Options
Liyanage, Madhusanka
Preferred name
Liyanage, Madhusanka
Official Name
Liyanage, Madhusanka
Research Output
Now showing 1 - 10 of 43
- PublicationA Delay-Tolerant Payment Scheme Based on the Ethereum BlockchainDigital banking as an essential service can be hard to access in remote, rural regions where the network connectivity is unavailable or intermittent. The payment operators like Visa and Mastercard often face difficulties reaching these remote, rural areas. Although micro-banking has been made possible by short message service or unstructured supplementary service data messages in some places, their security flaws and session-based nature prevent them from wider adoption. Global-level cryptocurrencies enable low-cost, secure, and pervasive money transferring among distributed peers, but are still limited in their ability to reach people in remote communities. We propose a blockchain-based digital payment scheme that can deliver reliable services on top of unreliable networks in remote regions. We focus on a scenario where a community-run base station provides reliable local network connectivity while intermittently connects to the broader Internet. We take advantage of the distributed verification guarantees of the Blockchain technology for financial transaction verification and leverage smart contracts for secure service management. In the proposed system, payment operators deploy multiple proxy nodes that are intermittently connected to the remote communities where the local blockchain networks, such as Ethereum are composed of miners, vendors, and regular users. Through probabilistic modeling, we devise design parameters for the blockchain network to realize robust operation over the top of the unreliable network. Furthermore, we show that the transaction processing time will not be significantly impacted due to the network unreliability through extensive emulations on a private Ethereum network. Finally, we demonstrate the practical feasibility of the proposed system by developing Near Field Communication (NFC)-enabled payment gateways on Raspberry-Pis, a mobile wallet application and mining nodes on off-The-shelf computers.
170Scopus© Citations 52 - PublicationBlockchain-based Roaming and Offload Service Platform for Local 5G Operators(IEEE, 2021-01-12)
; ; ; ; Local 5G Operator (L5GO) concept is one of the most prominent versatile applications of the 5G in the near future. The popularity of L5GOs will trigger a greater number of roaming and offloading events between mobile operators. However, existing static and the operator-assisted roaming and offloading procedures are inefficient for L5GO ecosystem due to poor service quality, data privacy issues, data transferring delays, excessive costs for intermediary parties and existence of roaming fraud. To address these challenges, we propose a blockchain / Distributed Ledger Technology (DLT) based service platform for L5GOs to facilitate efficient roaming and offload services. As the key contribution, blockchain-based smart contract scheme is proposed to establish dynamic and automated agreements between operators. By using smart contracts, we introduce several novel features such as universal wallet for subscribers, service quality based L5GO rating system, user-initiated roaming process and the roaming fraud prevention system to improve the operational quality of a L5GO. A prototype of the proposed platform is emulated with the Ethereum blockchain platform and Rinkeby Testnet to evaluate the performance and justify the feasibility of the proposal. Upon an extensive evaluation on the prototype, it was observed that the proposed platform offered benefits such as cost effective, more secure and reliable experience.237Scopus© Citations 5 - PublicationESSMAR: Edge Supportive Secure Mobile Augmented Reality Architecture for HealthcareThe recent advances in mobile devices and wireless communication sector transformed Mobile Augmented Reality (MAR) from science fiction to reality. Among the other MAR use cases, the incorporation of this MAR technology in the healthcare sector can elevate the quality of diagnosis and treatment for the patients. However, due to the highly sensitive nature of the data available in this process, it is also highly vulnerable to all types of security threats. In this paper, an edge-based secure architecture is presented for a MAR healthcare application. Based on the ESSMAR architecture, a secure key management scheme is proposed for both the registration and authentication phases. Then the security of the proposed scheme is validated using formal and informal verification methods.
