentioned unsafe concerns are common in community buildings. The community should construct a community safety system to prevent such problems. Furthermore, more people started to deploy private security guards services in their communities, and these have become hot topics to discuss [3,4,5,6].
Some of the communities deploy smart building or smart home technologies to solve the community safety problem; most of these technologies are related to various types of
Internet of Things (IoT) devices (e.g., sensors or surveillance cameras) to achieve the function, such as fire detection, gas leaked detection, motion detection, abnormal detection, human intruder detection, access control, fall detection, earthquake detection, etc. According to a smart buildings market report [7], the research company shows the market is projected to grow from $66.3 billion in 2020 to $108.9 billion in 2025. In addition, due to improvements in medical science and technology, life expectancy has grown rapidly over the world in recent years. Humans are living longer lives, resulting in a fast increase in the number of old people in the population. Around 727 million persons over the age of 65 were recorded globally in 2020, with the number predicted to be 1.5 billion in 2050 [8].
As a result, a safety device or system is one of the community’s required components to guarantee that the community’s occupants have a safer living or working environment.

1.2. Related Works

Several related works are surveyed as follows. Dutta et al. proposed a system called “enhanced security system for smart building using IoT (ES3B) [9]. The authors proposed an IoT device with Arduino, RFID, and Bluetooth for access control. An exception to avoid non-resident going into the building, the guest information also can be built by a resident with an RFID owner. Except for the access control, another author Prasetyo et al. proposed an IoT device with multiple sensors (e.g., metal sensor, fire sensor, vibrator sensor, PIR Sensor, etc.) and a Raspberry Pi camera to detect the threats in the office [10]. The device can detect threats as follows: dangerous objects made from metals, fires, earthquakes, intruders, or theft.
Moreover, Saad et al. designed a fire detection system to prevent fire hazards [11]. The system proposed by the authors is implemented with ZigBee technology as a protocol to receive the data from multiple sensors, such as smoke sensor, gas sensor, heat sensor, and UI/IV sensor. Then, the system processes the data with Raspberry Pi to identify fire. Furthermore, Taryudi et al. proposed a home security and monitoring system with various types of sensors and integrated with a microcontroller [12]. The system can be monitored and controlled remotely with the smartphone application. To allow building security guards to monitor all the building status more effectively, Al-Hudhud et al. proposed a security guard system with an infrared biosensor and augmented reality device to monitor the IoT status [13].
The above-mentioned authors proposed safety systems with IoT, but some security issues will cause the IoT system to disable. Ray et al. pointed out the security issues and challenges in the smart home system [14]: what is important is that the network between routers or gateway to IoT will be the vulnerabilities of the system. Except for the physical network equipment that should be improved, more researchers are implementing the IoT system with blockchain technology in recent years. Khan et al. proposed a data verification system for surveillance cameras with blockchain [15]. Rahman et al. proposed a distributed IoT Software-Defined Network(IoT-SDN) model to ensure the security and privacy of condominium networks [16]. Furthermore, Khalid et al. also designed an authentication mechanism for IoT systems with blockchain [17]. Unfortunately, the authors did not analyze their system security to prove that their proposed scheme is feasible.
As evident in the above-mentioned research, not all research can provide complete system architecture and system security analysis. The research gap has been addressed as follows: (1) Although many researchers proposed IoT applications in smart cities or smart buildings, fewer established a decentralized or blockchain-based system. (2) Less research exists that shows the completed architecture for a community safety application in a blockchain system. (3) There seems to be no scheme to protect the device or system against threats (such as message repudiation, data integrity, cyberattacks, and so on), and there is no security analysis for the proposed scheme. (4) If a dispute occurs, there is a lack of discussion in reading the historical record in encrypted data for clarification process.
In recent years, more and more scholars or industries have begun to use blockchain as the basis of system architecture to execute or store records because of the advantages of blockchain, such as decentralization, unforgeable data, traceability, and clarifiable illegal records. The type of blockchain can be separated into public, private, hybrid blockchain [18,19]. The public blockchain is a high decentralized blockchain, permissionless, with high power consumption, and low throughput for executing smart contracts. Conversely, the private blockchain is a low decentralized blockchain, access controlled, low power consumption, and high throughput. The representative private blockchain today is Hyperledger Fabric [20]. There are more and more applications implemented based on the Hyperledger Fabric, such as hospital information system [21], access control system [22], supply chain management [23], etc. In addition, Chen et al. have also proposed blockchain-based schemes in brand clothing industries [24] and insurance industrial [25].
As a consequence, we proposed a more secure IoT safety security system that applies IoT and blockchain technologies. We proposed a system with the HyperledgerFabric-based [20] blockchain. HyperledgerFabric-based blockchain’s characteristics make it suitable to be used in the community safety system, and it is utilized to improve the system’s security.
The outline of the remaining sections is as follows. Section 2 introduces the technologies that are used in our research. Section 3 proposes our architecture and research method. Then, the security issues analysis and some performance discussion are given in Section 4 and Section 5. Lastly, we conclude this paper in Section 6.

2. Preliminary

2.1. Internet of Things (IoT) Devices

Internet of Things (IoT) is an electronic “thing” that can connect to the internet. Scholars have also made a clear definition of IoT: “the pervasive presence around us of a variety of “things” or “objects”, such as RFID, sensors, actuators, mobile phones, which, through unique addressing schemes, are able to interact with each other and cooperate with their neighboring “smart” components to reach common goals” [26]. In this generation, IoT is continuously implemented and applied around us; our lives are gradually inseparable from IoT. The IoTs are widely used in agriculture, retailers, smart manufacturing, smart home, smart building, smart transportation, smart city, and so on.
In this research, we apply the IoT on the application in building safety. According to the research we found, it can be found that various types of IoT devices are proposed to apply to building safety applications, such as:
  • Fire detection: device with detection sensor, smoke detection sensor to prevent a fire hazard [27,28].
  • Poison gas alert: device with a variety of gas sensors to prevent gas leaks, such as methane, carbon monoxide, smoke, nitrogen dioxide, and propane [29,30,31].
  • Motion detection: device with infrared sensor or camera to detect motion in an area [32,33,34].
  • Abnormal detection: smart surveillance system implemented by Artificial Intelligence (AI) that can detect some abnormal situation in the images [35,36,37,38].
  • Human intruder detection: detect humans by analyzing ground vibrations [39].
  • Fall detection: detect with cameras or 3-axis sensors to prevent human falls in the building [40,41,42,43,44].
  • Smart door: authentication with face recognition, fingerprint, smartphone, or pin code to unlock the door without keys [45,46,47].
  • Earthquake detection: microelectromechanical systems accelerometer detects vibration of an area [48,49,50].
From the above IoT device application, we can know that IoT technology is already a very mature technology. Therefore, these functional IoT devices or algorithms can be applied or integrated into our proposed safety security system.

2.2. Blockchain-Based Smart Contract

The smart contract is an execution program that is full of transaction logic, which comes from the transformation of a traditional contract in the real world. In today’s era, we can meet smart contracts all around the world, such as vending machines and online shopping platforms. Many smart contracts require cash, credit card, or digital currency to process the transactions, but with the rapid development of blockchain and cryptocurrency, many smart contract applications have begun to be deployed on the blockchain network.
Szabo has developed a concept of decentralized digital assets called “Bit Gold”. It is considered a pioneer before the advent of Bitcoin [51,52]. The technology of Bitcoin was carried forward by Nakamoto [53], who proposed and announced Bitcoin in a mysterious fashion. Bitcoin is a blockchain-based cryptocurrency technology. All transaction records of Bitcoin must be verified by most hosts before they can be synchronized to all participant hosts to avoid problems such as tampering and forgery.
In addition to Bitcoin, the most popular cryptocurrency on the market is Ethereum [54]. Ethereum provides faster and more stable transaction capabilities than Bitcoin. It also provides the function of deploying smart contracts to the public blockchain. With the characteristics of Ethereum, more commercial frameworks of blockchain systems have been developed, such as Hyperledger Fabric [20], Corda [55], and Azure Blockchain [56].
In particular, Hyperledger Fabric is an open-source licensed blockchain framework. It is a blockchain framework that was proposed by IBM in 2018 [57]. It adopts a modular universal framework, unique identity management, access control functions, and channels to transfer data. Those features are suitable for various industrial applications, such as supply chain tracking [58,59], financial management [60], insurance financial [61], healthcare records [62,63], etc. The advantages of the blockchain’s characteristics are listed as follows:
  • Decentralization: The operating mode of the blockchain is a technology composed of multiple decentralized peers. All ledger data will be synchronized to all participating peers.
  • Authentication: All participants need to be registered on the blockchain’s Certificate Authority (CA); the participant receives the authentication certificates from the CA. Then, the participants’ transactions can be updated to the ledger after authentication.
  • Privacy and anonymity: Unlike the other public blockchains like Ethereum, Fabric-based blockchains have a feature that allows peer-to-peer transactions privately in the channel. Except for the transaction, any log of transactions saved in the ledger is kept secret and anonymous.
  • Unforgeable data: Every peer is storing the same content of the ledger in the blockchain. All the transactions invoked by participants need to be saved as logs in the ledger, the data are chaining between block to block. Every block also records the previous block’s hash value as a link between blocks, so it is hard to forge data.
  • Traceability: Because of the unforgeable data characteristics of the blockchain mentioned above, this also makes the modification record of the data traceable.
  • Clarifying illegal records: All change records will be synced in the blockchain peer’s ledger. There are signatures or timestamp data to provide evidence to protect the rights of the community’s occupants if any conflicts arise in the future.
Therefore, the characteristics of HyperledgerFabric-based blockchain with the smart contract are much more suitable to implement in our safety security system.

2.3. Threat Model

Furthermore, we have sorted out the threat that must be addressed, such as system security vulnerabilities and attacks from third parties. The related threats are described as follows:
  • Message repudiation issues: In the general safety security system, some issues should be solved. Message repudiation is one of the issues, and we must ensure that the message sent to the receiver was indeed sent by the sender [64].
  • Data integrity issues: Sometimes a network or attacker will damage the data during transfer, which makes the data come to non-integrity. Moreover, data integrity must be maintained in the database so that there are no inconsistencies when security records are traced later [64,65].
  • Transmission intercept: The message that is transmitted in the network is easily intercepted by the attackers, for example, man-in-the-middle attacks. The action makes the message sent between sender and receiver become disclosed [66,67].
  • Replay attacks: When attackers intercept an original message sent in the network, the attacker can resend the same message to pretend the attacker is the original sender [68,69].

3. Proposed Architecture and Methods

We proposed a community safety security system with IoT and blockchain technologies. The proposed system architecture is presented in Figure 1. The proposed system is constituted of the following parties: blockchain center, occupants, security guards, log server, and IoT devices (including cameras and sensors).

