Next Article in Journal
CSK-CNN: Network Intrusion Detection Model Based on Two-Layer Convolution Neural Network for Handling Imbalanced Dataset
Next Article in Special Issue
An Edge Device Framework in SEMAR IoT Application Server Platform
Previous Article in Journal
Adaptive Savitzky–Golay Filters for Analysis of Copy Number Variation Peaks from Whole-Exome Sequencing Data
Previous Article in Special Issue
Pervasive Healthcare Internet of Things: A Survey
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Information
Volume 14
Issue 2
10.3390/info14020129
Review Report
information-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

A Blockchain-Inspired Attribute-Based Zero-Trust Access Control Model for IoT

Information 2023, 14(2), 129; https://doi.org/10.3390/info14020129
by Samia Masood Awan 1, Muhammad Ajmal Azad 2,*, Junaid Arshad 2, Urooj Waheed 3 and Tahir Sharif 4
Reviewer 1:
Sergio Trilles
Reviewer 2: Anonymous
Information 2023, 14(2), 129; https://doi.org/10.3390/info14020129
Submission received: 12 January 2023 / Revised: 9 February 2023 / Accepted: 10 February 2023 / Published: 16 February 2023
(This article belongs to the Special Issue Pervasive Computing in IoT)

Round 1

Reviewer 1 Report

 

Authors proposed a novel secure framework that monitors and facilitates device-to-device communications with different levels of access-controlled mechanisms based on environmental parameters and device behavior. A blockchain network is used to ensure anonymous device and user registrations and immutable activity logs. Finally, a security evaluation shows that ZAIB satisfies the needs of active defense and end-to-end security enforcement of data, users, and services involved in a smart grid network

 

A very nice, easy-to-read paper on a topic very suitable for this journal. My main concerts are listed below:

 

1- The template used in this paper is not the correct one. Please provide a new version using the mdpi template

 

2- Will be possible to provide a comparison in terms of the performance of your work? Or is it a theoretical framework?

 

3- Some works will improve the state of the art or background of the paper: Blockchain (https://ieeexplore.ieee.org/abstract/document/9697067,  https://ieeexplore.ieee.org/abstract/document/9686727, https://ieeexplore.ieee.org/abstract/document/9698094) and IoT ( https://library.oapen.org/bitstream/handle/20.500.12657/23172/1006981.pdf?sequence=1#page=395,   https://www.sciencedirect.com/science/article/abs/pii/S0167739X16305519, https://ieeexplore.ieee.org/abstract/document/9278913, https://ieeexplore.ieee.org/abstract/document/9090830 ) 

 

Author Response

Reviewer#1, Concern # 1: The template used in this paper is not the correct one. Please provide a new version using the mdpi template.

Author response:  We thank the reviewer for kind consideration.

Author action: The paper is now submitted in an mdpi format for your consideration.

Reviewer#1, Concern # 2: Will be possible to provide a comparison in terms of the performance of your work? Or is it a theoretical framework?

Author response: We thank the reviewer for their comments. Performance metrics can’t be mentioned as the proposed solution is a theoretical framework. We have provided a comprehensive comparison to closely related works.

Reviewer#1, Concern # 3: Some works will improve the state of the art or background of the paper:

(https://ieeexplore.ieee.org/abstract/document/9697067,  https://ieeexplore.ieee.org/abstract/document/9686727, https://ieeexplore.ieee.org/abstract/document/9698094) and IoT ( https://library.oapen.org/bitstream/handle/20.500.12657/23172/1006981.pdf?sequence=1#page=395,   https://www.sciencedirect.com/science/article/abs/pii/S0167739X16305519, https://ieeexplore.ieee.org/abstract/document/9278913, https://ieeexplore.ieee.org/abstract/document/9090830 ) 

Author response:  We thank the reviewer for their comments. We have added most of the suggested references to improve our paper.

Author action: References have been added to the Section 3  and Section 4.3.1. We have added the references suggested by the reviewer to strengthen the discussion of relevant existing work.

