DE202022104486U1 - A secured IoT communication system with blockchain technology - Google Patents

Abstract

A secured IoT communication system using blockchain technology, the system includes:
an end link layer consisting of a plurality of nodes including sensors and actuator nodes connected to a user end;
a gateway clustering layer consisting of a plurality of blockchain IoT gateways coupled to a registration unit connected to the plurality of nodes to register a user device and establish communication, each of the nodes at registered with the corresponding server under the authority of its owner before being distributed on a communications network;
a blockchain layer configured to point to the tamper-proof distributed scoring and caching architecture based on a chord technique that solves the issues of trust between nodes and data transmitted between the IoT and the multiple blockchains -Managed IoT gateways; and
an implementation layer consisting of a web application and a mobile application that enables a user device to remotely establish a secure network connection.

Description

FIELD OF THE INVENTION

The present disclosure relates to a secure IoT communication system that uses an effective blockchain technique to enhance the identity authentication mechanism.

BACKGROUND OF THE INVENTION

The Internet of Things (IoT) with numerous connected actuators and sensors has changed the world enormously. It also poses a major security issue, although it can be considered a technical improvement. Access control is a viable perspective to make IoT secure. Regardless, the conventional centralized Internet access control strategy based on a Certificate Authority (CA) or more authenticated servers faces the threat of a fundamental loss point, lack of scalability, and is resource-intensive. Alternatively, the detection of the terminal node is also an important issue. The identity-based unique number of a long-established product is difficult to counterfeit. The smaller number of resources, extensive nodes and lively topology make identity authentication in the IoT complex. The essential identity of things, compared to a human's thumbprint, would be obtained from AUU, an uncertain and impossible-to-reproduce but repeatable component in response.

However, the authentication applications based on AUU implement a star topology and depend on individual authentication servers to verify identity. This topology suffers from centralized failure and lack of scalability. Therefore, the idea of an independent identity is promoted. Blockchain is viewed as a calming technology to create a decentralized, independent identity. Although the critical component in IoT identity management is the blockchain gateway, it is rarely explained in the literature.

Considering the previous discussion, it becomes clear that a secure IoT communication system with effective blockchain technology is required.

SUMMARY OF THE INVENTION

The present disclosure aims to provide a blockchain-based secure communication system to increase security levels and mitigate replay and denial-of-service (DoS) attacks.

In one embodiment, a secured IoT communication system using effective blockchain technology is disclosed. The system includes a terminal connection layer consisting of a variety of nodes, including sensors and actuator nodes, connected to a user end. The system further includes a gateway clustering layer consisting of a plurality of blockchain IoT gateways connected to a registration unit connected to the plurality of nodes to register a user device and establish communication, wherein each of the nodes is registered with the corresponding server under the authority of its owner before being distributed in a communication network. The system further includes a blockchain layer configured to reference the tamper-proof distributed evaluation and caching architecture based on a chord technique that solves the issues of trust between nodes and the data transmitted between the IoT and manages the multiple blockchain IoT gateways. The system also includes an implementation layer consisting of a web and a mobile application to allow a user device to remotely establish a secured network connection.

In another embodiment, the registration process is performed under secure and reliable conditions, and the server chooses the private and public keys at random.

In another embodiment, the server is configured to collect numerous challenge-response pairs (CRPs) from multiple nodes and store them in a database, thereby distributing the public key to multiple nodes.

In another embodiment, the registration process includes: at least one node of the plurality of nodes to send a registration request, the at least one node receiving a public key from the server and storing the key; a server to generate a random challenge and send it to the at least one node, the at least one node receiving an AUU response upon receipt of the challenge and the node then sending a set of parameters; and the database to receive the parameters, the CRP repository requires huge memory resources, the system meanwhile has more CRP candidates, and it is also crucial for the attackers to track the authentic CRP.

In another embodiment, the set of parameters is selected from the node's eccentric serial number, the challenge, and the adaptive non-announceable utility for the server.

In another embodiment, the at least one node transmits the communication request with the individual serial number and the current time stamp to the server in order to start the registration.

In another embodiment, the IoT blockchain gateways have a full backup of all block data, where the blockchain gateway is responsible for clustering end-node data in its broadcast domain and caches the data on the blockchain, where the functional blocks are node registration, identity attestation, data decoding, data ownership verification and data upload block.