3.1. System Architecture

Firstly, all the involved parties in this system are introduced as follows in detail:
  • Blockchain Center (BC): A blockchain center composed of multiple device nodes that are storing all the records from IoT. All the involved parties must register in the blockchain center. The monitoring records of the community are saved in the blockchain center. The records in the blockchain center are unforgeable and verifiable. When the parties request to view the specified record in detail, the blockchain center will send votes to other occupants. If more than half of the votes are agreed, the parties can view with the security guard.
  • Community (CM): We separate the community type into three types: residential, commercial, and mixed. It is a physical structure in which occupants live or work. Inside the community is installed with several public or private domain IoT devices, variance age or type of occupants, and at least one security guard.
  • Occupants (OP): The occupants who live or work in the residential/commercial/mixed community. All occupants involved in this system are given the option to choose whether to install the IoT devices in their private spaces to ensure the safety of their property. Every occupant must have a mobile phone with a decentralized application (dAPP). The dAPP in the mobile phone is an application that connects to the blockchain center. The application needs to registers and login with the blockchain center. The occupants have the right to give the security guard permission to view the monitoring records from his/her private domain IoT.
  • Security Guard (SG): The security guard hired by the community’s management administrator. The SG must monitor the condition of the community at all times. If a dangerous incident occurs, the SG must deal with it immediately to ensure the safety of the community. To view any public or private domain IoT record, SG must request the blockchain center to read the records.
  • Supervisor (SP): The security guards’ supervisor is in charge of the responsibility of managing security guards. The supervisor is hired by the community’s management administrator. The security guards who are on duty need the supervisor’s permission to check for the public domain history record.
  • Internet of Things devices (IoT): The IoT included the security sensor, for example, cameras and sensors. The cameras take images from the corners of the community and detect suspicious events, e.g., burglary and abnormal behaviors.
    • The cameras in the community can be categorized into two types: public domain cameras and private domain cameras. Public domain cameras are installed at the public corner of the community, the installation of the private domain cameras can be chosen by occupants, and they can choose how many cameras and which position they need to install.
    • The sensors in the community can be smoke detectors, motion detectors, emergency buttons, or more devices that can help to notice dangerous moments.
  • Log Server (LS): Every video record and event from the camera and sensors in the community are saved to the server. The server can be a physical device in a community or a cloud service on the internet. SG needs access to the log server to read the records.
Figure 1 shows the overall system architecture, and the detailed process flow with numbered is description is as follows:
Step 1.
Every participant must register and get a private key and public key from BC.
Step 2.
An alarm event triggered by an IoT device.
Step 3.
The IoT device updates the event information and status to LS and updates the information via chaincode to BC.
Step 4.
If the triggered IoT device is the public domain device, it will send the event information to SG in the next step (step 5), otherwise, the information will be sent to the relevant occupant in step 8.
Step 5.
The event information sends to the security guard in the community, the security guard received the event in a surveillance system on the LS.
Step 6.
SG receive the event information and check for the video record immediately to verify the situation.
Step 7.
When the situation is checked, SG starts to resolve the alarm event and update the resolved information as a remark to LS and update the information to BC via chaincode.
Step 8.
If the IoT device is a private domain, the alarm event information will be sent to the related occupant’s mobile phone application.
Step 9.
The occupant checks the situation with his/her application on the mobile phone.
Step 10.
The occupant responds and updates the event information to BC. If the occupant needs SG to resolve the situation of the alarm event, then go to step 4. SG will be notified, and SG will help to deal with it. Every action chosen from OP will update to BC via invoking chaincode.

3.2. Notations

The notations used in the following sections are described as shown in Table 1.

3.3. Initialization and Registration Phase

All participants that want to be a part of the system need to register with BC’s certificate authority (CA). CA generates the public key and private key pair and sends it to the participant. Figure 2 and Figure 3 show the chaincode’s data structures and types of information of a user, IoT, and event information. Note that the “chaincode” is a “smart contract” that is defined in Hyperledger Fabric. It is almost the same function as the “smart contract” we mentioned before, which can execute the code in the blockchain.
Figure 4 shows the process of the registration phase between the new participant (X) and the blockchain center’s certificate authority (CA). The steps are described as follows:
Step 1.
Participant X sends the information of registration to CA.
Step 2.
CA generates a set of a private key d X and a public key Q X of the Elliptic Curve Digital Signature Algorithm (ECDSA) [70]. The Q X is generated by the follows equation:
Q X = d X G
Next, CA invokes the chaincode function “Registration” in Algorithm 1 to generate participant X’s user I D X . The chaincode also updates the user’s information to the BC ledger.
Step 3.
Participant X gets and saves the unique parameters I D X , Q X , and d X for future transactions.
Algorithm 1. Chaincode function of registration and add IoT.
var UserList []User_Information
func Registration (var user User_Information) (User_ID string) {
   User_ID = GenerateUniqueID()
   user.User_ID = User_ID
   UserList = append (UserList, user)
   return User_ID
}
func Add_IoT(User_ID string, IoT IoT_Information) (IoT_ID string, d string, Q string) {
   index: = SearchUID(User_ID)
   IoT.IoT_ID = GenerateUniqueIoTID()
   UserList[index].IoTs = append(UserList[index].IoTs, IoT)
   d = GenerateECDSAPrivateKey()
   Q = d * G
   return (IoT.IoT_ID, d, Q)
}
Furthermore, every IoT device in the CM must also register with CA. The registration flow of adding a new IoT is shown in Figure 5. The details are as follows:
Step 1.
Firstly, user X generates a random number k 1 , then generates the message with a sender ID, receiver ID, IoT’s information, and timestamp.
M 1 = ( I D X | | I D C A | | < I o T _ I n f o r m a t i o n > | | T 1 )
A hash value h X 1 is calculated by a hash function.
h X 1 = H ( M 1 )
Then, X executes the “Sign” function with parameters in Algorithm 2 to get a set of ECDSA signatures ( r X 1 , s X 1 ) . The detailed calculation is described in the authentication phase.
( r X 1 , s X 1 ) = S i g n ( h X 1 , k 1 , d X )
Next, user X encrypts the message M 1 into a cipher message C X 1 . Then, user X sends cipher messages with signatures ( I D X , I D C A , C X 1 , ( r X 1 , s X 1 ) ) to CA.
C X 1 = E P u k C A ( M 1 )
Step 2.
After CA receives the message from X, CA decrypts the cipher message with its private key and gets the decrypted messages.
M 1 = D P r k C A ( C X 1 )
CA also check the validity of the message’s timestamp.
Check   ( T 2 T 1 ) ? τ
Then, CA calculates the hash value h X 2 from the message M 1 and invokes the “Verify” function in Algorithm 2 to check the validity of signatures. The “Verify” function is described in the next subsection “authentication phase”.
h X 2 = H ( M 3 )
( valid / invalid ) = V e r i f y ( h X 1 , r X 1 , s X 1 )
If the signatures are valid, CA invokes a chaincode function “Add_IoT” in Algorithm 1 to update the IoT device’s information into BC. Then, CA sends a response message to user X. Firstly, CA generates a random number k 2 and a response message with the IoT’s ID I D I o T and ECDSA parameters d I o T and Q I o T .
M 2 = ( I D C A | | I D X | | I D I o T | | d I o T | | Q I o T | | T 3 )
Then, CA calculates signatures with the hash value h C A 1 . The signatures are calculated by calling the “Sign” function in Algorithm 2, then returning the signatures ( r C A 1 , s C A 1 ) .
h C A 1 = H ( M 2 )
( r C A 1 , s C A 1 ) = S i g n ( h C A 1 , k 2 , d C A )
Next, CA encrypts the message to cipher message by using user X’s public key.
C C A 1 = E P u k X ( M 2 )
Step 3.
User X receives the response message from CA. Then, user X decrypts the cipher message with his/her private key and gets the decrypted messages.
M 2 = D P r k X ( C C A 1 )
User X checks the message’s timestamp is valid or not:
Check   ( T 4 T 3 ) ? τ
Then, user Y calculates the hash value h C A 1 from the message and invokes the “Verify” function in Algorithm 2 to check the validity of signatures by the following equations.
h C A 1 = H ( M 2 )
( valid / invalid ) = V e r i f y ( h C A 1 , r C A 1 , s C A 1 )
The function returns “valid” if the signatures sent from user Y are valid. Then the IoT device saves parameters ( I D I o T , d I o T , Q I o T ) to its configurations for future communication in the system.

3.4. Authentication Phase

In the authentication phase, we assigned user X as a sender and user Y as a receiver. As shown in Figure 6, every sender and receiver need to sign and verify their message by invoking the “Sign” and “Verify” function in Algorithm 2. The following are the steps in detail.
Step 1.
User X generates a random number k 3 and generates a message with a timestamp, sender ID, and receiver ID.
M 3 = ( I D X | | I D Y | | T 5 )
Then, a hash value h X 2 is calculated by a hash function
h X 2 = H ( M 3 )
Then, X executes the “Sign” function with parameters in Algorithm 2 to return a set of ECDSA signatures ( r X 2 , s X 2 ) . The details are described in the following equations.
( x X 2 , y X 2 ) = k 3 G
r X 2 = x X 2 mod n
s X 2 = x X 2 1 ( h X 2 + r X 2 d X ) mod n
Next, user X encrypts the message M 3 into a cipher message C X 2 . Then, user X sends cipher messages with signatures ( I D X , I D Y , C X 2 , ( r X 2 , s X 2 ) ) to user Y:
C X 2 = E P u k Y ( M 3 )
Step 2.
User Y receives the message from user X. Then, user Y decrypts the cipher message with his/her private key and gets the decrypted messages.
M 3 = D P r k Y ( C X 2 )
Then, user Y checks whether the message’s timestamp is valid or not.
T 6 T 5 ? τ
Then, user Y calculates the hash value h X 2 from the message M 3 and invokes the “Verify” function in Algorithm 2 to check the validity of signatures.
h X 2 = H ( M 3 )
u 1 = h 2 s X 2 1 mod n
u 2 = r X 2 s X 2 1 mod n
( x X 2 , y X 2 ) = u 1 G + u 2 Q X
Check   x X 2 = ? r X 2 mod n
If the signatures are valid, then user Y sends a response message to user X. Firstly, user Y generates a random number k 4 and a response message with a timestamp.
M 4 = ( I D Y | | I D X | | T 7 )
Then, user Y calculates signatures with the hash value h Y 1 . The signatures are calculated by calling the “Sign” function in Algorithm 2, and the function returns the signatures ( r Y 1 , s Y 1 ) after the following calculations.
h Y 1 = H ( M 4 )
( x Y 1 , y Y 1 ) = k 4 G
r Y 1 = x Y 1 mod n
s Y 1 = x Y 1 1 ( h Y 1 + r Y 1 d Y ) mod n
Then, user Y encrypts the message to cipher message with user X’s public key.
C Y 1 = E P u k X ( M 4 )
Step 3.
User X receives the response message from Y. Then, user X decrypts the cipher message with his/her private key and gets the decrypted messages.
M 4 = D P r k X ( C Y 1 )
Then, user X check whether the message’s timestamp is valid or not:
Check   ( T 8 T 7 ) ? τ
Then, user Y calculates the hash value h Y 1 from the message and invokes the “Verify” function in Algorithm 2 to check the validity of signatures by the following equations.
h Y 1 = H ( M 4 )
u 1 = h Y 1 s Y 1 1 mod n
u 2 = r Y 1 s Y 1 1 mod n
( x Y 1 , y Y 1 ) = u 1 G + u 2 Q Y
Check   x Y 1 = ? r Y 1 mod n
The function return is valid if the signatures sent from user Y are legal.
Algorithm 2. The function of authentication with the sign and verify.
func Sign (h string, k string, d string) (r string, s string) {
   (x, y) = k * G;
   r = x % n
   s = (h + r * d)/x % n
   return r, s
}
func Verify (h string, r string, s string) (result string) {
   u1 = h/s % n
   u2 = r/s % n
   (x, y) = u1 * G + u2 * Q
   if x = r {
    return “valid”
   }else{
    return “invalid”
}
               }

