Home

Irish Singh did her Ph.D. in Software Engineering in the Department of Computer Science and Engineering, Graduate School of Computer Engineering, Ajou University, Suwon, South Korea under the supervision of Prof. Seok-Won Lee. Her research topic is Self-Adaptive Security for Blockchain-Based Cloud Platform. She did her Masters (M.Tech.) in Computer Engineering from Birla Institute of Technology, Ranchi, India in June 2015.

Publications

1. Irish Singh, Seok-Won Lee, “SRE_BBC: A Self-adaptive Security Enabled Requirements Engineering Approach for SLA Smart Contracts in Blockchain-Based Cloud Systems." Sensors, 22(10), 3903, 2022.

2. Irish Singh, Seok-Won Lee, “Self-Adaptive Security for SLA Based Smart Contract,” in 2021 IEEE 29th International Requirements Engineering Conference Workshops (REW). IEEE, 2021.

3. Book Editor: Seok-Won Lee, Irish Singh, Masoud Mohammadian, "Blockchain Technology for IoT Applications," in Springer Nature, ISBN: 978-981-334-122-7, Singapore, 2020.

4. Irish Singh, Seok -Won Lee, "RE_BBC: Requirements Engineering in a Blockchain-Based Cloud: Its Role in Service-Level Agreement Specification," in IEEE Software, vol. 37, no. 5, pp. 7-12, Sept.-Oct. 2020.

5. Irish Singh, Seok-Won Lee, "Self- adaptive and Secure Mechanism for IoT Based Multimedia Services: A Survey," in Multimedia Tools and Applications, pp. 1-36, Springer, 2020.

6. Irish Singh, Seok -Won Lee, "Requirement Engineering and Its Role in a Blockchain Enabled Internet of Things," Book series: Blockchain Technologies, pp. 1 ~16, Springer Nature, DOI: 10.1007/978-981-33-4122-7_1, Singapore, 2020.

7. Irish Singh, Seok-Won Lee, “Comparative Requirements Analysis for the feasibility of Blockchain for Secure Cloud,” in 4th Asia Pacific RE Symposium (APRES 2017), Melaka, Malaysia, 9-10 November 2017.

8. Irish Singh, Seok-Won Lee, “Self-Adaptive Requirements for Intelligent Transportation System: A Case Study,” in 8th International Conference on ICT Convergence (ICTC 2017), Jeju Island, Korea, 18-20 October 2017.

9. Irish Singh, Kamta Nath Mishra, Alberti Antonio M. Jara Antonio, Singh Dhananjay, "A Novel Privacy and Security Framework for the Cloud Network Services", The 17th IEEE International Conference on Advanced Communication Technology (ICACT2015), pp. 363 - 367, Phonix Park, South Korea, 1-3 July 2015.

10. Dhananjay Singh, Madhusudan Singh, Irish Singh, Hoon-Jae Lee," Secure and Reliable Cloud Networks for Smart Transportation Services," The 17th IEEE International Conference on Advanced Communication Technology (ICACT2015), pp. 358 - 362, Phonix Park, South Korea, 1-3 July 2015.

Ph. D. in Software Engineering, (Sept. 2015 - Aug. 2022)

Department of Computer Science and Engineering,

Ajou University, Suwon, South Korea

Thesis Title: Self-Adaptive Security Requirements Engineering for Blockchain-Based Cloud Platform

Supervisor: Prof. Seok-Won Lee

Abstract: Several security vulnerabilities have been reported in the current state of blockchain-based cloud systems. One of these is the lack of a standard design process for developing secure smart contracts (SC). Also, the security mechanisms in the system are not designed to continuously evolve to address evolving adversary attacks. These issues prevent the BBC from taking effective decisions when faced with an attack.

The goal of this study is to build a self-adaptive security framework that will allow the BBC to take effective decisions when faced with evolving adversary attacks. This framework is built on the principles of the software development lifecycle, which is designed to model secure SC. The system uses the multi-model adaptation loop to make decisions based on the threat models and the service level agreement, which are used to identify and mitigate threats.

Through the validation of the proposed methodology, we were able to demonstrate the validity of the research questions and the hypothesis. We then compare the proposed approach with the security quality requirements engineering approach known as SQUARE. The results of the study revealed that the proposed approach performed better than the SQUARE approach in terms of various parameters such as the quality of artifacts, the time it took to respond to security threats, and the complexity of the system. The proposed methodology can be used by SC security developers to quickly develop and implement secure contracts. They can also take advantage of the flexibility of the framework to adapt it to their needs.

The key contribution of this study are as follows:

• Comparatively Analyze the feasibility of Blockchain for secure cloud

• Propose a Blockchain based cloud (BBC) framework to enhance the security and trust of the data stored in the Cloud, make SLA transparent and open to all users, and maintain the confidentiality and integrity of the data

• Propose RE_BBC: Requirements Engineering process for Service Level Agreements (SLA) in BBC, where we used RE modelling to build SC to perform actions of third-party providers in the cloud, such as to develop SLA and to provision SLA for services and security functionalities to the users.

• The proposed SRE_BBC Process is a self-adaptive security approach to address the security vulnerabilities in the BBC's Smart Contracts using a combination of threat model, goal model, and MAPE-BBC process. This approach can be used to provide secure implementations of the contracts based on the Service Level Agreement (SLA).

• To provide a secure and resilient framework, we need to develop formalisms that are designed to provide a self-adaptive approach to contract language. So, we propose the Adaptive Secure Business Contract Language (AS_BCL) and Adaptive Secure Formal Contract Language (AS_FCL).