In another embodiment, the blockchain gateway is implemented in a control unit using a LoRa and Wi-Fi connection, where the blockchain gateway is configured to check the uniqueness of the node that decodes data, multiple data into one large message packet, signs the message packet with the node's owner identity, and transfers the message packet to the blockchain.

In another embodiment, when the request has arrived at the server, the server establishes a session, first decodes the message with SK and the server analyzes the serial number (SN1) and CTS from the message and then looks for elements with the key SN1 in of the CRP database, the server then searches CTS related to SN1 only if the result is not equal to zero, the presence of CTS indicating that the similar timestamp was used in the previous session, therefore considering the request as a replay attack and should be rejected. In another embodiment, the AUU technique allows the authorized users to access the cloud environment and detects the various DoS attacks.

A goal of the present disclosure is to reduce the evaluation load of the nodes without compromising security, clarify the secure communication protocol and the verification protocol to fix in the gateway-node communication mode.

Another goal of the present disclosure is to strengthen the security level and mitigate replay and denial of service (DoS) attacks.

Another goal of the present disclosure is to eliminate the privacy and security issues of the IoT.

Another object of the present disclosure is to improve the registration and certification protocol of a communication system.

Another goal of the present invention is to create a fast and cost-effective IoT system architecture based on the blockchain as an evaluating infrastructure, using AUU as an identity module for nodes.

In order to further clarify the advantages and features of the present disclosure, a more detailed description of the invention is provided by reference to specific embodiments that are illustrated in the accompanying figures. It is understood that these figures represent only typical embodiments of the invention and therefore should not be considered as limiting the scope of the invention. The invention will be described and illustrated with additional specificity and detail with the accompanying figures.

character list

• 1 ein Blockdiagramm eines gesicherten IoT-Kommunikationssystems unter Verwendung einer effektiven Blockchain-Technik gemäß einer Ausführungsform der vorliegenden Offenlegung zeigt;
• 2 ein Blockchain-basiertes IoT-Framework in Übereinstimmung mit einer Ausführungsform der vorliegenden Offenlegung zeigt; und
• 3 eine Berechnung der durchschnittlichen Ende-zu-Ende-Verzögerung in Übereinstimmung mit einer Ausführungsform der vorliegenden Offenbarung zeigt.

These and other features, aspects, and advantages of the present disclosure will be better understood when the following detailed description is read with reference to the accompanying figures, in which like characters represent like parts throughout the figures, wherein:

• 1 12 shows a block diagram of a secured IoT communication system using an efficient blockchain technique according to an embodiment of the present disclosure;
• 2 Figure 1 shows a blockchain-based IoT framework in accordance with an embodiment of the present disclosure; and
• 3 Figure 12 shows a calculation of average end-to-end delay in accordance with an embodiment of the present disclosure.

Those skilled in the art will understand that the elements in the figures are shown for simplicity and are not necessarily to scale were drawn. For example, the flow charts illustrate the method of key steps to enhance understanding of aspects of the present disclosure. In addition, one or more components of the device may be represented in the figures by conventional symbols, and the figures only show the specific details relevant to understanding the embodiments of the present disclosure, not to encircle the figures with details to overload, which are easily recognizable to those skilled in the art familiar with the present description.

DETAILED DESCRIPTION

For the purposes of promoting an understanding of the invention, reference will now be made to the embodiment illustrated in the figures and specific language will be used to describe the same. It should be understood, however, that no limitation on the scope of the invention is intended, and such alterations and further modifications to the illustrated system and such further applications of the principles of the invention set forth therein are contemplated as would occur to those skilled in the art invention would normally come to mind.

It will be understood by those skilled in the art that the foregoing general description and the following detailed description are exemplary and explanatory of the invention and are not intended to be limiting.

When this specification refers to "an aspect," "another aspect," or the like, it means that a particular feature, structure, or characteristic described in connection with the embodiment is present in at least one embodiment included in the present disclosure. Therefore, the phrases "in one embodiment," "in another embodiment," and similar phrases throughout this specification may or may not all refer to the same embodiment.

The terms "comprises," "including," or other variations thereof are intended to cover non-exclusive inclusion, such that a method or method that includes a list of steps includes not only those steps, but may also include other steps that are not expressly stated or pertaining to any such process or method. Likewise, any device or subsystem or element or structure or component preceded by "comprises...a" does not, without further limitation, exclude the existence of other devices or other subsystem or other element or other structure or other component or additional device or additional subsystems or additional elements or additional structures or additional components.

Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one skilled in the art to which this invention pertains. The system, methods, and examples provided herein are for purposes of illustration only and are not intended to be limiting.

Embodiments of the present disclosure are described in detail below with reference to the attached figures.

In 1 1 is a block diagram of a secured IoT communication system using effective blockchain technology, according to an embodiment of the present disclosure. The system 100 includes a terminal connection layer 102 consisting of a plurality of nodes 114, including sensors and actuator nodes, connected to a user end.

In one embodiment, a gateway clustering layer 104 consists of a plurality of blockchain IoT gateways connected to a registration entity 110 connected to the plurality of nodes 114 to register a user device and establish communication, wherein each of the nodes 114 is registered with the corresponding server 112 under the authority of its owner before being distributed in a communications network.

In one embodiment, a blockchain layer 106 is configured to reference the tamper-proof distributed scoring and caching architecture based on a chord technique that solves the issues of trust between nodes and the data transmitted between the IoT and the managed by multiple blockchain IoT gateways.

In one embodiment, an implementation layer 108 consists of a web and mobile application that enables a user device to remotely establish a secured network connection.

In another embodiment, the registration process is performed under secure and reliable conditions, and the server 112 randomly selects the private and public keys.

In another embodiment, the server 112 is configured to collect numerous challenge-response pairs (CRPs) from the multiple nodes 114 and store them in a database 116 , thereby distributing the public key to the multiple nodes 114 .

In another embodiment, the registration process includes at least one node 114 of the plurality of nodes 114 to send a registration request, the at least one node obtaining a public key from the server 112 and storing the key.

In one embodiment, a server 112 is coupled to the at least one node to generate and send a random challenge to the at least one node, where upon receipt of the challenge, the at least one node receives an AUU response and the node then receives a set of parameters sends. The database 116 to receive the parameters, the CRP repository requires large storage resources, while the system has more CRP candidates and it is crucial for the attackers to find the authentic CRP.

In another embodiment, the set of parameters is selected from the node's eccentric serial number, the challenge, and the adaptive non-displayable utility for the server 112 .

In another embodiment, the at least one node transmits the communication request with the individual serial number and the current time stamp to the server 112 in order to start the registration.

In another embodiment, the IoT blockchain gateways have a full backup of all block data, where the blockchain gateway is responsible for clustering end-node data in its broadcast domain and caches the data on the blockchain, where the functional blocks are node registration, identity attestation, data decoding, data ownership verification and data upload block.

In another embodiment, the blockchain gateway is implemented in a control unit using a LoRa and Wi-Fi connection, where the blockchain gateway is configured to check the uniqueness of the node that decodes data, multiple data into one large message packet, signs the message packet with the node's owner identity, and transfers the message packet to the blockchain.

In another embodiment, when the request has arrived at the server 112, the server 112 establishes a session, first decodes the message with SK and the server 112 analyzes the serial number (SN1) and CTS from the message and then searches in the CRP database 116 for items whose key is equal to SN1, the server 112 then searches CTS related to SN1 only if the result is not equal to zero, the presence of CTS indicating that the similar timestamp was used in the previous session , so the request should be considered a replay attack and rejected.

In another embodiment, the AUU technique allows the authorized users to access the cloud environment and detects the various DoS attacks.

2 1 shows a blockchain-based IoT framework in accordance with an embodiment of the present disclosure. The blockchain-based IoT system framework can be divided into four layers, such as: B. the terminal connection layer 102, the gateway clustering layer 104, the blockchain layer 106 and the implementation layer 108, as in 2 explained.

The sensors and actuator nodes reside in the terminal link layer 102 . The gateway clustering layer 104 includes a variety of blockchain IoT gateways. From the blockchain perspective, the gateway is a full node that contains a full backup of all block data. The blockchain layer 106 references the tamper-proof distributed scoring and caching architecture based on the chord technique, which solves the problem of trust between nodes and data transmitted between the IoT. The implementation layer 108 includes the web and mobile application. The system highlights the crucial blockchain gateway and AUU components in connection nodes.

The blockchain gateway is responsible for bundling the data of the end node in its broadcast area and storing the data in the blockchain. The functional blocks include node registration, identity attestation, data decoding, data ownership validation and the data upload block.

Due to the large number of IoT terminal nodes with many com communication modes such as wired Ethernet, mobile Wi-Fi, LoRa and narrowband IoT.