3.5. Alarm Triggered Phase

When an IoT device detects an abnormal occurrence, it must trigger and send information to the LS immediately. The flow of the alarm triggered phase is provided in Figure 7, and the descriptions are as follows.
Step 1.
IoT generates a random number k 5 , then invokes the chaincode function “Event_Trigger” as shown in Algorithm 3. This will send a transaction and update the information to the BC’s ledger. The function also returns an event’s ID, and the IoT generates a message and adds with the event’s ID and a timestamp.
M 5 = ( I D I o T | | I D L S | | I D O P | | I D E | | T 9 )
A hash value h I o T 1 is calculated by a hash function.
h I o T 1 = H ( M 5 )
Then, IoT executes the “Sign” function with parameters in Algorithm 2 to generate a set of ECDSA signatures ( r I o T 1 , s I o T 1 ) .
( r I o T 1 , s I o T 1 ) = S i g n ( h I o T 1 , k 5 , d I o T )
Next, IoT encrypts the message M 5 into a cipher message C I o T 1 with LS’s public key. Then, IoT sends cipher messages with signatures ( I D I o T , I D L S , C I o T 1 , ( r I o T 1 , s I o T 1 ) ) to LS.
C I o T 1 = E P u k L S ( M 5 )
Step 2.
After LS receives the message from IoT, LS decrypts the cipher message with its private key and gets the decrypted messages.
M 5 = D P r k L S ( C I o T 1 )
Then, LS checks the interval of the message’s timestamp.
Check   ( T 10 T 9 ) ? τ
Next, LS calculates the hash value h I o T 1 from the message M 5 and invokes the “Verify” function in Algorithm 2 to check the validity of signatures.
h I o T 1 = H ( M 5 )
( valid / invalid ) = V e r i f y ( h I o T 1 , r I o T 1 , s I o T 1 )
If the signatures are valid, the LS invokes the chaincode function “Event_Received_LS” as shown in Algorithm 3 which updates the LS’s received timestamp and signature of the event to BC. After that, LS generates a random number k 6 and a response message M 6 , then transmits the message to IoT later.
M 6 = ( I D L S | | I D I o T | | T 11 )
Then, CA calculates signatures with the hash value h L S 1 . The signatures are calculated by calling the “Sign” function in Algorithm 2, then the function returns the signatures ( r L S 1 , s L S 1 ) .
h L S 1 = H ( M 6 )
( r L S 1 , s L S 1 ) = S i g n ( h L S 1 , k 6 , d L S )
LS encrypts the message to cipher message with IoT’s public key and sends the message to IoT.
C L S 1 = E P u k I o T ( M 6 )
Step 3.
IoT receives the response message from LS. Then, IoT decrypts the cipher message with its private key and gets the decrypted messages.
M 6 = D P r k I o T ( C L S 1 )
Then, IoT checks whether the message’s timestamp is valid or not:
Check   ( T 12 T 11 ) ? τ
Next, IoT calculates the hash value h L S 1 from the message and invokes the “Verify” function in Algorithm 2 to check the validity of signatures by the following equations.
h L S 1 = H ( M 6 )
( valid / invalid ) = V e r i f y ( h L S 1 , r L S 1 , s L S 1 )
Algorithm 3. Chaincode function of alarm triggered phase.
var EventLog []Event_Information
func Event_Trigger (OPID string, IoTID string, type IoTType, signature string) (EventID string) {
   EventID = GenerateUniqueEventID()
   EventLog = append (EventLog, new Event_Information{
     Event_ID:EventID,
     IoT_ID: IoTID,
     User_ID: OPID,
     IoT_Type: type,
     Triggered_Datetime: time.Now(),
     IoT_Triggered_Signature: signature
   })
   return EventID
}
func Event_Received_LS (Event_ID string, signature string) {
   index: = SearchEventID(Event_ID)
   EventLog[index].LS_Received_Datetime = time.Now()
   EventLog[index].LS_Received_Signature = signature
}

3.6. Notification Phase

When an IoT device detects an abnormal occurrence, the IoT must alert relevant personnel at the same time. If the IoT is set to the public domain, the notice will be delivered to SG; otherwise, if the IoT is set to the private domain, the notification will be sent to OP. The flow of the notification phase is depicted in Figure 8, the descriptions are as follows.
Step 1.
Firstly, IoT generates a random number k 7 and a message with IoT’s ID, security guard/occupant’s ID, IoT occupant’s ID, event’s ID, and send timestamp.
M 7 = ( I D I o T | | I D S O | | I D O P | | I D E | | T 13 )
A hash value h I o T 2 is calculated by a hash function.
h I o T 2 = H ( M 7 )
Then, IoT executes the “Sign” function with parameters in Algorithm 2 to generate a set of signatures ( r I o T 2 , s I o T 2 ) .
( r I o T 2 , s I o T 2 ) = S i g n ( h I o T 2 , k 7 , d I o T )
Next, IoT encrypts the message M 7 into a cipher message C I o T 2 .
C I o T 2 = E P u k S O ( M 7 )
A chaincode function “Event_Update_Notification” as shown in Algorithm 4 is invoked by IoT to update the IoT notification timestamp and signature of the event to BC. Then, IoT sends cipher messages with signatures ( I D I o T , I D S O , C I o T 2 , ( r I o T 2 , s I o T 2 ) ) to the security guard or occupant depending on the IoT type. We abbreviate the security guard or occupant to SO.
Step 2.
After SO receives the message from IoT, SO decrypts the cipher message with his/her private key and gets the decrypted messages.
M 7 = D P r k S O ( C I o T 2 )
Then, SO checks the interval of the message’s timestamp.
Check   ( T 14 T 13 ) ? τ
Next, LS calculates the hash value h I o T 2 from the message M 7 and invokes the “Verify” function in Algorithm 2 to check the validity of signatures.
h I o T 2 = H ( M 7 )
( valid / invalid ) = V e r i f y ( h I o T 2 , r I o T 2 , s I o T 2 )
If the signatures are valid, the SO invokes the chaincode function “Event_Received_User” as shown in Algorithm 4 which updates the SO’s received timestamp and signature to BC. After that, SO generates a random number k 8 and a response message M 8 .
M 8 = ( I D S O | | I D I o T | | T 15 )
Then, SO calculates signatures with the hash value h S O 1 . The signatures are calculated by executing the “Sign” function in Algorithm 2, then the function returns the signatures ( r S O 1 , s S O 1 ) .
h S O 1 = H ( M 8 )
( r S O 1 , s S O 1 ) = S i g n ( h S O 1 , k 8 , d S O )
Then, SO encrypts the message to cipher message with IoT’s public key, then SO sends the message to IoT.
C S O 1 = E P u k I o T ( M 8 )
Step 3.
IoT receives the response message from SO. Then, IoT decrypts the cipher message with its private key and gets the decrypted messages.
M 8 = D P r k I o T ( C S O 1 )
Then, IoT checks whether the message’s timestamp is valid or not:
Check   ( T 16 T 15 ) ? τ
Next, IoT calculates the hash value h S O 1 from the message and invokes the “Verify” function in Algorithm 2 to check the validity of signatures by the following equations.
h S O 1 = H ( M 8 )
( valid / invalid ) = V e r i f y ( h S O 1 , r S O 1 , s S O 1 )
The real situation must be verified or checked by SO. The response message should be sent to LS in the next phase after being checked or solved.
Algorithm 4. Chaincode function of notification phase.
func Event_Update_Notification (Event_ID string) {
   index := SearchEventID(Event_ID)
   EventLog[index].Notify_Datetime = time.Now()
}

func Event_Received_User (Event_ID string, signature string) {
   index := SearchEventID(Event_ID)
   EventLog[index].User_Received_Datetime = time.Now()
   EventLog[index].User_Received_Signature = signature
}

3.7. Response Phase (Security Guard with Public Domain IoT)

The security guard must report the results back to LS once the public IoT alarm has been investigated or solved by the security guard. Figure 9 shows the flow of the response phase with public domain IoT, and the details of the steps are as follows.
Step 1.
Initially, SG generates a random number k 9 and a message with the event’s ID and a timestamp.
M 9 = ( I D S G | | I D L S | | I D E | | T 17 )
A hash value h S G 1 is calculated by a hash function.
h S G 1 = H ( M 9 )
Next, SG executes the “Sign” function with parameters in Algorithm 2 to generate a set of signatures ( r S G 1 , s S G 1 ) .
( r S G 1 , s S G 1 ) = S i g n ( h S G 1 , k 9 , d S G )
Then, SG encrypts the message M 9 into a cipher message C S G 1 with LS’s public key.
C S G 1 = E P u k L S ( M 9 )
SG invokes a chaincode function “Event_Update_Response” in Algorithm 5 to update the SG’s response message, timestamp, and signature of the event to BC. Then, SG sends cipher messages with signatures ( I D S G , I D L S , C S G 1 , ( r S G 1 , s S G 1 ) ) to the LS.
Step 2.
LS receives the message from SG and decrypts the cipher message with its private key and gets the decrypted messages.
M 9 = D P r k L S ( C S G 1 )
Then, LS checks the interval of the message’s timestamp.
Check   ( T 18 T 17 ) ? τ
Next, LS calculates the hash value h S G 1 from the message M 9 and invokes the “Verify” function in Algorithm 2 to check the validity of signatures.
h S G 1 = H ( M 9 )
( valid / invalid ) = V e r i f y ( h S G 1 , r S G 1 , s S G 1 )
If the signatures are valid, the LS invokes the chaincode function “Event_Received_Response” in Algorithm 5 to update the LS’s received timestamp and signature to BC. Afterward, LS generates a random number k 10 and a response message M 10 .
M 10 = ( I D L S | | I D S G | | T 19 )
LS calculates signatures with the hash value h L S 2 . The signatures ( r L S 2 , s L S 2 ) are calculated by executing the “Sign” function in Algorithm 2.
h L S 2 = H ( M 10 )
( r L S 2 , s L S 2 ) = S i g n ( h L S 2 , k 10 , d L S )
Then, LS encrypts the message to cipher message with SG’s public key, then sends the message to SG.
C L S 2 = E P u k S G ( M 10 )
Step 3.
SG receives the message from LS. Then, SG decrypts the cipher message with his/her private key and gets the decrypted messages.
M 10 = D P r k S G ( C L S 2 )
After that, SG checks whether the message’s timestamp is valid or not.
Check   ( T 20 T 19 ) ? τ
Next, SG calculates the hash value h L S 2 from the message and invokes the “Verify” function in Algorithm 2 to check the validity of signatures.
h L S 2 = H ( M 10 )
( valid / invalid ) = V e r i f y ( h L S 2 , r L S 2 , s L S 2 )
Algorithm 5. Chaincode function of response phase from security guard.
func Event_Update_Response (Event_ID string, signature string, message string) {
   index: = SearchEventID(Event_ID)
   EventLog[index].User_Response_Datetime = time.Now()
   EventLog[index].User_Response_Signature = signature
   EventLog[index].ResponseMessage = message
}

func Event_Received_Response (Event_ID string, signature string) {
   index: = SearchEventID(Event_ID)
   EventLog[index].LS_Received_Datetime = time.Now()
   EventLog[index].LS_Received_Signature = signature
}