185Scopus© Citations 2 - PublicationDynamic Orchestration of Security Services at Fog Nodes for 5G IoT(IEEE, 2020-06-11)
; ; ; Fog Computing is one of the edge computing paradigms that envisages being the proximate processing and storage infrastructure for a multitude of IoT appliances. With its dynamic deployability as a medium level cloud service, fog nodes are enabling heterogeneous service provisioning infrastructure that features scalability, interoperability, and adaptability. Out of the various 5G based services possible with the fog computing platforms, security services are imperative but minimally investigated direct live. Thus, in this research, we are focused on launching security services in a fog node with an architecture capable of provisioning on-demand service requests. As the fog nodes are constrained on resources, our intention is to integrate light-weight virtualization technology such as Docker for forming the service provisioning infrastructure. We managed to launch multiple security instances configured to be Intrusion Detection and Prevention Systems (IDPSs) on the fog infrastructure emulated via a Raspberry Pi-4 device. This environment was tested with multiple network flows to validate its feasibility. In our proposed architecture, orchestration strategies performed by the security orchestrator were stated as guidelines for achieving pragmatic, dynamic orchestration with fog in IoT deployments. The results of this research guarantee the possibility of developing an ambient security service model that facilitates IoT devices with enhanced security.216Scopus© Citations 8 - PublicationNovel MEC based Approaches for Smart Hospitals to Combat COVID-19 PandemicCOVID-19 or Coronavirus has thrilled the entire world population with uncertainty over their survival and well-being. The impact this pathogen has caused over the globe has been profound due to its unique transmission features; that urges for contact-less strategies to interact and treat the infected. The impending 5G mobile technology is immersing the applications that enable the provisioning of medical and healthcare services in a contact-less manner. The edge computing paradigms offer a de-centralized and versatile networking infrastructure capable of adhering to the novel demands of 5G. In this article, we are considering Multi-Access Edge Computing (MEC) flavour of the edge paradigms for realizing the contact-less approaches that assist the mediation of COVID-19 and the future of healthcare. In order to formulate this ideology, we propose three use cases and discuss their implementation in the MEC context. Further, the requirements for launching these services are provided. Additionally, we validate our proposed approaches through simulations.
297Scopus© Citations 20 - PublicationMulti-Access Edge Computing and Blockchain-based Secure Telehealth System Connected with 5G and IoTThere is a global hype in the development of digital healthcare infrastructure to cater the massive elderly population and infectious diseases. The digital facilitation is expected to ensure the patient privacy, scalability, and data integrity on the sensitive life critical healthcare data, while aligning to the global healthcare data protection standards. The patient data sharing to third parties such as research institutions and universities is also concerned as a significant contribution to the society to sharpen the research and investigations. The emergence of 5G communication technologies eradicates the borders between patients, hospital and other institutions with high end service standards. In patients' perspective, healthcare service delivery through the digital medium is beneficial in terms of time, costs, and risks. In this paper, we propose a novel Multi-access Edge Computing(MEC) and blockchain based service architecture utilizing the lightweight ECQV (Elliptic Curve Qu-Vanstone) certificates for the realtime data privacy, integrity, and authentication between IoT, MEC, and cloud. We further attached storage offloading capability to the blockchain to ensure scalability with a massive number of connected medical devices to the cloud. We introduced a rewarding scheme to the patients and hospitals through the blockchain to encourage data sharing. The access control is handled through the smart contracts. We evaluated the proposed system in a near realistic implementation using Hyperledger Fabric blockchain platform with Raspberry Pi devices to simulate the activity of the medical sensors.