The blockchain gateway is implemented in the Raspberry Pi using LoRa and Wi-Fi connections. It is connected to the IoT terminal nodes via the LoRa connection. It also verifies the uniqueness of the node, decodes the data, groups multiple data into one large message packet, signs the message packet with the identity of the node owner, and transmits the message packet to the blockchain.

• - Maxim's Max32520, eine AUU-Funktion, wird in der Phase des Geräteentwurfs als sicherer Mikrocontroller ausgewählt.
• - DS28E38 kann ein AUU-Chip als Identitäts-Coprozessor gewählt werden, um die Zuverlässigkeit des Geräts während des Entwurfsprozesses der Schaltung zu erhöhen.
• - Es gibt eine große Anzahl von Geräten, die keine AUU-Funktion haben. Für diese Geräte können General Purpose Input/Output (GPIO) und Analog-Digital-Wandler (ADC) der Micro Control Unit (MCU) verwendet werden, um AUU zu simulieren.

The unquestionable identity of the IoT terminal nodes can be created by AUU, but AUU is not present on all nodes. Currently, only a subset of microcontrollers have AUU blocks. The following procedure is used to implement AUU-based identity:

• - Maxim's Max32520, an AUU feature, is selected at the device design stage as a secure microcontroller.
• - DS28E38, an AUU chip can be chosen as the identity co-processor to increase the reliability of the device during the circuit design process.
• - There are a large number of devices that do not have an AUU function. For these devices, general purpose input/output (GPIO) and micro control unit (MCU) analog-to-digital converters (ADC) can be used to simulate AUU.

AUU-based identity management protocol:

The logs discussed above include the device registration log and the device attestation log. The certification and key exchange protocol is permissive and enhanced by incorporating an initial cipher to benefit from high security, benefitting communication between server and node. The server 112 indicated in the following protocol presentation can be considered as the blockchain gateway in the system architecture. Elliptic curve cryptography (ECC) with the six tuple parameters (p,a,b,G,n,h) over the measurable range Fq is applied, where G is the base point. In the preferred protocol we call H the hash function, the character 11 stands for the concatenation of two messages, the symbol ⊕ for the full -or operation. The summation or repetition in the log refers to the point arithmetic of the elliptic curve.

Registration:

1. 1) Die Registrierung beginnt, wenn der Knoten eine Registrierungsanfrage sendet.
2. 2) Der Knoten empfängt Ps vom Server 112 und speichert den Schlüssel. Der Server 112 erstellt eine zufällige Challenge C und sendet sie an den Knoten.
3. 3) Nach Erhalt der Herausforderung C erhält der Knoten die AUU-Antwort R= AUU(C). Dann sendet der Knoten (SN, C, R) an den Server 112, wobei SN die exzentrische Seriennummer des Knotens darstellt.
4. 4) Der Server 112 trägt den Parameter <SN, C, R> in die Datenbank 116 ein.
5. 5) Wiederholen Sie die Schritte 2 bis 4 k-mal, wobei k durch das System bestimmt wird, das auf dem Speicherbereich und dem anspruchsvollen Sicherheitsniveau basiert. Wenn k auf eine größere Zahl abgebildet wird, erfordert der CRP-Speicher riesige Speicherressourcen, während das System mehr CRP-Kandidaten hat, und es ist auch für die Angreifer entscheidend, die authentischen CRP aufzuspüren.

The model must have several communication nodes. Each of these nodes must register with the corresponding server 112 under the authority of its owner before distribution in the communication network. The registration procedure should be carried out under safe and reliable conditions. The server 112 selects the private and public keys at random. It uses ds∈Fq as its private key and Ps=dsG as its public key. During the registration phase, the server 112 collects numerous challenge-response pairs (CRP) from the device, stores them in the database 116 and distributes the public key Ps to the device. This is done in a sequence of steps outlined below:

1. 1) Registration begins when the node sends a registration request.
2. 2) The node receives Ps from server 112 and stores the key. The server 112 creates a random challenge C and sends it to the node.
3. 3) After receiving the challenge C, the node receives the AUU response R= AUU(C). Then the node sends (SN,C,R) to the server 112, where SN represents the eccentric serial number of the node.
4. 4) The server 112 enters the parameter <SN, C, R> into the database 116.
5. 5) Repeat steps 2 to 4 k times where k is determined by the system based on storage area and demanding security level. When k is mapped to a larger number, the CRP memory requires huge memory resources while the system has more CRP candidates, and it is also crucial for the attackers to track down the authentic CRP.