3.8. Response Phase (Occupant with Private Domain IoT)

If the IoT is in the private domain, the occupant has the alternative of resolving it himself/herself or authorizing the security guard to solve the alarm situation. Figure 10 shows the flow of the response phase with private domain IoT. The details of the steps are as follows.
Step 1.
Firstly, OP generates a random number k 11 and a message with the event’s ID, a timestamp, and the option of self or permitting guard to solve < S e l f / G u a r d > .
M 11 = ( I D O P | | I D L S | | I D E | | T 21 | | < S e l f / G u a r d > )
A hash value h O P 1 is calculated by a hash function.
h O P 1 = H ( M 11 )
Next, OP executes the “Sign” function with parameters in Algorithm 2 to generate a set of signatures ( r O P 1 , s O P 1 ) .
( r O P 1 , s O P 1 ) = S i g n ( h O P 1 , k 11 , d O P )
Then, OP encrypts the message M 11 into a cipher message C O P 1 with LS’s public key.
C O P 1 = E P u k L S ( M 11 )
OP invokes a chaincode function “Event_Update_Response” in Algorithm 6. The function updates the OP’s response message, timestamp, and signature to BC. Then, OP sends cipher messages with signatures ( I D O P , I D L S , C O P 1 , ( r O P 1 , s O P 1 ) ) to the LS.
Step 2.
LS receives the message from OP. LS decrypts the cipher message with its private key and gets the decrypted messages.
M 11 = D P r k L S ( C O P 1 )
Then, LS checks the interval of the message’s timestamp.
Check   ( T 22 T 21 ) ? τ
Next, LS calculates the hash value h O P 1 from the message M 11 and invokes the “Verify” function in Algorithm 2 to check the validity of signatures.
h O P 1 = H ( M 11 )
( valid / invalid ) = V e r i f y ( h O P 1 , r O P 1 , s O P 1 )
If the signatures are valid, the LS invokes the chaincode function “Event_Received_Response” in Algorithm 6 to update the LS’s received timestamp and signature to BC. Afterward, LS generates a random number k 12 and a response message M 12 .
M 12 = ( I D L S | | I D O P | | I D E | | T 23 )
LS calculates signatures with the hash value h L S 3 . The signatures ( r L S 3 , s L S 3 ) are calculated by executing the “Sign” function in Algorithm 2.
h L S 3 = H ( M 12 )
( r L S 3 , s L S 3 ) = S i g n ( h L S 3 , k 12 , d L S )
Then, LS encrypts the message to cipher message with OP’s public key, then sends the message ( I D L S , I D O P , C L S 3 , ( r L S 3 , s L S 3 ) ) to OP.
C L S 3 = E P u k O P ( M 12 )
Step 3.
OP receives the message from LS. Then, OP decrypts the cipher message with his/her private key.
M 12 = D P r k O P ( C L S 3 )
After that, OP check whether the message’s timestamp is valid or not.
Check   ( T 24 T 23 ) ? τ
Next, OP calculates the hash value h L S 3 from the message and invokes the “Verify” function in Algorithm 2 to check the validity of signatures.
h L S 3 = H ( M 12 )
( valid / invalid ) = V e r i f y ( h L S 3 , r L S 3 , s L S 3 )
Step 1.
If the OP permits the security guard in the community to solve the situation, then LS will send the notification to the security guard as provided in the following step. LS generates a random number k 13 and a response message M 13 .
M 13 = ( I D L S | | I D S G | | I D E | | T 25 )
LS calculates signatures with the hash value h L S 4 . The signatures ( r L S 4 , s L S 4 ) are calculated by executing the “Sign” function in Algorithm 2.
h L S 4 = H ( M 13 )
( r L S 4 , s L S 4 ) = S i g n ( h L S 4 , k 13 , d L S )
Then, LS encrypts the message to cipher message with SG’s public key, then sends the message ( I D L S , I D S G , C L S 4 , ( r L S 4 , s L S 4 ) ) to SG.
C L S 4 = E P u k S G ( M 13 )
Step 2.
SG received the message from LS. Then, SG decrypts the cipher message with his/her private key.
M 13 = D P r k S G ( C L S 4 )
After that, SG checks the validity of the message’s timestamp.
Check   ( T 26 T 25 ) ? τ
Next, SG calculates the hash value h L S 4 from the message and invokes the “Verify” function in Algorithm 2 to check the validity of signatures.
h L S 4 = H ( M 13 )
( valid / invalid ) = V e r i f y ( h L S 4 , r L S 4 , s L S 4 )
SG invokes a chaincode function “Event_Update_Received_SG” in Algorithm 6. The function updates the SG response message, timestamp, and signature of the event to BC. Afterward, SG generates a random number k 14 and a response message M 14 .
M 14 = ( I D S G | | I D L S | | I D E | | T 27 )
SG calculates signatures with the hash value h S G 2 . The signatures ( r S G 2 , s S G 2 ) are calculated by executing the “Sign” function in Algorithm 2.
h S G 2 = H ( M 14 )
( r S G 2 , s S G 2 ) = S i g n ( h S G 2 , k 14 , d S G )
Then, SG encrypts the message to cipher message with LS’s public key, then sends the cipher message to SG.
C S G 2 = E P u k L S ( M 14 )
Then, SG sends cipher messages with signatures ( I D S G , I D L S , C S G 2 , ( r S G 2 , s S G 2 ) ) to LS.
Step 3.
LS receives the message from SG, LS decrypts the cipher message with its private key and gets the decrypted messages.
M 14 = D P r k L S ( C S G 2 )
Then, LS checks the interval of the message’s timestamp.
Check   ( T 28 T 27 ) ? τ
Next, LS calculates the hash value h S G 2 from the message M 14 and invokes the “Verify” function in Algorithm 2 to check the validity of signatures.
h S G 2 = H ( M 14 )
( valid / invalid ) = V e r i f y ( h S G 2 , r S G 2 , s S G 2 )
If the signatures are valid, the LS invokes the chaincode function “Event_Received_Response_SG” in Algorithm 6 to update the LS’s received timestamp and signature to BC.
Algorithm 6. Chaincode function of response phase from an occupant.
func Event_Update_Response (Event_ID string, signature string, message string) {
   index: = SearchEventID(Event_ID)
   EventLog[index].User_Response_Datetime = time.Now()
   EventLog[index].User_Response_Signature = signature
   EventLog[index].ResponseMessage = message
}

func Event_Received_Response (Event_ID string, signature string) {
   index: = SearchEventID(Event_ID)
   EventLog[index].LS_Received_Datetime = time.Now()
   EventLog[index].LS_Received_Signature = signature
}

func Event_Update_Recieved_SG (Event_ID string, signature string) {
   index: = SearchEventID(Event_ID)
   EventLog[index].SG_Received_Datetime = time.Now()
   EventLog[index].SG_Received_Signature = signature
}

func Event_Received_Response_SG (Event_ID string, signature string) {
   index: = SearchEventID(Event_ID)
   EventLog[index].SG_Response_Datetime = time.Now()
   EventLog[index].SG_Response_Signature = signature
}

3.9. Check for History Records Phase

In this stage, the system is designed in two ways to obtain history videos or records. It is divided into the private and public domain. Figure 11 shows how OP viewing for the public records through SG. The detailed step is as follows:
Step 1.
OP requests for viewing the private domain IoT devices videos or records from SG face to face.
Step 2.
The SG sends his/her encryption key and request information (such as start date and time, end date and time, and name or ID of private domain IoT device(s)) to LS. Then, the LS sends that information to BC for verification.
Step 3.
BC notifies the related occupant’s mobile device and asks for permission to let SG and OP view the related records.
Step 4.
The related occupant replies to the permission request back to BC by mobile device.
Step 5.
If the related occupant accepts the request, then BC shows the history videos or records in the security system. Otherwise, BC responds to the SG and OP that the request is not permitted.
Furthermore, the SG can also request for viewing the private domain IoT devices videos or records himself/herself without OP; the authorization of the relevant occupant is also required. On the other hand, SG needs SP to authorize to view the public records, as shown in Figure 12. The major steps of obtaining authorization are the same, the difference is only the step of notifying and asking permission from SG’s supervisor SP, who is not related to OP. The detailed step is described as follows:
Step 1.
SG requests for viewing the public domain IoT devices’ videos or records. The SG sends his/her encryption key and request information (such as start date and time, end date and time, and name or ID of private domain IoT device(s)) to LS.
Step 2.
Then, the LS sends that information to BC for verification.
Step 3.
BC notifies SG’s supervisor (SP) and asks for permission to let SG view the related records.
Step 4.
The SP replies to the permission request back to BC by mobile device.
Step 5.
If the related occupant accepts the request, then BC shows the history videos or records in the security system to SG. Otherwise, BC responds to the SG that request is not permitted.

3.10. Clarification Phase

When any party’s participating role determines that there is a problem with the secure record, it can request a third-party impartial unit or person to verify it. Figure 13 shows the flow of clarifying the information of safety security system logs. The explanation is as follows:
Step 1.
The participant (such as security guard or occupant, SO) sends a clarifying request with the specified event ID and signatures to a third party (TP).
Step 2.
TP sends the request message and his/her signature to BC.
Step 3.
The signatures are checked by the BC, then the event’s information are sent to TP.
Step 4.
The TP checks the validity of every signature in the event’s information.
  • Check if the event is triggered from a public domain IoT: go to step 4b if it is “no”, else go to step 4d.
  • If the SG response signature is not valid, then the information is forged by LS.
  • If the SG received signature is not valid, then the information is forged by SG.
  • If the LS response signature is not valid, then the information is forged by LS.
  • If the SO response signature is not valid, then the information is forged by SO.
  • If the SO received signature is not valid, then the information is forged by SO.
  • If the LS received signature is not valid, then the information is forged by LS.
  • If the IoT triggered signature is not valid, then the information is forged by IoT.
  • The specified event information is valid if all the signatures are legal.

4. Security Analysis

In this research, we have done some important security analyses to prevent the system’s vulnerabilities or attacks from the proposed scheme. The analyses are explained in the following subsections, such as the data integrity, non-repudiation of the message, unforgeable data, traceability of records, man-in-the-middle attack, and replay attack.

4.1. Data Integrity

Firstly, we analyzed the integrity of the message in this subsection. The hash function with the ECDSA algorithm is used to ensure the integrity of the message. Every sender must calculate a hash value from the message and generate a set of signatures, and the receiver needs to verify the validation of the message in hash value and signatures by the “Verify” function in Algorithm 2.
For example, in the phase of registration of IoT, the sender X sends the message M 1 to the receiver CA. The sender needs to generate h X 1 and calculate ( r X 1 , s X 1 ) with the “Sign” function in Algorithm 2. Next sender sends M 1 in cipher message with a signature ( r X 1 , s X 1 ) to the receiver, then the receiver decrypts and generates hash value h X 1 by the message M 1 . Lastly, the hash value h X 1 with the signature ( r X 1 , s X 1 ) is verified in the “Verify” function of Algorithm 2. All detailed messages in every phase are listed in Table 2 respectively.