Author Response File: Author Response.docx

Reviewer 2 Report

In this paper, the authors discussed the essential cyberthreats and vulnerabilities in smart environments and proposed ZAIB (Zero-Trust and ABAC for IoT using Blockchain), a novel secure framework that monitors and facilitates device-to-device communications with different level of access controlled mechanism based on environmental parameters and device behaviour. Experiment results demonstrate the effectiveness of the proposed scheme. However, I still have some concerns as follows.

1. The data structure and data model of IoT data and blockchain should be clearly described.

2. What are the overheads (e.g., system setup, data storage, computing efficiency, etc.) of the proposed scheme? More analysis should be provided.

3. How to differentiate the authors’ work from the following work (BlockShare: A Blockchain empowered system for privacy-preserving verifiable data sharing) which is already performed over blockchain? More discussion could be added.

4. There are more opportunities for conducting meaningful experiments to comprehensively evaluate the system performance and overheads. More figures should be added.

5. More technical papers about blockchain should be investigated and analyzed. For example:

- vChain+: Optimizing verifiable blockchain boolean range queries. IEEE International Conference on Data Engineering, 2022.

- NeuChain: a fast permissioned blockchain system with deterministic ordering, Proceedings of the VLDB Endowment, 2022.

- Fine-grained, secure and efficient data provenance on blockchain systems. Proceedings of the VLDB Endowment, 2019.

- Revealing Every Story of Data in Blockchain Systems, ACM SIGMOD, 2020.

Author Response

Reviewer#2, Concern # 1: The data structure and data model of IoT data and blockchain should be clearly described?

Author response:  We thank the reviewer for their comments. We have added a working scenario in the paper for your better understanding. The scenario describes the nature of the data generated by IoT and the structure of the transaction.

Author action: The discussion about the scenario outlined by the reviewer is included and enhanced in section 7.2 and figure 11 highlights the transaction order and structure.

Reviewer#2, Concern # 2:  What are the overheads (e.g., system setup, data storage, computing efficiency, etc.) of the proposed scheme? More analysis should be provided.

Author response:  We thank the reviewer for their comments. We have added section 8.5 to discuss the overheads as suggested by the reviewer.

Author action: We thank the reviewer for their comments. We have added section 8.5 to discuss the overheads as suggested by the reviewer.

Reviewer#2, Concern # 3: How to differentiate the authors’ work from the following work (BlockShare: A Blockchain empowered system for privacy-preserving verifiable data sharing) which is already performed over blockchain? More discussion could be added.

Author response:  We thank the reviewer for their comments. We acknowledge the contributions of the authors in BlockShare: A Blockchain empowered system for privacy-preserving verifiable data sharing. We have presented discussion about this paper and its shortcomings in section 3. The approach is suitable for data sharing in a scenario such as anonymous sharing of E-Heath Records. However, it doesn't provide an access control mechanism that can process all incoming device-to-device communication requests. Some of the major contributions of our proposed work are :

  • used for device-to-device communication.
  • provides dynamic access control policies for all scenarios as and when needed.
  • maintains a decentralized ledger with immutable logs that can provide system auditing.
  • zero-trust architecture makes sure every request is evaluated and granted based on the dynamic system situation.
  • considers device behavior anomalies to revoke access whenever a device seems to be compromised.

Author action: We have highlighted comparison with the suggested system in section 3.

Reviewer#2, Concern # 4: There are more opportunities for conducting meaningful experiments to comprehensively evaluate the system performance and overheads. More figures should be added.

Author response: We thank the reviewer for their comments. We appreciate the reviewer's acknowledgement of our efforts to enhance the quality of the paper. The paper is complete based on the threoatical work and proposed system architecture. We are working towards findings ways to evaluate the setup in the real environament. 

Author action: Figure 5 and Figure 11 have been added as per the reviewers suggestions.

Reviewer#2, Concern # 5: More technical papers about blockchain should be investigated and analyzed. For example:

- vChain+: Optimizing verifiable blockchain boolean range queries. IEEE International Conference on Data Engineering, 2022.