Certification and key generation:

(a) To start the certification phase, Node1 transmits the communication request to the server 112 with the individual serial number SN1 and the current time stamp CTS encrypted with Es: $$X_2^{\text{'}}=X_2\oplus H\left(R\Vert CTS\Vert S{N}_1\right)$$

In addition, a hash value must be included to confirm the consistency of the message. The rate for Node1 is rated as below: $$\mathrm{<figure-callout\; id="1"\; label="H"\; filenames="DE202022104486U1\_0007.png"\; state="\{\{state\}\}">H</figure-callout>}1=H\left(\mathrm{<figure-callout\; id="1"\; label="X"\; filenames="DE202022104486U1\_0007.png"\; state="\{\{state\}\}">X</figure-callout>}1\Vert X2\Vert CTS\right)$$

The message X1, X', H1 is transmitted to Node1. The parameters SN1, R1, R2, TS are sent to the server 112 for further use.

(c) Node1 tries to parse the message once the message is received. The message consists of the parameters X1,X',H1 with the required size.

Then node1 evaluates R1 for X1 with AUU dipping into the node. X2 can be evaluated as follows: $$X_2=X_2^{\text{'}}\oplus H\left(R\Vert CTS\Vert S{N}_1\right)$$

H1 can be verified with X1 and X2. If h(X1||X2||CTS)=H1 is false, this could be a reason that the message could be copied by the attacker. If the result is true, node1 extracts R2 and arbitrarily chooses p1∈Fq to evaluate P1=p1G. Then it evaluates H2=h(R1||R2||CTS||P1). The message (H2, P1) is transmitted to the server 112 and R1, R2 are also stored in the session.

(d) If the message contains (H2, P1) of the expected length, the server 112 directly asserts H2 to establish node1's identity. If this is not the case, the node appears as an unauthorized participant. Therefore, the transmission will be disturbed. Otherwise, the server 112 stores P1 and applies it to encrypt the transmission with the cipher T: $$T={\mathrm{i.e}}_s\times {\mathrm{<figure-callout\; id="1"\; label="P"\; filenames="DE202022104486U1\_0007.png"\; state="\{\{state\}\}">P</figure-callout>}}_1=\left(x_k,y_k\right)$$

Here T is the shared key with the node and xk , yk are used to encrypt the communication.

(e) In the node phase, the distributed key is also computed as follows: $$T={\mathrm{i.e}}_1\times {\mathrm{<figure-callout\; id="1"\; label="P"\; filenames="DE202022104486U1\_0007.png"\; state="\{\{state\}\}">P</figure-callout>}}_1=\left(x_k,y_k\right)$$

Therefore, the messages lying between the node and the server 112 are encrypted with the key xk, yk.

The Hyperledger Fabric was used to build a blockchain network. The blockchain genesis block and the initial network with four nodes are built on the cloud server 112 with 2 CPU cores, 8 GB RAM, 40 GB high-performance cloud disk and 5 Mbit/s network bandwidth. The proposed architecture is built on a Raspberry Pi 4b with 8GB RAM and 32GB TF card connected to the blockchain via Wi-Fi using the Inside Fabric Client module. The AUU capable terminal node with DS28E38 is designed as AUU authenticator and STM32L5RBT6 as processor.

The effectiveness of the system was determined using two key metrics such as detection accuracy and average end-to-end delay. The detection accuracy indicates what percentage of the proposed methods accurately detect the different attacks. The AUU technique allows the authorized users to access the cloud environment. With the help of the proposed model, the various DoS attacks are also detected. In contrast, the traditional IoT communication models have not been able to ensure the secure communication in data transmission. Also, they failed to detect the DoS attacks, resulting in lower detection accuracy than the proposed model.

3 Figure 1 shows a calculation of the average end-to-end delay in accordance with an embodiment of the present disclosure. From the figure, it can be seen that the system achieves less delay compared to the traditional IoT communication models. This is due to the implementation of the AUU technique in the proposed model. The AUU technology enables quick access to various IoT users. It paves the way to less delay in the network. Alternatively, the traditional IoT communication models do not provide secure communication and privacy for the data being transmitted. This causes a higher delay than the proposed model.