4.2. Non-Repudiation

Furthermore, we also analyzed the non-repudiation of the message in this subsection. The sign function with the ECDSA algorithm is used to ensure the signature is from the sender. Every sender must generate the signature from the message, and the receiver needs to verify the signatures by the “Verify” function in Algorithm 2.
For example in the phase of registration of IoT, the sender X generates ( r X 1 , s X 1 ) with the ECDSA “Sign” function in Algorithm 2 by multiple parameters, such as hash value h X 1 , random number k 1 , and its ECDSA parameter d X . Then, the receiver generates a hash value h X 1 by the received message. The hash value h X 1 and signature ( r X 1 , s X 1 ) are verified in the ECDSA “Verify” function in Algorithm 2. The signature is signed by the sender if the verification return is valid. All the signatures and verification in every phase are listed in Table 3.
All the important signatures and received timestamps will be sent via chaincode in the alarm triggered phase, notification phase, and response phase. When there is a dispute that has to be resolved, Section 3.10 offers a clarification phase to determine whether there are any signature issues.

4.3. Unforgeable Data and Traceability

In the proposed system we applied HyperledgerFabric-based blockchain technology in the proposed scheme. It is hard to forge any data stored in the BC compared to the traditional database storing scheme. In every phase we designed in the system, every participant must invoke the chaincode function and update the related information to BC, especially updating the signature and timestamp when processing the IoT’s triggered alarm.
Figure 14 shows how the data are updated in the BC. When a participant invokes a chaincode function, the chaincode mechanism will be proposed to every peer (the peer could be more than 1, we demonstrated 3 peers in the scheme) in the blockchain center. Every peer sign and response after the transaction is proofed. After that, the ledger will be updated to every peer via an ordering peer (OP) after sending those endorsed signs and the transaction.
Because of the chaincode mechanism, it is impossible to forge data in the blockchain center; every transaction and ledger are duplicated in all the peers in BC, and the only way to update the data in the ledger is from pre-designed chaincode.
According to the characteristics of the blockchain, every transaction record will be chained and stored in the ledger of every peer. Therefore, the records can be traced in the ledger, and they are also unforgeable. In addition, we designed a clarification phase in Section 3.10. The section can help participants to clarify the record in the blockchain with the third party. If any signatures cannot be verified in the phase of clarifying, it means some signatures are being forged during executing chaincode in other phases.

4.4. Man-in-the-Middle Attack

We implemented asymmetric encryption and decryption in every communication message to defend from the man-in-the-middle attack. Every message that sends from the sender must encrypt with the receiver’s public key. After the receiver received the encrypted cipher message, the receiver uses its private key to decrypt the message. Table 4 shows all the asymmetric encryption and decryption in every phase.
For example, in the phase of registration of IoT, X sends a message M 1 encrypted by CA’s public key E P u k C A ( M 1 ) , then generates a cipher message C X 1 . Next, X sends the cipher message C X 1 to CA, and CA decrypts the cipher message C X 1 by his/her private key D P r k C A ( C X 1 ) = M 1 to get the original message M 1 . Consequently, the attacker is not able to decrypt the message without having a private key of the receiver.

4.5. Replay Attack

To prevent the replay attack, we added a timestamp in every message sent from the sender. The receiver needs to calculate the difference of the timestamp when receiving the message. If the interval of two timestamps is over a threshold value, it means the message is being replayed. Table 5 shows all timestamp validation in every phase.

5. Discussion

5.1. Computation Cost

In this subsection, we calculated the computation costs as shown in Table 6. We consider all computational costs in all phases of communication protocol. The costs included hash operation, additional operation, subtraction operation, multiplication operation, division operation, and asymmetrical encryption/decryption.

5.2. Communication Cost

In this subsection, we calculated the communication costs as shown in Table 7. We calculated the total message length transmitted in every phase with 4G and 5G networks. The maximum speed is 100 Mbps (Megabit Per Second) in the 4G network and 20 Gbps in the 5G network. We assume that the length of an ID (LID) is 144 bits, the length of a cipher message (Lm) is 512 bits, and the length of a set of signatures (Lsig) is 1024 bits in the transmission message. For example, in the phase of registration of IoT, the calculation of message length is 4 × LID + 2 × Lm + 2 × Lsig = 4 × 144 bits + 2 × 512 bits + 2 × 1024 bits = 3648 bits. Therefore, the communication cost in the 4G network is 3648 bits/100 Mbps = 35 ms, and the communication cost in the 5G network is 3648 bits/20 Gbps = 0.17 ms.

5.3. Comparison

Table 8 shows the comparison with the previous researches we surveyed. In this research, we proposed a more secure IoT system with blockchain technology. Our research also provides a complete system architecture and scheme, then the security issues of the proposed method are proven in the security analysis section.

5.4. Limitations

The legal effect of the privacy issues for installing the IoT to surveillance will depend on the legal provisions in various countries. In the proposed scheme, before using the system, every participant must register with the blockchain center and have their relevant data filled in during the registration process; other relevant information is also required. After successful registration, they need to obtain the public key and private key pair of the elliptic curve signature before they participate in this system.
The most important thing is that all communities must have basic and stable electricity and networks to operate IoT devices and safety security systems. The establishment of a backup power supply in the building or community can also prevent the proposed approach from failing due to power problems. Alternatively, if the community does not have a stable Internet access network, a local network safety security system can be realized with the same architecture of the proposed scheme. Concerning the notification phase or response phase, it would be a better solution to use a more traditional Short Message Service (SMS) to send messages to related occupant or security guard mobile phones instead of network transmission.
Overall, there are some limitations to the proposed system. The proposed scheme in this article is focused on applying blockchain technology to solve security and clarification issues. Therefore, the unpopularity or the slow speed of the Internet environment will be potential issues.

6. Conclusions

Working or living in a community is frequently inextricably linked to the issue of safety. To solve the problem of community safety, we proposed a community security system based on blockchain and IoT security devices. Our research proposes a complete system architecture and provides a communication flow for multiple phases after the alarm is triggered. Security mechanisms are also integrated into the communication flow to prevent the system from being attacked.
First, all participants and IoT devices must register with BC for future communication authentication. When an IoT device triggers an alarm in the community, the message will be sent to the LS to record the alarm message, and the relevant personnel (occupier or security guard) will be notified that there is a possibility of an unsafe situation in the community. Relevant personnel must confirm and respond to LS to record. In the process of all status updates of the phase, all senders and receivers must update their signatures to BC by invoking a chaincode we provide. The chaincode execution updates all the peers’ ledgers in the BC.
We have also devised different methods for managing both private and public IoT devices. Any participant that needs to check for the history records must obtain the right from the IoT’s owner. The private IoT devices should be permitted by the occupant, and the public IoT should be permitted by the SG’s supervisor to ensure the privacy of the occupants. Furthermore, when a participant in this system raises a dispute, the participant can raise questions about the community safety handling process with a third party in the clarification phase. The third-party can obtain the signature and timestamp data through the BC by the IoT trigger alarm ID specified by the participant. Then the third party confirms the legality of the process by verifying the validity of the signature.
With the proposed method, we achieved the following features in the safety security system:
(1)
Blockchain decentralization and authentication to ensure the privacy and anonymity of participants.
(2)
Unforgeable and traceability of data by the blockchain characteristic.
(3)
The privacy protection when grabbing a history records from Log Server.
(4)
Designed a clarifying phase for clarifying the safety system process.
(5)
Signature mechanism to ensure message repudiation during communication.
(6)
Asymmetrical encryption/decryption to ensure data integrity during communication.
(7)
Transmission intercept prevention, prevent replay attacks from cyberattacks.
(8)
Multiple security analyses have also been presented to prove the system’s security.
(9)
The features of other works and our proposed scheme are also compared and concluded in Table 8.
Finally, we expect that the system can be applied to various communities to strengthen the safety of the community and avoid unnecessary disputes and tragedies.

Author Contributions

The authors’ contributions are summarized below. Z.-Y.L. and C.-L.C. made substantial contributions to the conception and design. Z.-Y.L. and C.-L.C. were involved in drafting the manuscript. Z.-Y.L. acquired data and analyzed and conducted the interpretation of the data. The critically important intellectual content of this manuscript was revised by H.-C.L. All authors have read and agreed to the published version of the manuscript.

Funding

This work was supported in part by the Ministry of Science and Technology, Taiwan, R.O.C., under Contract MOST 110-2218-E-305-001–MBK, Contract MOST 110-2410-H-324-004-MY2.

Data Availability Statement

The data used to support the findings of this study are available from the corresponding author upon request.

Conflicts of Interest

The authors declare no conflict of interest.