359Scopus© Citations 19 - PublicationZero knowledge proofs based authenticated key agreement protocol for sustainable healthcare(Elsevier, 2022-05-01)
; ; ; ; Upgradation of technologies for sustainable smart cities has led to rapid growth in Internet of Things (IoT) applications, including e-healthcare services wherein smart devices collect patient data and deliver it remotely to the servers in real-time. Despite its enormous benefits, IoT in healthcare has not received much attention primarily due to the risk of unauthorized access to confidential medical information enabled by the vulnerable wireless channel for communication. Besides, tiny IoT devices have limited computing power and storage capabilities that prevent administrators from using complex and resource-hungry security protocols. The cyber attacks on the Internet of Healthcare applications (IoHA) could result in fatalities, decreased revenue, and reputation loss, hence endangering sustainability. The existing security protocols are unsuitable due to the cost complexities that necessitate developing new security protocols for resource-constrained and heterogeneous IoT networks. We introduce a confidentiality and anonymity-preserving scheme for critical infrastructures of IoT to conquer cyber threats for sustainable healthcare. This paper proposes Zero-Knowledge Proofs (ZKP) based Authenticated Key Agreement (AKA) protocol for IoHA. ZKP-AKA uses zero-knowledge proofs, physically unclonable function, biometrics, symmetric cryptography, message digest, etc., for accomplishing the protocol’s objective at minimal computation, storage, and communication expenses. ZKP-AKA retains data integrity, confidentiality, anonymity, and safety from significant cyber threats12Scopus© Citations 14 - PublicationMicro-Operator driven Local 5G Network Architecture for Industrial InternetIn addition to the high degree of flexibility and customization required by different vertical sectors, 5G calls for a network architecture that ensures ultra-responsive and ultra-reliable communication links. The novel concept called micro-operator (uO) enables a versatile set of stakeholders to operate local 5G networks within their premises with a guaranteed quality and reliability to complement mobile network operators' (MNOs) offerings. In this paper, we propose a descriptive architecture for emerging 5G uOs which provides user specific and location specific services in a spatially confined environment. The architecture is discussed in terms of network functions and the operational units which entail the core and radio access networks in a smart factory environment which supports industry 4.0 standards. Moreover, in order to realize the conceptual design, we provide simulation results for the latency measurements of the proposed uO architecture with respect to an augmented reality use case in industrial internet. Thereby we discuss the benefits of having uO driven local 5G networks for specialized user requirements, rather than continuing with the conventional approach where only MNOs can deploy cellular networks.
215Scopus© Citations 27 - PublicationAGE: authentication in gadget-free healthcare environments(Springer, 2019-10-03)
; ; ; ; Mobile and sensor related technologies are significantly revolutionizing the medical healthcare sectors. In current healthcare systems, gadgets are the prominent way of acquiring medical services. However, the recent technological advancements in smart and ambient environments are offering users new ways to access the healthcare services without using any explicit gadgets. One of the key challenges in such gadget-free environments is performing secure user authentication with the intelligent surroundings. For example, a secure, efficient and user-friendly authentication mechanism is essential for elderly/disabled people or patients in critical conditions requiring medical services. Hence, modern authentication systems should be sophisticated enough to identify such patients without requiring their physical efforts or placing gadgets on them. This paper proposes an anonymous and privacy-preserving biometrics based authentication scheme for such gadget-free healthcare environment. We performed formal security verification of our proposed scheme using CDVT/AD tool and our results indicate that the proposed scheme is secure for such smart and gadget-free environments. We verify that the proposed scheme can resist against various well-known security attacks. Moreover, the proposed system showed better performance as compared with existing biometrics base remote user authentication schemes.214 - PublicationReliable Control and Data Planes for Softwarized Networks(Springer, 2020-07-23)
; ; ; ; Driven by the requirement of increasing performance and flexibility, networks are being softwarized by paradigms such as software-defined networking (SDN) and network function virtualization (NFV). These solutions reduce the complexity and the specialization of hardware devices, by extracting the inherently distributed control plane of forwarding network elements such as switches and routers, to a logically centralized control plane (referred as controller in SDN). The control plane acts as a broker between the network applications (e.g. monitoring, traffic engineering) and the data plane (i.e. physical network infrastructure). For scalability and robustness, the logically centralized control plane is implemented by physically distributing different controllers throughout the network. This chapter presents different solutions to increase the reliability of both planes: data and control planes. The reliability of the data plane can be increased by considering survivable virtual network embedding solutions. This chapter proposes a survivable embedding against single and double failures at either links or nodes. Furthermore, in order to provide a programmable and resilient data plane, BPFabric has been proposed for SDN which supports high performance functions suitable for detecting attacks. On the other hand, the reliability of the control plane applied to SDN can be addressed by considering enhanced controller placement solutions providing redundancy against uncorrelated as well as targeted failures while coping with latency and capacity requirements. Furthermore, a solution to increase the security and robustness of the control channel is also addressed in this chapter.67