• We statistically prove the research questions and hypotheses using the t-test and Mann–Whitney U test.

• The proposed SRE_BBC approach is compared with the state-of-the-art Security Quality Requirements Engineering approach (SQUARE) method to evaluate various parameters such as quality of artifacts and self-adaptive security evaluation quality, efficiency, complexity, and usability based on statistical tests.

• We applied our proposed approach to three case studies, including Healthcare Data Management Blockchain-Based Cloud (HDM_BBC) case study, Banking Blockchain-Based Cloud (B_BBC), and Intelligent Transportation system Blockchain-Based Cloud (ITS_BBC).

• Six subject matter experts from the software engineering field are involved in this study to validate our research study. They have extensive experience in analyzing security concepts such as blockchain, cloud computing, and SC.

The proposed approach SRE_BBC is novel and necessary because as of now, there is no design standard that follows RE principles to model secure smart contracts for the BBC system. As a result, the development quality is not assured, and several security issues, and privacy leakage plague the development of smart contracts for BBC applications. The SRE-_BBC process responds to the many of these challenges of the BBC and determines a novel direction to provide secure and quality development of blockchain-based applications. The SRE_BBC process aims to reach a complete understanding of the problems in BBC systems and to have a quality set of security requirements for a meaningful SLA process that is sufficient for building secure BBC systems and is satisfied by customers.

Smart contract development has a lot of potential as the Smart contract market size is to reach USD 345.4 million by 2026 from USD 106.7 Million in 2019 at a Compound Annual Growth Rate of 18.1% and there is increasing adoption of more than 50 industries that smart contract development could transform. Some of them are banking, healthcare, government, management, supply chain, automobile, real estate, insurance, etc. Our SRE_BBC process can provide secure and quality development services to the above industries.

Keywords: security; attacks; vulnerabilities; goal model; threat model; self-adaptation; Service Level Agreement; smart contract; blockchain; cloud; healthcare; banking; intelligent transportation system.

M. Tech. in Computer Engineering (July, 2013 - June, 2015)

Department of Computer Science and Engineering,

Birla Institute of Technology, Ranchi, India.

Thesis Title: SecC: AUTHENTICATION AND ACCESS CONTROL MECHANISM FOR SECURE CLOUD NETWORKS AND SERVICES

Supervisor: Dr. Kamta Nath Mishra

Abstract: Nowadays cloud computing is gaining more and more popularity for its vast characteristics which is divided into its common characteristics and essential characteristics. The common characteristics are massive scale, homogeneity, virtualization, low cost software, resilient computing, geographic computation, service orientation and advanced security. The essential characteristics are on demand self-service, broad network access, resource pooling, rapid elasticity and measured service. Cloud Computing is the internet based computing where the application software, infrastructure and platform are available in the cloud and the end users (businessman, developers) can access it through, as a client. Cloud is a step on from Utility Computing. Owing to increase in use of these services by companies, several security issues have emerged and this challenges cloud computing system to secure, protect and process the data which is the property of user. Therefore to prevent the security threats we must develop authenticated protocols. In this thesis we are investigating and doing critical analysis of CCMP (Counter with Cipher Block Message Authentication Code Protocol) which we have used in the Secure Cloud mechanism (SecC) for cloud data management in-order to improve the security issues in cloud networking. CCMP is a two cycle Authenticated Encryption (AE) mode. One cycle is used to perform confidentiality computations, and the second cycle is used to compute authenticity and integrity. Both cycles use the same encryption key. As we already know that CCM/CCMP is an amalgamation of two modes, the AES Counter Mode and the Cipher Block Chain MAC (CBC-MAC) mode. The Counter mode is used to perform encryption to guarantee data confidentiality. CBC-MAC is used to achieve da ta authenticity and integrity.

Bachelor of Technology (B.Tech.) (July 2007 - June 2011)

Dr. A.P.J. Abdul Kalam Technical University, Lucknow, India.

Academic Awards & Grants

Sep 2015- Mar. 2019 Scholarship: Graduate scholarship, from Ajou University, (Sep. 2015 ~ till date), Suwon, Korea.

July 2015 Awarded Master of Technology (Computer Science) degree with First class Honors and CGPA of 8.44 in a 10.00-Point Scale.

April 2015 Best Intern candidate in the project of Cloud Based Network Services at Trimax IT Infrastructure and Services Ltd. Mumbai, India.

June 2014 Excellence Software Development and Implementation award, RESENSE Research Lab., Hankuk University of Foreign Studies, Yongin, South Korea Jun 2010 IBM Excellence Award and Certification of Appreciation for “Great Mind Challenge 2009”.

June 2010 My Project “Online National Polling” was selected as the top 200 projects submitted in India under The Great Mind Challenge (IBM Initiative) 2009.

July 2010 Awarded Certificate of Merit for .NET training and project entitled “City Finance System “from Hewlett Packard (HP), India.

July 2009 Awarded Java Certificate of Merit for J2EE training and project entitled “Stock Trading System “from Hewlett Packard (HP).

Oct. 2009 IBM Certified Database Associate for DB2 9 Fundamentals.

Research Interest

Software Engineering

- Requirements Engineering

- Self-adaptive security

- System Design

Cloud Computing

Blockchain Technology

- Smart Contracts

Networking

- Vehicular Networks

- Internet of Things

- Software Defined Networks (SDN)

Information Security

- Cryptography

- Network Security

- Information Security

- Automotive Cyber Security

https://sciprofiles.com/profile/2169451