References

  1. Yahoo News: Taiwan’s ‘Ghost Building’ Fire: A Death Trap for Dozens of Elderly. Available online: https://news.yahoo.com/taiwans-ghost-building-fire-death-122230630.html (accessed on 1 November 2021).
  2. The New York Times: Taiwan Couple Are Suspected of Negligent Homicide in Building Fire. Available online: https://www.nytimes.com/2021/10/18/world/asia/taiwan-building-fire.html (accessed on 1 November 2021).
  3. Kammersgaard, T. Private security guards policing public space: Using soft power in place of legal authority. Polic. Soc. 2019, 31, 117–130. [Google Scholar] [CrossRef]
  4. Nalla, M.K.; Crichlow, V.J. Have the standards for private security guards become more stringent in the post 9/11 era? An assessment of security guard regulations in the US from 1982 to 2010. Secur. J. 2017, 30, 523–537. [Google Scholar] [CrossRef]
  5. Gurinskaya, A.L.; Nalla, M.K.; Rafailova, D.K. Are Private Security Guards Capable of Protecting Life and Property? Exploring Russian Youth’s Perceptions. Russ. J. Criminol. 2018, 12, 338–348. [Google Scholar] [CrossRef]
  6. Van Steden, R.; Nalla, M.K. Citizen satisfaction with private security guards in the Netherlands: Perceptions of an ambiguous occupation. Eur. J. Criminol. 2010, 7, 214–234. [Google Scholar] [CrossRef] [Green Version]
  7. Smart Buildings Market by Component (Solution (Safety and Security Management, Energy Management, Building Infrastructure Management, Network Management, IWMS), Services), Building Type (Residential, Commercial, Industrial), Region—Global Forecast to 2025. Available online: https://www.marketsandmarkets.com/Market-Reports/smart-building-market-1169.html#:~:text=According%20to%20MarketsandMarkets%2C%20the%20global,14.2%25%20during%20the%20forecast%20period (accessed on 1 November 2021).
  8. Medical Alert Systems Market by Type (Personal Emergency Response System (PERS) [Home-based/Landline-based System, Mobile PERS], Nurse Calling System (NCS) [Button-Based Systems, Integrated Communication Systems, Mobile Systems, Intercom Systems] and Smart Belt) by Offering (Hardware, Services and Software), by Connection Type (Wired, Wireless), by End, and by Region, Forecast to 2028. Available online: https://www.reportsanddata.com/report-detail/medical-alert-systems-market (accessed on 1 November 2021).
  9. Dutta, J.; Wang, Y.; Maitra, T.; Islam, S.H.; Rawal, B.S.; Giri, D. ES3B: Enhanced Security System for Smart Building Using IoT. In Proceedings of the 2018 IEEE International Conference on Smart Cloud (SmartCloud), New York, NY, USA, 21–23 September 2018; pp. 158–165. [Google Scholar]
  10. Prasetyo, T.F.; Zaliluddin, D.; Iqbal, M. Prototype of smart office system using based security system. J. Phys. Conf. Ser. 2018, 1013, 012189. [Google Scholar] [CrossRef]
  11. Saeed, F.; Paul, A.; Rehman, A.; Hong, W.H.; Seo, H. IoT-Based Intelligent Modeling of Smart Home Environment for Fire Prevention and Safety. J. Sens. Actuator Netw. 2018, 7, 11. [Google Scholar] [CrossRef] [Green Version]
  12. Taryudi; Adriano, D.B.; Ciptoning Budi, W.A. Iot-based Integrated Home Security and Monitoring System. J. Phys. Conf. Ser. 2018, 1140, 012006. [Google Scholar] [CrossRef]
  13. Al-Hudhud, G.; AlSaeed, D.; Al-Baity, H.; Al-Humaimeedy, A.; Al-Turaiki, I. iGuard: Mobile security guard system with infrared biosensor and google glass article information. Biosci. Biotechnol. Res. Commun. 2019, 12, 333–337. [Google Scholar] [CrossRef]
  14. Ray, A.K.; Bagwari, A. IoT based Smart home: Security Aspects and security architecture. In Proceedings of the 2020 IEEE 9th International Conference on Communication Systems and Network Technologies (CSNT), Gwalior, India, 10–12 April 2020; pp. 218–222. [Google Scholar]
  15. Khan, P.W.; Byun, Y.C.; Park, N. A Data Verification System for CCTV Surveillance Cameras Using Blockchain Technology in Smart Cities. Electronics 2020, 9, 484. [Google Scholar] [CrossRef] [Green Version]
  16. Rahman, A.; Islam, M.J.; Rahman, Z.; Reza, M.M.; Anwar, A.; Mahmud, M.A.P.; Nasir, M.K.; Noor, R.M. DistB-Condo: Distributed Blockchain-Based IoT-SDN Model for Smart Condominium. IEEE Access 2020, 8, 209594–209609. [Google Scholar] [CrossRef]
  17. Khalid, U.; Asim, M.; Baker, T.; Hung, P.C.K.; Tariq, M.A.; Rafferty, L. A decentralized lightweight blockchain-based authentication mechanism for IoT systems. Cluster Comput. 2020, 23, 2067–2087. [Google Scholar] [CrossRef]
  18. Van Wassenaer, L.; Verdouw, C.; Wolfert, S. What Blockchain Are We Talking About? An Analytical Framework for Understanding Blockchain Applications in Agriculture and Food. Front. Blockchain 2021, 4, 20. [Google Scholar] [CrossRef]
  19. Johar, S.; Ahmad, N.; Asher, W.; Cruickshank, H.; Durrani, A. Research and Applied Perspective to Blockchain Technology: A Comprehensive Survey. Appl. Sci. 2021, 11, 6252. [Google Scholar] [CrossRef]
  20. Hyperledger Fabric. Available online: https://www.hyperledger.org/use/fabric (accessed on 1 November 2021).
  21. Leng, Z.; Tan, Z.; Wang, K. Application of Hyperledger in the Hospital Information Systems: A Survey. IEEE Access 2021, 9, 128965–128987. [Google Scholar] [CrossRef]
  22. Iftekhar, A.; Cui, X.; Tao, Q.; Zheng, C. Hyperledger Fabric Access Control System for Internet of Things Layer in Blockchain-Based Applications. Entropy 2021, 23, 1054. [Google Scholar] [CrossRef] [PubMed]
  23. Kamilaris, A.; Fonts, A.; Prenafeta-Boldύ, F.X. The rise of blockchain technology in agriculture and food supply chains. Trends Food Sci. Technol. 2019, 91, 640–652. [Google Scholar] [CrossRef] [Green Version]
  24. Chen, C.-L.; Shang, X.; Tsaur, W.-J.; Weng, W.; Deng, Y.-Y.; Wu, C.-M.; Cui, J. An Anti-Counterfeit and Traceable Management System for Brand Clothing with Hyperledger Fabric Framework. Symmetry 2021, 13, 2048. [Google Scholar] [CrossRef]
  25. Chen, C.-L.; Deng, Y.-Y.; Tsaur, W.-J.; Li, C.-T.; Lee, C.-C.; Wu, C.-M. A Traceable Online Insurance Claims System Based on Blockchain and Smart Contract Technology. Sustainability 2021, 13, 9386. [Google Scholar] [CrossRef]
  26. Atzori, L.; Iera, A.; Morabito, G. The Internet of Things: A survey. Comput. Netw. 2010, 54, 2787–2805. [Google Scholar] [CrossRef]
  27. Chen, S.J.; Hovde, D.C.; Peterson, K.A.; Marshall, A.W. Fire detection using smoke and gas sensors. Fire Saf. J. 2007, 42, 507–515. [Google Scholar] [CrossRef]
  28. Maguluri, L.P.; Srinivasarao, T.; Ragupathy, R.; Syamala, M.; Nalini, N.J. Efficient Smart Emergency Response System for Fire Hazards using IoT. Int. J. Adv. Comput. Sci. Appl. 2018, 9, 314–320. [Google Scholar]
  29. Jacob, T.P.; Pravin, A. Environmental Pollution Alerting System Using IOT. Res. J. Pharm. Biol. Chem. Sci. 2018, 9, 403–406. [Google Scholar]
  30. Lee, J.; Kim, J.; Im, J.P.; Lim, S.Y.; Kwon, J.Y.; Lee, S.M.; Moon, S.E. MEMS-Based NO2 Gas Sensor Using ZnO Nano-Rods for Low-Power IoT Application. J. Korean Phys. Soc. 2017, 70, 924–928. [Google Scholar] [CrossRef]
  31. Suh, J.H.; Cho, I.; Kang, K.; Kweon, S.J.; Lee, M.; Yoo, H.J.; Park, I. Fully integrated and portable semiconductor-type multi-gas sensing module for IoT applications. Sens. Actuator B Chem. 2018, 265, 660–667. [Google Scholar] [CrossRef]
  32. Gu, Z.M. Home smart motion system assisted by multi-sensor. Microprocess. Microsyst. 2021, 80. [Google Scholar] [CrossRef]
  33. Choo, K.D.; Xu, L.; Kim, Y.; Seol, J.H.; Wu, X.; Sylvester, D.; Blaauw, D. Energy-Efficient Motion-Triggered IoT CMOS Image Sensor With Capacitor Array-Assisted Charge-Injection SAR ADC. IEEE J. Solid State Circuit 2019, 54, 2921–2931. [Google Scholar] [CrossRef]
  34. Kim, J.W.; Sul, S.H.; Choi, J.B. Development of real-time Internet of Things motion detection platform applying non-contact sensor based on open source hardware. Int. J. Distrib. Sens. Netw. 2020, 16, 20. [Google Scholar] [CrossRef]
  35. McCay, K.D.; Ho, E.S.L.; Shum, H.P.H.; Fehringer, G.; Marcroft, C.; Embleton, N.D. Abnormal Infant Movements Classification With Deep Learning on Pose-Based Features. IEEE Access 2020, 8, 51582–51592. [Google Scholar] [CrossRef]
  36. Shehzed, A.; Jalal, A.; Kim, K. Multi-Person Tracking in Smart Surveillance System for Crowd Counting and Normal/Abnormal Events Detection. In Proceedings of the 2019 International Conference on Applied and Engineering Mathematics (ICAEM), Taxila, Pakistan, 27–29 August 2019; pp. 163–168. [Google Scholar]
  37. Sreenu, G.; Saleem Durai, M.A. Intelligent video surveillance: A review through deep learning techniques for crowd analysis. J. Big Data 2019, 6, 48. [Google Scholar] [CrossRef]
  38. Zhou, S.; Shen, W.; Zeng, D.; Fang, M.; Wei, Y.; Zhang, Z. Spatial–temporal convolutional neural networks for anomaly detection and localization in crowded scenes. Signal Process. Image Commun. 2016, 47, 358–368. [Google Scholar] [CrossRef]
  39. Ermis, A.; Yurttadur, A.A.; Karacay, T. Human Intruder Detection by Measuring and Analysing Ground Vibrations. J. Fac. Eng. Archit. Gazi Univ. 2015, 30, 207–215. [Google Scholar]
  40. Auvinet, E.; Multon, F.; Saint-Arnaud, A.; Rousseau, J.; Meunier, J. Fall Detection With Multiple Cameras: An Occlusion-Resistant Method Based on 3-D Silhouette Vertical Distribution. IEEE Trans. Inf. Technol. Biomed. 2011, 15, 290–300. [Google Scholar] [CrossRef]
  41. Kong, X.; Meng, Z.; Meng, L.; Tomiyama, H. A Privacy Protected Fall Detection IoT System for Elderly Persons Using Depth Camera. In Proceedings of the 2018 International Conference on Advanced Mechatronic Systems (ICAMechS), Zhengzhou, China, 30 August–2 September 2018; pp. 31–35. [Google Scholar]