- NeuChain: a fast permissioned blockchain system with deterministic ordering, Proceedings of the VLDB Endowment, 2022.

- Fine-grained, secure and efficient data provenance on blockchain systems. Proceedings of the VLDB Endowment, 2019.

- Revealing Every Story of Data in Blockchain Systems, ACM SIGMOD, 2020.

 

Author response:  We thank the reviewer for their comments. We have added the references suggested by the reviewer.

Author action: We thank the reviewer for their comments. We have added the references suggested by the reviewer to strengthen the discussion of relevant existing work.

 

Author Response File: Author Response.docx

Round 2

Reviewer 1 Report

The authors have solved all my previous comments/suggestions.

 

Author Response

We thank reviewer for positive comments and acceptance of paper.

Reviewer 2 Report

Please tackle all problems in the comments.

Author Response

We highlighted the missing reponse below.

Reviewer#2, Concern # 1: The data structure and data model of IoT data and blockchain should be clearly described?

Author response:  We thank the reviewer for their comments. We have added a working scenario in the paper for your better understanding. The scenario describes the nature of the data generated by IoT and the structure of the transaction.

Author action: The discussion about the scenario outlined by the reviewer is included and enhanced in section 7.2 and figure 11 highlights the transaction order and structure.

Reviewer#2, Concern # 2:  What are the overheads (e.g., system setup, data storage, computing efficiency, etc.) of the proposed scheme? More analysis should be provided.

Author response:  We thank the reviewer for their comments. We have added section 8.5 to discuss the overheads as suggested by the reviewer.

Author action: We thank the reviewer for their comments. We have added section 8.5 to discuss the overheads as suggested by the reviewer.

Reviewer#2, Concern # 3: How to differentiate the authors’ work from the following work (BlockShare: A Blockchain empowered system for privacy-preserving verifiable data sharing) which is already performed over blockchain? More discussion could be added.

Author response:  We thank the reviewer for their comments. We acknowledge the contributions of the authors in BlockShare: A Blockchain empowered system for privacy-preserving verifiable data sharing. We have presented discussion about this paper and its shortcomings in section 3. The approach is suitable for data sharing in a scenario such as anonymous sharing of E-Heath Records. However, it doesn't provide an access control mechanism that can process all incoming device-to-device communication requests. Some of the major contributions of our proposed work are :

  • used for device-to-device communication.
  • provides dynamic access control policies for all scenarios as and when needed.
  • maintains a decentralized ledger with immutable logs that can provide system auditing.
  • zero-trust architecture makes sure every request is evaluated and granted based on the dynamic system situation.
  • considers device behavior anomalies to revoke access whenever a device seems to be compromised.

Author action: We have highlighted comparison with the suggested system in section 3.

Reviewer#2, Concern # 4: There are more opportunities for conducting meaningful experiments to comprehensively evaluate the system performance and overheads. More figures should be added.

Author response: We thank the reviewer for their comments. We appreciate the reviewer's acknowledgement of our efforts to enhance the quality of the paper. The paper is complete based on the threoatical work and proposed system architecture. We are working towards findings ways to evaluate the setup in the real environament. 

Author action: Figure 5 and Figure 11 have been added as per the reviewers suggestions.

Reviewer#2, Concern # 5: More technical papers about blockchain should be investigated and analyzed. For example:

- vChain+: Optimizing verifiable blockchain boolean range queries. IEEE International Conference on Data Engineering, 2022.

- NeuChain: a fast permissioned blockchain system with deterministic ordering, Proceedings of the VLDB Endowment, 2022.

- Fine-grained, secure and efficient data provenance on blockchain systems. Proceedings of the VLDB Endowment, 2019.

- Revealing Every Story of Data in Blockchain Systems, ACM SIGMOD, 2020.

 

Author response:  We thank the reviewer for their comments. We have added the references suggested by the reviewer.

Author action: We thank the reviewer for their comments. We have added the references suggested by the reviewer to strengthen the discussion of relevant existing work.

 

Back to TopTop