In another embodiment, it is noted that the developed system proposes an IoT system architecture based on the blockchain as the assessment infrastructure, using AUU as the identity module for nodes. The proposed blockchain gateway would help improve the registration and certification protocol. This will be done by incorporating the initial encryption strategy. Finally, it was also noted that the proposed system is more important in the certification phase and is very secure by eliminating various DoS attacks. The results prove that the system compares well to the existing IoT model.

The figures and the preceding description give examples of embodiments. Those skilled in the art will understand that one or more of the elements described may well be combined into a single functional element. Alternatively, certain elements can be broken down into multiple functional elements. Elements from one embodiment may be added to another embodiment. For example, the order of the processes described herein may be changed and is not limited to the manner described herein. Additionally, the actions of a flowchart need not be performed in the order shown; Also, not all actions have to be carried out. Also, the actions that are not dependent on other actions can be performed in parallel with the other actions. The scope of the embodiments is in no way limited by these specific examples. Numerous variations are possible, regardless of whether they are explicitly mentioned in the description or not, e.g. B. Differences in structure, dimensions and use of materials. The scope of the embodiments is at least as broad as indicated in the following claims.

Advantages, other benefits, and solutions to problems have been described above with respect to particular embodiments. However, the benefits, advantages, problem solutions, and components that can cause an advantage, benefit, or solution to occur or become more pronounced are not to be construed as a critical, required, or essential feature or component of any or all claims.

Reference List

100

A secure Iot communication system with effective blockchain technology.

102

terminal connection layer

104

Gateway clustering layer

106

blockchain layer

108

implementation layer

110

registration unit

112

server

114

node

116

Database

202

application layer

204

Mobile application

206

Distributed Ledger

208

gateway layer

210

edge layer

212

terminal node layer

Claims (10)

A secured IoT communication system using blockchain technology, the system includes: an end link layer consisting of a plurality of nodes including sensors and actuator nodes connected to a user end; a gateway clustering layer consisting of a plurality of blockchain IoT gateways coupled to a registration unit connected to the plurality of nodes to register a user device and establish communication, each of the nodes at registered with the corresponding server under the authority of its owner before being distributed on a communications network; a blockchain layer configured to point to the tamper-proof distributed scoring and caching architecture based on a chord technique that solves the issues of trust between nodes and data transmitted between the IoT and the multiple blockchains -IoT gateways managed; and an implementation layer consisting of a web application and a mobile application that enables a user device to remotely establish a secure network connection. system after claim 1 , whereby the registration procedure is carried out under secure and reliable conditions and the server chooses the private and public keys arbitrarily. system after claim 1 wherein the server is configured to collect and store in a database numerous challenge-response pairs (CRPs) from the plurality of nodes, thereby distributing the public key to the plurality of nodes. The system after claim 1 wherein the registration process comprises: at least one node of the plurality of nodes to send a registration request, the at least one node obtaining a public key from the server and storing the key; a server to generate a random challenge and send it to the at least one node, the at least one node detecting an AUU response after receiving the challenge and the node then sending a set of parameters; and the database to get the parameter, the CRP memory requires huge memory resources, while the system needs more CRP kan didaten, and it is crucial for the attackers to track down the authentic CRP. system after claim 4 , where the set of parameters is chosen from the eccentric serial number of the node, the challenge, and the adaptive non-announceable utility for the server. system after claim 4 , wherein the at least one node transmits the communication request with the individual serial number and the current time stamp to the server in order to start the registration. system after claim 1 , where the IoT blockchain gateways maintain a full backup of all block data, where the blockchain gateway is responsible for clustering end-node data in its broadcast domain and caches the data on the blockchain, where the functional blocks are node registration, identity attestation, data decoding, data ownership validation, and data upload block include. system after claim 1 , where the blockchain gateway is implemented in a control unit using a LoRa and Wi-Fi connection, where the blockchain gateway is configured to check the uniqueness of the node, which decodes data, multiple data into a wide message packet combines, signs the message packet with the node's owner identity, and transfers the message packet to the blockchain. The system after claim 1 , where when the request arrives at the server, it establishes a session, first decodes the message with SK and the server parses the serial number (SN1) and CTS from the message and then looks for items with the key equal to SN1 in the CRP database , where the server then looks for CTS relative to SN1 only if the result is non-zero, where the presence of CTS indicates that the similar timestamp was used in the previous session, so the request should be considered a replay attack and rejected . system after claim 1 , where the AUU technique allows the authorized users to access the cloud environment and detects the various DoS attacks.

Images