  42. Leone, A.; Diraco, G.; Siciliano, P. Detecting falls with 3D range camera in ambient assisted living applications: A preliminary study. Med. Eng. Phys. 2011, 33, 770–781. [Google Scholar] [CrossRef] [PubMed]
  43. Shojaei-Hashemi, A.; Nasiopoulos, P.; Little, J.J.; Pourazad, M.T. Video-based Human Fall Detection in Smart Homes Using Deep Learning. In Proceedings of the 2018 IEEE International Symposium on Circuits and Systems (ISCAS), Florence, Italy, 27–30 May 2018; pp. 1–5. [Google Scholar]
  44. Gia, T.N.; Sarker, V.K.; Tcarenko, I.; Rahmani, A.M.; Westerlund, T.; Liljeberg, P.; Tenhunen, H. Energy efficient wearable sensor node for IoT-based fall detection systems. Microprocess. Microsyst. 2018, 56, 34–46. [Google Scholar] [CrossRef]
  45. Kim, T.; Park, H.; Hong, S.H.; Chung, Y. Integrated System of Face Recognition and Sound Localization for a Smart Door Phone. IEEE Trans. Consum. Electron. 2013, 59, 598–603. [Google Scholar] [CrossRef]
  46. Huang, Z.G.; Zhang, L.; Meng, X.Y.; Choo, K.K.R. Key-Free Authentication Protocol Against Subverted Indoor Smart Devices for Smart Home. IEEE Internet Things J. 2020, 7, 1039–1047. [Google Scholar] [CrossRef]
  47. Song, S.J.; Nam, H. Visible light Identification System for Smart Door Lock Application with Small Area Outdoor Interface. Curr. Opt. Photonics 2017, 1, 90–94. [Google Scholar] [CrossRef] [Green Version]
  48. Won, J.; Park, J.; Park, J.W.; Kim, I.H. BLESeis: Low-Cost IoT Sensor for Smart Earthquake Detection and Notification. Sensors 2020, 20, 13. [Google Scholar] [CrossRef]
  49. Taale, A.; Ventura, C.E.; Marti, J. On the feasibility of IoT-based smart meters for earthquake early warning. Earthq. Spectra 2021, 37, 2066–2083. [Google Scholar] [CrossRef]
  50. Khan, I.; Choi, S.; Kwon, Y.W. Earthquake Detection in a Static and Dynamic Environment Using Supervised Machine Learning and a Novel Feature Extraction Method. Sensors 2020, 20, 21. [Google Scholar] [CrossRef] [PubMed] [Green Version]
  51. Popper, N. Decoding the enigma of Satoshi Nakamoto and the birth of Bitcoin. New York Times, 15 May 2015. [Google Scholar]
  52. Peck, M.E. The cryptoanarchists’ answer to cash. IEEE Spectrum 2012, 49, 50–56. [Google Scholar] [CrossRef]
  53. Nakamoto, S. Bitcoin: A Peer-to-Peer Electronic Cash System. Available online: https://bitcoin.org/bitcoin.pdf (accessed on 29 December 2020).
  54. Buterin, V. A next-generation smart contract and decentralized application platform. Ethereum White Pap. 2014, 3, 36. [Google Scholar]
  55. Corda. Available online: https://www.corda.net/ (accessed on 1 November 2021).
  56. Azure Blockchain. Available online: https://azure.microsoft.com/en-us/solutions/blockchain/ (accessed on 1 November 2021).
  57. Nasir, Q.; Qasse, I.A.; Abu Talib, M.; Nassif, A.B. Performance Analysis of Hyperledger Fabric Platforms. Secur. Commun. Netw. 2018, 2018, 3976093. [Google Scholar] [CrossRef] [Green Version]
  58. Chen, C.-L.; Lim, Z.-Y.; Liao, H.-C.; Deng, Y.-Y.; Chen, P. A Traceable and Verifiable Tobacco Products Logistics System with GPS and RFID Technologies. Appl. Sci. 2021, 11, 4939. [Google Scholar] [CrossRef]
  59. Iftekhar, A.; Cui, X.H. Blockchain-Based Traceability System That Ensures Food Safety Measures to Protect Consumer Safety and COVID-19 Free Supply Chains. Foods 2021, 10, 12. [Google Scholar] [CrossRef] [PubMed]
  60. Zhang, Y.; Wang, Z.; Deng, J.; Gong, Z.; Flood, I.; Wang, Y. Framework for a Blockchain-Based Infrastructure Project Financing System. IEEE Access 2021, 9, 141555–141570. [Google Scholar] [CrossRef]
  61. Xiao, Z.; Li, Z.; Yang, Y.; Chen, P.; Liu, R.W.; Jing, W.; Pyrloh, Y.; Sotthiwat, E.; Goh, R.S.M. Blockchain and IoT for Insurance: A Case Study and Cyberinfrastructure Solution on Fine-Grained Transportation Insurance. IEEE Trans. Comput. Soc. Syst. 2020, 7, 1409–1422. [Google Scholar] [CrossRef]
  62. Tanwar, S.; Parekh, K.; Evans, R. Blockchain-based electronic healthcare record system for healthcare 4.0 applications. J. Inf. Secur. Appl. 2020, 50, 102407. [Google Scholar] [CrossRef]
  63. Jayaraman, R.; Salah, K.; King, N. Improving Opportunities in Healthcare Supply Chain Processes via the Internet of Things and Blockchain Technology. Int. J. Healthc. Inf. Syst. Inf. 2019, 14, 49–65. [Google Scholar] [CrossRef] [Green Version]
  64. Mohamed, K.S. Cryptography Concepts: Integrity, Authentication, Availability, Access Control, and Non-repudiation. In New Frontiers in Cryptography: Quantum, Blockchain, Lightweight, Chaotic and DNA; Mohamed, K.S., Ed.; Springer International Publishing: Cham, Switzerland, 2020; pp. 41–63. [Google Scholar] [CrossRef]
  65. Yuan, H.; Chen, X.; Wang, J.; Yuan, J.; Yan, H.; Susilo, W. Blockchain-based public auditing and secure deduplication with fair arbitration. Inf. Sci. 2020, 541, 409–425. [Google Scholar] [CrossRef]
  66. Conti, M.; Dragoni, N.; Lesyk, V. A Survey of Man In The Middle Attacks. IEEE Commun. Surv. Tutor. 2016, 18, 2027–2051. [Google Scholar] [CrossRef]
  67. Zhao, Y.; Li, Y.; Mu, Q.; Yang, B.; Yu, Y. Secure Pub-Sub: Blockchain-Based Fair Payment With Reputation for Reliable Cyber Physical Systems. IEEE Access 2018, 6, 12295–12303. [Google Scholar] [CrossRef]
  68. Feng, Y.; Wang, W.; Weng, Y.; Zhang, H. A Replay-Attack Resistant Authentication Scheme for the Internet of Things. In Proceedings of the 2017 IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC), Guangzhou, China, 21–24 July 2017; pp. 541–547. [Google Scholar]
  69. Zaman, A.; Safarinejadian, B.; Birk, W. Security analysis and fault detection against stealthy replay attacks. Int. J. Control. 2020, 1–14. [Google Scholar] [CrossRef]
  70. Johnson, D.; Menezes, A.; Vanstone, S. The Elliptic Curve Digital Signature Algorithm (ECDSA). Int. J. Inf. Secur. 2001, 1, 36–63. [Google Scholar] [CrossRef]
  71. Khairuddin, M.H.; Shahbudin, S.; Kassim, M. A smart building security system with intelligent face detection and recognition. IOP Conf. Ser. Mater. Sci. Eng. 2021, 1176, 012030. [Google Scholar] [CrossRef]
Figure 1. Proposed system architecture.
Figure 1. Proposed system architecture.
Sustainability 13 13994 g001
Figure 2. Structure of user information, IoT information, and the enumeration of three types (Role, IoT, and Privacy).
Figure 2. Structure of user information, IoT information, and the enumeration of three types (Role, IoT, and Privacy).
Sustainability 13 13994 g002
Figure 3. Structure of triggered event information.
Figure 3. Structure of triggered event information.
Sustainability 13 13994 g003
Figure 4. The flowchart of the registration phase for a participant.
Figure 4. The flowchart of the registration phase for a participant.
Sustainability 13 13994 g004
Figure 5. The flowchart of the registration phase for IoT devices.
Figure 5. The flowchart of the registration phase for IoT devices.
Sustainability 13 13994 g005
Figure 6. The flowchart of the phase of authentication.
Figure 6. The flowchart of the phase of authentication.
Sustainability 13 13994 g006
Figure 7. The flowchart of the alarm triggered phase.
Figure 7. The flowchart of the alarm triggered phase.
Sustainability 13 13994 g007
Figure 8. The flowchart of the notification phase.
Figure 8. The flowchart of the notification phase.
Sustainability 13 13994 g008
Figure 9. The flowchart of the response phase from the security guard.
Figure 9. The flowchart of the response phase from the security guard.
Sustainability 13 13994 g009
Figure 10. The flowchart of the response phase from an occupant.
Figure 10. The flowchart of the response phase from an occupant.
Sustainability 13 13994 g010
Figure 11. The phase of obtaining authorization when viewing the private history videos or records.
Figure 11. The phase of obtaining authorization when viewing the private history videos or records.
Sustainability 13 13994 g011
Figure 12. The phase of obtaining authorization when viewing the public history videos or records.
Figure 12. The phase of obtaining authorization when viewing the public history videos or records.
Sustainability 13 13994 g012
Figure 13. The flow of clarifying information and signature.
Figure 13. The flow of clarifying information and signature.
Sustainability 13 13994 g013
Figure 14. Update data to Blockchain Center.
Figure 14. Update data to Blockchain Center.
Sustainability 13 13994 g014
Table 1. The description of the notations.
Table 1. The description of the notations.
NotationsDescription
I D X X is the identity of the participant (such as IoT devices and occupants), issued by the blockchain center.
I D E The event ID that generated by IoT devices, included the ID of IoT and User. The format is [UserID + IoTID + timestamp]
q A k-bit of prime number
G F ( q ) Finite group of q
E The elliptic curve defined on finite group
G A generating point based on the elliptic curve E
k i The ith random value on the elliptic curve
( r X i , s X i ) Elliptic curve signature value of X
( x X i , y X i ) The ECDSA signature value of X
d X The ECDSA’s private key of participant X
Q X The ECDSA’s public key of participant X
P u k X The public key of party X, issued by the BC’s CA
P r k X The private key of party X, issued by the BC’s CA
C X i The ith ciphertext of X
H ( M ) One way hash function
h X i The ith hash value of X
T i The ith timestamp
τ The threshold for checking the validity of a timestamp
M i The ith message from a sender
E P u k X ( M ) / D P r k x X ( M ) Encrypt or decrypt message M with a public key or private key of participant X
Table 2. Verification of data integrity of the proposed scheme.
Table 2. Verification of data integrity of the proposed scheme.
PhasePartyMessageHash ValueVerification
SenderReceiver
Registration of IoTXCA M 1 = ( I D X | | I D C A | | < I o T _ I n f o r m a t i o n > | | T 1 ) h X 1 = H ( M 1 ) V e r i f y ( h X 1 , r X 1 , s X 1 )
CAX M 2 = ( I D C A | | I D X | | I D I o T | | d I o T | | Q I o T | | T 3 ) h C A 1 = H ( M 2 ) V e r i f y ( h C A 1 , r C A 1 , s C A 1 )
AuthenticationXY M 3 = ( I D X | | I D Y | | T 5 ) h X 2 = H ( M 3 ) V e r i f y ( h X 1 , r X 1 , s X 1 )
YX M 4 = ( I D Y | | I D X | | T 7 ) h Y 1 = H ( M 4 ) V e r i f y ( h Y 1 , r Y 1 , s Y 1 )
Alarm triggeredIoTLS M 5 = ( I D I o T | | I D L S | | I D O P | | I D E | | T 9 ) h I o T 1 = H ( M 5 ) V e r i f y ( h I o T 1 , r I o T 1 , s I o T 1 )
LSIoT M 6 = ( I D L S | | I D I o T | | T 11 ) h L S 1 = H ( M 6 ) V e r i f y ( h L S 1 , r L S 1 , s L S 1 )
NotificationIoTSG/OP M 7 = ( I D I o T | | I D S O | | I D O P | | I D E | | T 13 ) h I o T 2 = H ( M 7 ) V e r i f y ( h I o T 2 , r I o T 2 , s I o T 2 )
SG/OPIoT M 8 = ( I D S O | | I D I o T | | T 15 ) h S O 1 = H ( M 8 ) V e r i f y ( h S O 1 , r S O 1 , s S O 1 )
Response
(Public IoT)
SGLS M 9 = ( I D S G | | I D L S | | I D E | | T 17 ) h S G 1 = H ( M 9 ) V e r i f y ( h S G 1 , r S G 1 , s S G 1 )
LSSG M 10 = ( I D L S | | I D S G | | T 19 ) h L S 2 = H ( M 10 ) V e r i f y ( h L S 2 , r L S 2 , s L S 2 )
Response
(Private IoT)
OPLS M 11 = ( I D O P | | I D L S | | I D E | | T 21 ) h O P 1 = H ( M 11 ) V e r i f y ( h O P 1 , r O P 1 , s O P 1 )
LSOP M 12 = ( I D L S | | I D O P | | I D E | | T 23 ) h L S 3 = H ( M 12 ) V e r i f y ( h L S 3 , r L S 3 , s L S 3 )
LSSG M 13 = ( I D L S | | I D S G | | I D E | | T 25 ) h L S 4 = H ( M 13 ) V e r i f y ( h L S 4 , r L S 4 , s L S 4 )
SGLS M 14 = ( I D S G | | I D L S | | I D E | | T 27 ) h S G 2 = H ( M 14 ) V e r i f y ( h S G 2 , r S G 2 , s S G 2 )
Table 3. Verify non-repudiation of the proposed scheme.
Table 3. Verify non-repudiation of the proposed scheme.
PhasePartySignatureVerification
SenderReceiver
Registration of IoTXCA ( r X 1 , s X 1 ) = S i g n ( h X 1 , k 1 , d X ) V e r i f y ( h X 1 , r X 1 , s X 1 )
CAX ( r C A 1 , s C A 1 ) = S i g n ( h C A 1 , k 2 , d C A ) V e r i f y ( h C A 1 , r C A 1 , s C A 1 )
AuthenticationXY ( r X 2 , s X 2 ) = S i g n ( h X 2 , k 3 , d X ) V e r i f y ( h X 1 , r X 1 , s X 1 )
YX ( r Y 1 , s Y 1 ) = S i g n ( h Y 1 , k 4 , d Y ) V e r i f y ( h Y 1 , r Y 1 , s Y 1 )
Alarm triggeredIoTLS ( r I o T 1 , s I o T 1 ) = S i g n ( h I o T 1 , k 5 , d I o T ) V e r i f y ( h I o T 1 , r I o T 1 , s I o T 1 )
LSIoT ( r L S 1 , s L S 1 ) = S i g n ( h L S 1 , k 6 , d L S ) V e r i f y ( h L S 1 , r L S 1 , s L S 1 )
NotificationIoTSG/OP ( r I o T 2 , s I o T 2 ) = S i g n ( h I o T 2 , k 7 , d I o T ) V e r i f y ( h I o T 2 , r I o T 2 , s I o T 2 )
SG/OPIoT ( r S O 1 , s S O 1 ) = S i g n ( h S O 1 , k 8 , d S O ) V e r i f y ( h S O 1 , r S O 1 , s S O 1 )
Response
(Public IoT)
SGLS ( r S G 1 , s S G 1 ) = S i g n ( h S G 1 , k 9 , d S G ) V e r i f y ( h S G 1 , r S G 1 , s S G 1 )
LSSG ( r L S 2 , s L S 2 ) = S i g n ( h L S 2 , k 10 , d L S ) V e r i f y ( h L S 2 , r L S 2 , s L S 2 )
Response
(Private IoT)
OPLS ( r O P 1 , s O P 1 ) = S i g n ( h O P 1 , k 11 , d O P ) V e r i f y ( h O P 1 , r O P 1 , s O P 1 )
LSOP ( r L S 3 , s L S 3 ) = S i g n ( h L S 3 , k 12 , d L S ) V e r i f y ( h L S 3 , r L S 3 , s L S 3 )
LSSG ( r L S 4 , s L S 4 ) = S i g n ( h L S 4 , k 13 , d L S ) V e r i f y ( h L S 4 , r L S 4 , s L S 4 )
SGLS ( r S G 2 , s S G 2 ) = S i g n ( h S G 2 , k 14 , d S G ) V e r i f y ( h S G 2 , r S G 2 , s S G 2 )
Table 4. Encryption and decryption to prevent man-in-the-middle attack.
Table 4. Encryption and decryption to prevent man-in-the-middle attack.
PhasePartyEncryptionDecryption
SenderReceiver
Registration of IoTXCA C X 1 = E P u k C A ( M 1 ) M 1 = D P r k C A ( C X 1 )
CAX C C A 1 = E P u k X ( M 2 ) M 2 = D P r k X ( C C A 1 )
AuthenticationXY C X 2 = E P u k Y ( M 3 ) M 3 = D P r k Y ( C X 2 )
YX C Y 1 = E P u k X ( M 4 ) M 4 = D P r k X ( C Y 1 )
Alarm triggeredIoTLS C I o T 1 = E P u k L S ( M 5 ) M 5 = D P r k L S ( C I o T 1 )
LSIoT C L S 1 = E P u k I o T ( M 6 ) M 6 = D P r k I o T ( C L S 1 )
NotificationIoTSG/OP C I o T 2 = E P u k S O ( M 7 ) M 7 = D P r k S O ( C I o T 2 )
SG/OPIoT C S O 1 = E P u k I o T ( M 8 ) M 8 = D P r k I o T ( C S O 1 )
Response
(Public IoT)
SGLS C S G 1 = E P u k L S ( M 9 ) M 9 = D P r k L S ( C S G 1 )
LSSG C L S 2 = E P u k S G ( M 10 ) M 10 = D P r k S G ( C L S 2 )
Response
(Private IoT)
OPLS C O P 1 = E P u k L S ( M 11 ) M 11 = D P r k L S ( C O P 1 )
LSOP C L S 3 = E P u k O P ( M 12 ) M 12 = D P r k O P ( C L S 3 )
LSSG C S G 2 = E P u k L S ( M 13 ) M 13 = D P r k L S ( C S G 2 )
SGLS C L S 4 = E P u k S G ( M 14 ) M 14 = D P r k S G ( C L S 4 )
Table 5. Timestamp validation to prevent man-in-the-middle attack.
Table 5. Timestamp validation to prevent man-in-the-middle attack.
PhasePartySend TimeReceive TimeValidation
SenderReceiver
Registration of IoTXCA T 1 T 2 Check   ( T 2 T 1 ) ? τ
CAX T 3 T 4 Check   ( T 4 T 3 ) ? τ
AuthenticationXY T 5 T 6 Check   ( T 6 T 5 ) ? τ
YX T 7 T 8 Check   ( T 8 T 7 ) ? τ
Alarm triggeredIoTLS T 9 T 10 Check   ( T 10 T 9 ) ? τ
LSIoT T 11 T 12 Check   ( T 12 T 11 ) ? τ
NotificationIoTSG/OP T 13 T 14 Check   ( T 14 T 13 ) ? τ
SG/OPIoT T 15 T 16 Check   ( T 16 T 15 ) ? τ
Response
(Public IoT)
SGLS T 17 T 18 Check   ( T 18 T 17 ) ? τ
LSSG T 19 T 20 Check   ( T 20 T 19 ) ? τ
Response
(Private IoT)
OPLS T 21 T 22 Check   ( T 22 T 21 ) ? τ
LSOP T 23 T 24 Check   ( T 24 T 23 ) ? τ
LSSG T 25 T 26 Check   ( T 26 T 25 ) ? τ
SGLS T 27 T 28 Check   ( T 28 T 27 ) ? τ
Table 6. Computation costs of the proposed scheme.
Table 6. Computation costs of the proposed scheme.
PhaseParticipant 1Participant 2
Registration of IoTUser X:
2Th + 2Tadd + 1Tsub + 4Tmul + 3Tdiv + 2Tasy
Certificate Authority:
2Th + 2Tadd + 1Tsub + 3Tmul + 3Tdiv + 2Tasy
AuthenticationUser X:
2Th + 2Tadd + 1Tsub + 4Tmul + 3Tdiv + 2Tasy
User Y:
2Th + 2Tadd + 1Tsub + 3Tmul + 3Tdiv + 2Tasy
Alarm triggeredInternet of Things:
2Th + 2Tadd + 1Tsub + 4Tmul + 3Tdiv + 2Tasy
Log Server:
2Th + 2Tadd + 1Tsub + 3Tmul + 3Tdiv + 2Tasy
NotificationInternet of Things:
2Th + 2Tadd + 1Tsub + 4Tmul + 3Tdiv + 2Tasy
Security Guard/Occupant:
2Th + 2Tadd + 1Tsub + 3Tmul + 3Tdiv + 2Tasy
Response
(Public IoT)
Security Guard:
2Th + 2Tadd + 1Tsub + 4Tmul + 3Tdiv + 2Tasy
Log Server:
2Th + 2Tadd + 1Tsub + 3Tmul + 3Tdiv + 2Tasy
Response
(Private IoT)
Occupant:
2Th + 2Tadd + 1Tsub + 4Tmul + 3Tdiv + 2Tasy
Log Server:
2Th + 2Tadd + 1Tsub + 3Tmul + 3Tdiv + 2Tasy
Log Server:
2Th + 2Tadd + 1Tsub + 4Tmul + 3Tdiv + 2Tasy
Security Guard:
2Th + 2Tadd + 1Tsub + 3Tmul + 3Tdiv + 2Tasy
Notes: Th: a hash operation; Tadd: an additional operation; Tsub: a subtraction operation; Tmul: a multiplication operation; Tdiv: a division operation; Tasy: asymmetrical encryption/decryption.
Table 7. Communication costs of the proposed scheme.
Table 7. Communication costs of the proposed scheme.
PhaseMessage Length4G (100 Mbps)5G (20 Gbps)
Registration of IoT3648 bits35 ms0.17 ms
Authentication3648 bits35 ms0.17 ms
Alarm triggered3648 bits35 ms0.17 ms
Notification3648 bits35 ms0.17 ms
Response (Public IoT)3648 bits35 ms0.17 ms
Response (Private IoT)7296 bits70 ms0.34 ms
Notes: LID: an ID (144 bits); Lm: a cipher message (512 bits); Lsig: signature parameters (1024 bits).
Table 8. Comparison with surveyed related works.
Table 8. Comparison with surveyed related works.
AuthorsYearObjectiveTechnologies123456
Dutta et al. [9]2018IoT security systemIoT, ArduinoYNYNNN
Prasetyo et al. [10]2018Smart office system with threat detection IoT, Arduino, Raspberry PiYNYYNN
Saeed et al. [11]2018Smart home environment for fire preventionZigBeeYNYNYN
Taryudi et al. [12]2018Home security and monitoring system with various types of sensor, such as PIR, DHT-22, rain, fire, LDR sensors.Arduino-nano, NodeMCU ESP8266YNYNNN
Al-Hudhud et al. [13]2019Security guard system with augmented reality to monitor IoT statusInfrared biosensor, google glassYNYYYN
Ray et al. [14]2020The security issues of smart home networkInformation security, networkingYNYYYN
Khan et al. [15]2020Data verification system for surveillance camerasBlockchain, IoTYYYYYN
Rahman et al. [16]2020Distributed IoT-SDN Model for condominiumBlockchain, IoT-SDNYYYNYN
Khairuddin et al. [71]2021Smart building system with face detection and recognitionImage processing, Raspberry PiYNYYYN
Our proposed method2021A Blockchain-based community safety security system with IoT secure devicesBlockchain, IoTYYYYYY
Notes: 1: Application for community or building safety, 2: Blockchain-based architecture, 3: Internet of Things (IoT), 4: Surveillance Camera, 5: Complete architecture or framework, 6: Security analysis, Y: Yes, N: No.
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Share and Cite

MDPI and ACS Style

Chen, C.-L.; Lim, Z.-Y.; Liao, H.-C. Blockchain-Based Community Safety Security System with IoT Secure Devices. Sustainability 2021, 13, 13994. https://doi.org/10.3390/su132413994

AMA Style

Chen C-L, Lim Z-Y, Liao H-C. Blockchain-Based Community Safety Security System with IoT Secure Devices. Sustainability. 2021; 13(24):13994. https://doi.org/10.3390/su132413994

Chicago/Turabian Style

Chen, Chin-Ling, Zi-Yi Lim, and Hsien-Chou Liao. 2021. "Blockchain-Based Community Safety Security System with IoT Secure Devices" Sustainability 13, no. 24: 13994. https://doi.org/10.3390/su132413994

APA Style

Chen, C. -L., Lim, Z. -Y., & Liao, H. -C. (2021). Blockchain-Based Community Safety Security System with IoT Secure Devices. Sustainability, 13(24), 13994. https://doi.org/10.3390/su132413994

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop