Conference PaperPDF Available

IOT Security Issues Via Blockchain: A Review Paper

Authors:

Abstract and Figures

In the past few years block chain has gained lot of popularity because blockchain is the core technology of bitcoin. Its utilization cases are growing in number of fields such as security of Internet of Things (IoT), banking sector, industries and medical centres. Moreover, IoT has expanded its acceptance because of its deployment in smart homes and city developments round the world. Unfortunately, IoT network devices operate on limited computing power with low storage capacity and network bandwidth. Thus, they are extra close to attacks than other end-point devices such as cell phones, tablets, or PCs. This paper focus on addressing significant security issues of IoT and maps IoT security issues in contradiction of existing solutions found in the literature. Moreover issues that are not solved after implementation of blockchain are highlighted.
Content may be subject to copyright.
IOT Security Issues Via Blockchain: A Review Paper
Abid Sultan
Department of CS & IT
University of Sargodha, Sub-
Campus Bhakkar, Pakistan
+92-453-220072
Abidsultan006@gmail.com
Muhammad Azhar Mushtaq
Department of CS & IT
University of Sargodha, Sub-
Campus Bhakkar, Pakistan
+92-453-220072
Azhar.mushtaq@uos.edu.pk
Muhammad Abubakar
Department of CS & IT
University of Sargodha, Sub-
Campus Bhakkar, Pakistan
+92-453-220072
Abubakar.shibly@gmail.com
ABSTRACT
In the past few years block chain has gained lot of popularity
because blockchain is the core technology of bitcoin. Its
utilization cases are growing in number of fields such as security
of Internet of Things (IoT), banking sector, industries and
medical centres. Moreover, IoT has expanded its acceptance
because of its deployment in smart homes and city developments
round the world. Unfortunately, IoT network devices operate on
limited computing power with low storage capacity and network
bandwidth. Thus, they are extra close to attacks than other end-
point devices such as cell phones, tablets, or PCs. This paper
focus on addressing significant security issues of IoT and maps
IoT security issues in contradiction of existing solutions found in
the literature. Moreover issues that are not solved after
implementation of blockchain are highlighted.
CCS Concepts
Computer systems organization Embedded and cyber-
physical systems Embedded systems.
Networks Network properties Network reliability
Keywords
Blockchain, IoT, Network Security, Data security, LLNs &POW
1. INTRODUCTION
In today’s era, technologies have revolutionized the living
standard of our society. This is often because of innovation in
communication and semiconductor technologies, which permit
devices to be connected over a network and alter the way of
connectivity between machines and humans. Such a trend is
usually noted as Internet-of-Things (IoT) [15].
With the fast rise of brilliant devices and high-speed networks,
the IoT has gained wide acceptance and fame because it uses the
standard called low-power lossy networks (LLNs). These LLNs
have the potential to use the limited resource by consuming very
low power [1] [2]. The devices in IoT may be controlled
remotely to perform the specified function. The data sharing
among the devices takes place through the network that uses the
standard protocols of communication. The well-connected
devices or “things” vary from easy wearable accessories to huge
machines which contain detector (Sensor) chips [14].
However, as it becomes popular the connectivity between
devices is increasing, and also the computing infrastructure can
become additionally complicated. This complication can give a
rise to vulnerabilities for the cyber-attacks. In IoT, the physical
devices are placed in unsecured environments which could be
defenceless from hackers thus giving them the opportunity to
alter the information that transmits over the network. Therefore,
device authorizations and information root would be a vital issue.
In last few years blockchain has begun as the technology that
have many characteristics to solve different issues faced by IoT
network devices. Blockchain keeps a distributed database of
records. In which proof of work between the network nodes is
completely deprived of a
third party. This will help in solving the problem of single point
of failure. Network transaction records are immutable and can be
founded via the history of IoT network which finally helps to get
the attraction by trust of public in the IoT network. This Public
trust have a vital role for the public financial transactions,
introductory for a new world of distributing economy in the
Internet of Things domain [8] [14] [3] [18].
The blockchain is sequences of blocks that hold all transaction
record occuring in a blockchain network. As described in
figure.1 each block contains block header and block body/
transaction counter. Block header contains the following;
1. Block version which indicates the software version
and validation rules.
2. Merkle Tree root hash represents the hash value of
the transaction and summary of all transaction.
3. Timestamp consists of current universal time since
January 1970.
4. N-Bits define the number of bits required for
transaction verification.
5. Nonce is any 4-byte number which starts from 0 and
increases for every hash of the transaction.
6. Parent block hash holds the hash value which
indicates the previous block.
Transaction counter is capable of covering all the transaction and
a maximum number of the transaction depends upon the block
size [12].
Blockchain technology referred as a public ledger and all
completed transactions are recorded in a list of blocks. This
chain of blocks grows as new blocks are added to chain
continuously. Public key cryptography and distributed consensus
algorithms implemented for user security. The blockchain
technology has key characteristics of decentralization,
persistency, anonymity, and auditability. With these
characteristics, blockchain can save the cost and increases the
effectiveness [12].
This paper is ordered as follows. Section 2 covers the
Blockchain properties where as section 3 highlights its
characteristics. Different security necessities and issues are
Permission to make digital or hard copies of all or part of this work for
personal or classroom use is granted without fee provided that copies are
not made or distributed for profit or commercial advantage and that
copies bear this notice and the full citation on the first page. Copyrights
for components of this work owned by others than ACM must be
honored. Abstracting with credit is permitted. To copy otherwise, or
republish, to post on servers or to redistribute to lists, requires prior
specific permission and/or a fee. Request permissions from
Permissions@acm.org.
ICBCT 2019, March 1518, 2019, Honolulu, HI, USA
© 2019 Association for Computing Machinery.
ACM ISBN 978-1-4503-6268-9/19/03…$15.00
DOI: https://doi.org/10.1145/3320154.3320163
60
covered in section 4 and section 5 provides the solution of
security issues using blockchain. Section 6 describes the
problems that are not solved by blockchain. Finally in Section 7
conclusion and future work is presented.
Figure 1. Block Architecture [12].
2. BLOCKCHAIN PROPERTIES
2.1. Blockchain Working Steps
1. Nodes communicate with the blockchain network via a
combination of private & public keys. Theuserusesitsown
private key to digitally sign its own transactions and then can
access the network via the public key. Each signed transaction is
broadcast by a node that makes the transaction [3].
2. The transaction is then verified by all nodes within the
blockchain network except the node that makes the transaction.
During this step, any invalid transactions are discarded. It’s
known as verification.
3. Mining is the third step in which every legitimate transaction
is collected by the network nodes during a fixed time into a
block and implements a proof-of-work to find a nonce for its
block. Once a node finds a nonce, it broadcasts the block to all
participating nodes [4].
4. Each node collects a newly generated block and confirms
whether the block contains (a) legal transactions and (b) declares
the accuracy of parent block by utilizing the hash value. After
the completion of confirmation, nodes will add the block to the
blockchain and apply the transactions to bring the blockchain
up-to-date. In case, if the block is not confirmed, the projected
block is rejected. This ends the existing mining round [3].
2.2. Verification
Blockchain technology ensures the elimination of the duplication
issues by taking assistance from asymmetric cryptography which
contains a public and a private key. The private key is kept
secret from other nodes whereas the public key is shared among
all other nodes [5]. Moreover, the transaction (step 1) is digitally
signed by a node that creates the transaction which is
broadcasted to the entire blockchain network. All receiving
nodes will verify the transactions by decrypting the signature
with a public key of the initializing node. The transaction is
verified by the verification of signature which indicates the
initializing node is not modified.
2.3. Proof-of-Work (POW)
The proof-of-work (figure 2) contains the process of finding a
value that is hashed with Secure Hash Algorithm 256. The
typical work needed is exponential within the variety of zero bits
needed and confirmed by running the hash algorithm. In an
exceeding blockchain network, all nodes implement the proof-
of-work for every mining process by increase a nonce value
within the block till a value is founded that offers the block’s
hash desired bits. Once the system unit effort has been spent to
satisfy the proof-of-work, the block can't be modified until not
redoing the work.
Blockchain feature distributed IoT information management can
provide users the choice of sharing the information with third
party entities. The target is to supply a distributed information
access model for IoT, that ensures that user-data isn't assigned to
centralized entities or corporations [4].
Figure 2. Proof of Work.
3. CHARACTERISTICS OF BLOCKCHAIN
3.1. Decentralization
In centralized transaction processing environment, each
transaction needs to be validated through the centralized trusted
party (e.g., banking system), that result into high-cost and low
performance at the central point. With respect to the centralized
IoT model, the third party is no longer needed in the blockchain.
Consensus algorithms in blockchain are used to maintain data
integrity and consistency [12].
3.2. Persistency
Once a transaction record is validated by a miner node (special
nodes that validate the transaction) in a blockchain network its
copy is broadcast on the entire network and that record is not
deleted or rollback from entire blockchain [12].
3.3. Anonymity
In Blockchain, nodes interact with the network using a public
key that addresses the node on the entire blockchain network by
keeping the real identities of the user as a secret [12].
3.4. Security
Blockchain uses the asymmetric cryptographic technique to
secure the entire network. Asymmetric or public key
cryptography contain 2 keys one public key and second private
key. The public key is used by the node to address the
blockchain network and the private key is used by the node to
sign the transaction that it initiates. The identity of transaction
creator node is verified by using its public key.
3.5. Scalability or More Addressing Space
AS scalability is concerned blockchain contains 160-bit address
space as compared to 128 bit in IPv6. These 160-bits are
generated by ECDSA (Elliptic Curve Digital Signature
Algorithm). Blockchain has 4.3 billion more Addresses over
IPv6 [8].
61
3.6. Resilient Backend
Every distributed node within the blockchain IOT network
maintains a replica of the whole ledger. This helps in
safeguarding the network form any potential failures and attacks
[10].
3.7. High Efficiency
Since the transaction removes the involvement of the third party
and may proceed in low-trust condition, the time spent to verify
a transaction will be decreed whereas the efficiency will be
increased [11].
3.8. Transparency
Changes made to public blockchain network are publicly
viewable by all participants in the network. Moreover, all
transactions are immutable, meaning they cannot be altered or
deleted [9].
3.9. Smart Contract
The smart contract is one of the most efficient aspects of the
Ethereum introduced by Nick Szabo in 1994 [7]. Using smart
contract programs are written in which access rights and
different policies are defined. Many programming languages are
supported by Ethereum to write smart contracts such as Solidity
[13].
4. SECURITY NECESSITIES FOR IOT
OR ISSUES
4.1. Data Privacy
Because of a diversified integration of services and network, the
data recorded on a device is vulnerable to attack by
compromising nodes existing in associate IoT network.
Moreover, an attacker can access the data without owner
permission [14].
4.2. Data Integrity
In a centralized client-server model, the attacker may gain
unauthorized access to the network and change the original data
or information and forward it. For example, X sends data to Y,
Z the middle guy might get data first and forward the data after
modification [14].
4.3. Third Party
Data collected in a centralized environment is stored and
controlled by a third centralized entity that may miss use this
data or provide it to someone else.
4.4. Trusted Data Origin
In IoT environment, it is difficult to know the origin of data and
data might be altered during the transmission by anyone.
4.5. Access Control
Access control is one off the main issue in IoT network. It is
difficult to define in IoT network that which node has the right
to access and perform a different function with data.
4.6. Single Points of Failure
Continuous growth of centralized networks for the IoT based
infrastructure could expose single-points-of-failure. As all data
of the entire network is stored and verified by a central authority
in the case, if the central point fails or goes down the whole
network is disturbed [14].
4.7. Scalability
IoT connects a large number of sensors and other devices for
information sharing and a large number of applications via the
internet. It challenges the structure and the rapid growth of the
system to meet scalability.
4.8 Illegal use of Personal Data.
IoT device are basically sensors and implanted chips that gather
individual, important information and convey it through the
internet. The gathered information is stored in a central database
of any firm. This data exposes the personal performance of users;
confidentiality of users is at risk as firms might use the data
illegally [16] [6]. An example of such confidentiality misuse is
PRISM Surveillance program.
4.9 IOT Network Information Sharing.
The information gathered by IoT network devices are recorded
distinctly for the purpose of analysis. Information sets may
contain IoT devices network data load or their functioning logs.
To confirm the efficiency of tools and tests, open accessibility of
information plays a vital role. So, every time these information
sets are openly shared their integrity is significant.
5. BLOCKCHAIN SOLUTIONS FOR IOT
5.1. Data Integrity
The blockchain is a peer-to-peer network in which all nodes
have the same copy of records. When a transaction is initiated,
initiator node signs the transaction with its private key and sends
to other nodes for validation. All other miner nodes take part
invalidation process and try to find nonce. The node which finds
the nonce first has the right to validate and get a reward.
Moreover, the newly created block will be broadcasted to all
other nodes of the entire network. Once the record is loaded in
blockchain it cannot be modified or deleted [10].
5.2. Data Privacy
Consortium blockchain used to provide data privacy in a
blockchain network. As in figure.3,nodes used for a particular
purpose are combined together to form a private
network/sidechain. Each sidechain is responsible to manage its
own IoT data. Nodes that are participating in one sidechain are
not allowed to take part in the validation process of other
sidechains. In order to access the data of consortium blockchain
network the node first need to register and become part of that
sidechain network. Consortium blockchain has access control
and prevents unauthorized access [6].
Figure 3. Consortium Blockchain Network.
5.3. Addressing Space
Blockchain contains 160-bit address space as compaired to 128
bit in IPv6. These 160-bits are generated by ECDSA (Elliptic
Curve Digital Signature Algorithm). Blockchain has 4.3 billion
more addresses than IPv6 thus providing more addressing
spacing than IPV6 address [8].
62
5.4. Trusted Accountability.
Every operation record must be uploaded to the blockchain
network. This gives every operation an identity and each
operation is traceable. When an abnormal behaviour is detected
in an entity, blockchain will be used for an additional
investigation [10].
5.5. Fault Tolerance
Decentralized devices are less likely to fail accidentally because
they rely on many separate components. The blockchain is a
point to point decentralizing network, in it, every device has the
same copy of a record that’s why the failure of a single node has
no effect on the network. So, blockchain prevents from a single
point of failure.
5.6. Trusted Data Origin
In order to track data in the blockchain network, a unique id is
assigned to each IoT device. Data collected from a device is
associated with its id and after calculating a hash on data, the
data is submitted to the entire network. This becomes the basis
for trusted data origin [10].
5.7. Removing Third-Party Risks
Blockchain technology makes the devices capable of performing
operations without the intermediary or third party, thus making it
risk-free from a third party [4].
5.8. Access Control
By using smart contract, programs for blockchain can be
developed in which access rights and different policies are
defined. Example a rule is set when the meter reaches to 135
KW, devices will enter in energy saving mode [7].
5.9 Illegal Use of Personal Data.
Illegal use of personal data can be prohibited with the use of
blockchain. As Blockchain Peer to Peer (P2P) storing systems
can verify and record all actions accomplished on IoT network
data [16]. The aim is to deliver decentralized storage wherever
operators can have command over their data as an alternative of
any centralized intermediary authority. So the privacy is more
stretched to numerous levels [6] where ‘Consortium blockchain’
for IoTs is proposed.
5.10 IOT Network Information Sharing.
As the size of IOT network information sharing is increasing,
thus the fundamental storage cost will also increase. So
information sets are kept in distant origins and a centralized
server is preserved which will lonely kept the references to these
origins. Moreover Blockchain is used to keep RIM (Reference
Integrity Matrix) of information set. As the Blockchains have
Immutability feature, and accessibility of the RIM with all IoT
network devices in Blockchain, ensured the Integrity of RIM.
Every time an obligatory Information Set is taken from the
origin, its Integrity can be confirmed by comparing its RIM
being maintained on Blockchain [17].
In Table 1 characteristics of blockchain are highlighted through
which problems of IoT can be tackled.
6. BLOCKCHAIN IMPLEMENTATION
PROBLEMS.
Anonymity
Blockchain is a distributed network; anonymity is significant to
protect privacy. Appropriately, blockchain provides
pseudonymity means the users don’t have a real-world ID. The
users have a Public key which is used to achieve transactions on
this distributed network. Using this ID a user can be found via a
combination of these Ids and IP addresses related with them.
Moreover, when a user uses more than one Public key it can be
traced by checking whether the different addresses belong to the
same user. Solution to the Anonymity is a future work [16].
7. CONCLUSION
This paper aims to present the literature review on Blockchain
and Internet of Things and emphasised issues linked to an IoT
atmosphere. IoT is the next immerging technology with the rise
of high-speed network and intelligent network devices.
Unfortunately, IoT devices are more prone to attacks and unable
to protect themselves. In this paper, the different properties and
characteristics of the blockchain network are highlighted such
order to remove the issues in IoT. Moreover issues that are not
solved after implementation of blockchain are highlighted.
7.1 Future Work
We further aim to practically implement blockchain
properties on the internet of things for monitoring, error
discovery, and automatic fault correction in high critical
IoT systems. Moreover, simulation-based performance
assessment can be conduct to demonstrate the scalability
and effectiveness of the blockchain-based solutions.
Furthermore, as IoT devices are in openly reachable areas
and actually below the control of an opponent, a
blockchain based solution can be implemented that will
assure the safety and confidentiality of the information kept
in the devices. This will also address in decreasing the
option of the hardware and software of an IoT device
from being compromised if the device is accessible to
everyone.
63
Table.1 IoT issues and Blockchain characteristics that solve them
IOT
Issues
Blockchain Characteristics
Decartelization
Anonymity
Scalability
or More
Addressing
Space
Resilient
Backend
High
efficiency
Transparency
Smart
contract
Data
Privacy
Data
Integrity
Third party
Trusted
Data
Origin
Access
control
Single
Points of
Failure
Scalability
Illegal use
of Personal
Data
64
8. REFERENCES
[1] L. Atzori, A. Iera and G. Morabito (2010) ‘The Internet of
Things: a survey’, Computer Networks 54 27872805.
[2] D. Giusto, A. Iera, G. Morabito and L. Atzori (2014) ‘The
Internet of Things’, 20th Tyrrhenian Workshop on Digital
Communication, Springer Publishing Company,
Incorporated.
[3] K. Christidis and M. DevetsikIoTis, (2016) ‘Blockchains
and Smart Contracts for the Internet of Things,’ IEEE
Access, vol. 4, pp. 22922303.
[4] S.Nakamoto.(2008).’Bitcoin:A.PeertoPeer.electroniccashs
ystem,’https://bitcoin.org/bitcoin.pdf.
[5] M. Pilkington. (2016).’Blockchain technology: Principle
and applications,’ Research Handbook on Digital
Transformations.
[6] M.S. Ali, K. Dolui and F. Antonelli, (2017) ‘IoT data
privacy via blockchains and IPFS’ International
Conference on the Internet of Things (ACM, New York).
[7] M. Gord,(2016), Smart Contracts Described by Nick
Szabo 20 Years ago now becoming Reality, Bitcoin
Magazine.
[8] A. M. Antonopoulos, (2014). ‘Mastering Bitcoin. First
Edition’. O’Reilly Media,USA.
[9] T. Chollet, J. Castiaux, M.Bruneton and L.
Sainlez(2013),(2015),(2016),’Continuous interconnected
supply chain using blockchain and internet of things
supply chain traceability’ , deloitte blockchain.
[10] X.Liang, J.Zhao, S.Shetty and, D.Li, (2017) ,‘Towards
data assurance and resilience in IoT using blockchain’,
Conference Paper.
[11] Yu Zhang and Jiangtao Wen (2015), ‘An IoT electric
business model based on the protocol of bitcoin’. ICIN.
IEEE, pp. 184191.
[12] Z. Zheng, S. Xie, H. Dai, X. Chen and H. Wang (2017),
An overviewof blockchain technology: Architecture,
consensus,and future trends.’,Big Data (Big DataCongress)
IEEE International.
[13] Seyoung Huh, Sangrae Cho and Soohyung Kim
(2017),’Managing IoT Devices using Blockchain
Platform’, ICACT2017 February 19 ~ 22.
[14] M.A. Khan and K. Salah (2017) ‘IoT security: Review,
blockchain solutions, and open challenges’, Future
GenerationComputer.Systems,
https://doi.org/10.1016/j.future.2017.11.022
[15] M. Banerjee, J. Lee and K.-K.R. Choo (2017),’A
blockchain future to Internet of Things security: A
position paper, Digital Communications and
Networks,doi: 10.1016/ j.dcan.2017.10.006.
[16] M. Conoscenti, D. Torino, A. Vetr, D. Torino, and J. C.
De Martin , (2016) Blockchain for the Internet of
Things : a Systematic Literature Review,’ IEEE/ACS 13th
International Conference of Computer Systems and
Applications (AICCSA)
[17] M Banerjee, J. Lee, and K. K. R. Choo (2018). A
Blockchain future for internet of things security: a
position paper,’ Digit. Commun. Networks, vol. 4, no. 3,
pp. 149160.
[18] Swan, (2015). ‘Blockchain Blue Print for a new economy.
First Edition’ O’Reilly Media,USA.
65
... Proof of work is used among the network components to remove a centralized third party. That is helpful to solve the problems of security in IoT as in Table1 [1]. Therefore this paper aims to use the blockchain for presenting the solutions of Traceability, data privacy, and accountability issues. ...
... Figure3. Blockchain IoT Data Privacy [1]. ...
Preprint
Full-text available
IoT is a computational perception that defines a situation, where smart objects are interconnected to the internet/ network. In the last few years, IoT objects have increased in all sectors/ fields and use in all domains of our lives. As the number of devices increases, the privacy of data becomes an important issue. To deal with this issue different techniques have been used by researchers in this field. Unfortunately, these methods have less traceability, privacy of data, and accountability. This paper aims to design a blockchain-based network architecture for Traceability, Data privacy, and Accountability (TDA). Technologies of blockchain are known as a distributed ledger of transactions record, which record the life span information with a timestamp. The major features of blockchain are persistency, decentralization, and audibility. These features help to decrease the budget and increase efficiency. Moreover, to strengthen the TDA architecture, this paper also discusses the performance of the proposed architecture.
... The blockchain is being used in healthcare system [2], energy trading [3], smart farming [4] etc. Now a days, usage of IoT devices is increasing exponentially, 8.7 billion in 2012 to 50 billion in 2020, whereas active connection for IOT devices increases 3.3 billion in 2015 to 9.8 billion in 2020. It is estimated to have 24 billion connections by 2024 [5]. Recently, most of these IoT devices are being controlled by some central servers either of the manufacturer of the device or some leased servers. ...
... The challenge is, IoT devices have 100MHz to 1GHz clock speed and memory starting from few KB to GB. Where blockchain like Bitcoin core, Ethereum requires hundreds of GBs of diskspace and some GBs of memory, this is big mismatch for implementation blockchain for IoT devices [5]. Specification of few popular IoT devices is given below in table 2. These IoT devices are being used to perform certain tasks including some of the critical and hazardous tasks, like different sensors in industries, cars, fire alarms etc. ...
Chapter
Blockchain requires high computation and heavy storage loads. It can be implemented in IoT devices by reducing the computational as well as space complexity of the blockchain. In this paper, a partial blockchain, called Livechain is designed for IoT type lightweight devices. Livechain is designed to hold much lesser number of blocks, i.e. few recent blocks, mining is replaced by an algorithm which is implemented using a miners’ queue. For security of the whole system, Elliptic curve cryptography (ECC) is used on the curve secp256k1 and few well known hashing function like SHA256.KeywordsBlockchainIoT devicesElliptic curve cryptography
... In the blockchain system, each transaction was based on the public key. If the users used multiple keys, they could be traced based on their IP addresses and public keys [14]. ...
... This section explains how the proposed framework meets the security requirements. Integrity [33], confidentiality [34], decentralized identification [35], and authentication [36]. ...
Preprint
Full-text available
Today the current healthcare system is the next frontier for the digital transformation, as patients demand control over their sensitive medical records, with the anticipation that their record is securely stored and correctly shared with the right parties by leveraging patient-centered interoperability techniques. However, the traditional approach falls into the category of enterprise integration platforms to maintain the interoperability for different healthcare providers, whose responsibility is to build bridges between the different silos to allow data to flow back and forth and to allow services to work with each other. The problem with the traditional approach of interoperability is that the data itself is still locked inside silos systems within each participating organization in the overall ecosystem. This traditional approach of interoperability brings new challenges in the healthcare systems viz., privacy, security, and mutability of the patient's record. To address these issues, we have proposed a blockchain-based scalable and secure healthcare interoperability framework that ensures secure storage of patient's records by preserving privacy and immutability of their data. In the proposed model, we integrate blockchain and interplanetary file systems (IPFS) with smart-contracts that enabled patient-centered interoperability in the healthcare domain. Our system provides patients an immutable log and easy access to their health records across the different healthcare organizations. Furthermore, patients authorize healthcare providers to access their health records through patient-centered interoperability techniques leveraged by smart-contracts operations.
... Another study conducted by Qian et al. explores layer-based architecture security and privacy problems for IoT [78]. The proposed security mechanisms eliminate the need for a third party to protect IoT terminal devices [79]. The security mechanism using blockchain technology's decentralization feature in two conditions has been discussed in the remote cloud, network terminal, and devices [80,81]. ...
Article
Full-text available
The recent two decades have witnessed tremendous growth in Internet of things (IoT) applications. There are more than 50 billion devices connected globally. IoT applications’ connectivity with the Internet persistently victimized them with a divergent range of traditional threats, including viruses, worms, malware, spyware, Trojans, malicious code injections, and backdoor attacks. Traditional threats provide essential services such as authentication, authorization, and accountability. Authentication and authorization are the process of verifying that a subject is bound to an object. Traditional authentication and authorization mechanisms use three different factors to identity a subject to verify if the subject has the right capability to access the object. Further, it is defined that a computer virus is a type of malware. Malware includes computer viruses, worms, Trojan horses, spyware, and ransomware. There is a high probability that IoT systems can get infected with a more sophisticated form of malware and high-frequency electromagnetic waves. Purpose oriented with distinct nature IoT devices is developed to work in a constrained environment. So there is a dire need to address these security issues because relying on existing traditional techniques is not good. Manufacturers and researchers must think about resolving these security and privacy issues. Most importantly, this study identifies the knowledge and research gap in this area. The primary objective of this systematic literature review is to discuss the divergent types of threats that target IoT systems. Most importantly, the goal is to understand the mode of action of these threats and develop the recovery mechanism to cover the damage. In this study, more than 170 research articles are systematically studied to understand security and privacy issues. Further, security threats and attacks are categorized on a single platform and provide an analysis to explain how and to what extent they damage the targeted IoT systems. This review paper encapsulates IoT security threats and categorizes and analyses them by implementing a comparative study. Moreover, the research work concludes to expand advanced technologies, e.g., blockchain, machine learning, and artificial intelligence, to guarantee security, privacy, and IoT systems.
Article
With today’s day and age rapidly going digital, the emergence of the Internet of Things has become prominent and IoT systems are now being applied to almost every field. IoT systems can be seen being applied to fields such as healthcare, agriculture, manufacturing, and many more. As IoT systems encompass numerous devices, each of these devices becomes a target for attacks and exploitation; thus, IoT systems have long been associated with issues related to security. Hence, making IoT systems secure and safe is of paramount importance. While the Internet of Things has become a technology that is extremely widespread today due to the wide range of advantages it provides including scalability, dependence, and ease of access; the shortcomings and possible loopholes should also be accounted for. Currently, a client/server model or a centralized model of networking is employed in IoT devices. These devices also use a single gateway to transfer data between them and connect through a cloud server. This model has lots of shortcomings like the high cost of centralized cloud maintenance and network equipment and the cost will continue to rise with the increase in the number of devices and the volume of data. A Single gateway is not very secure as it allows gaining access to a whole IoT network by compromising a single device. To tackle the issue of security, we propose the inclusion of blockchain technology. A Blockchain is a distributed ledger where data is stored across various nodes all over the world, this eliminates the single point of failure. This project proposes the plethora of benefits that blockchain technology offers and aims to tackle the security aspect of IoT systems.
Article
As an emerging information technology, blockchain has aroused extensive discussions around the world and been suggested as a solution to address current issues in supply chain finance (SCF). The Chinese government also attaches great importance to this technology, and many Chinese state-owned enterprises have invested in establishing their own blockchain research and development centres. However, there is a lack of studies on identifying challenges when deploying this technology; theoretical framework and conceptual exposition are also scarcely seen. Therefore, the aim of this study is to investigate the challenges and obstacles in the adoption of blockchain technology in SCF. An exploratory case study of a Chinese state-owned enterprise was conducted to build up an initial conceptual framework. Semi-structured interview was applied to collect data from the case firm's employees, top management, and technical specialists. The results of the analysis indicate that in the adoption of blockchain technology, there are technological, operational, and other challenges. From a technological perspective, framework identification, cross-chain interoperability, and data governance are major barriers; whereas, from an operational perspective, the new business process and transformation in the entire supply chain are identified as challenges. Besides, other obstacles such as the elimination of jobs and regulatory issues are also not neglectable. This study contributes to research on blockchain and supply chains by shedding light on the challenges of blockchain adoption through an exploratory case study of a Chinese state-owned enterprise. A conceptual framework was generated as a basis for future research, and the findings also provide insights for companies that may or are planning to adopt blockchain technology.
Chapter
In this world, people meet many challenges in the healthcare system. There is a circumstance where an individual has to maintain a comprehensive health report from time to time, and it feels not an easy job. A person may not be suffering from one type of disease; he/she may be undergoing multiple problems at once, and it is challenging to maintain all the reports. There is another circumstance where a sufferer visits multiple hospitals/consulting doctors; in a before-mentioned situation, it is tough for such patients to maintain them, and they may suggest the repeated process. In such a situation, an approach to maintaining Electronic Health Records is proposed in this paper, which uses Blockchain methodology to provide the most secure way to store and share patient reports whenever they need. The proposed system makes the task easy for patient’s to maintain multiple records in a single block, and the testing result leads a pathway to adopt in this current scenario.KeywordsBlock chainHealthcare systemHealth recordsMaintainElectronic health recordsCovid
Article
Full-text available
With the advent of smart homes, smart cities, and smart everything, the Internet of Things (IoT) has emerged as an area of incredible impact, potential, and growth, with Cisco Inc. predicting to have 50 billion connected devices by 2020. However, most of these IoT devices are easy to hack and compromise. Typically, these IoT devices are limited in compute, storage, and network capacity, and therefore they are more vulnerable to attacks than other endpoint devices such as smartphones, tablets, or computers. In this paper, we present and survey major security issues for IoT. We review and categorize popular security issues with regard to the IoT layered architecture, in addition to protocols used for networking, communication, and management. We outline security requirements for IoT along with the existing attacks, threats, and state-of-the-art solutions. Furthermore, we tabulate and map IoT security problems against existing solutions found in the literature. More importantly, we discuss, how blockchain, which is the underlying technology for bitcoin, can be a key enabler to solve many IoT security problems. The paper also identifies open research problems and challenges for IoT security.
Conference Paper
Full-text available
Blockchain, the underlying technology of cryptocurrency networks like Bitcoin, can prove to be essential towards realizing the vision of a decentralized, secure, and open Internet of Things (IoT) revolution. There is a growing interest in many research groups towards leveraging blockchains to provide IoT data privacy without the need for a centralized data access model. This paper aims to propose a decentralized access model for IoT data, using a network architecture that we call a modular consortium architecture for IoT and blockchains. The proposed architecture facilitates IoT communications on top of a software stack of blockchains and peer-to-peer data storage mechanisms. The architecture is aimed to have privacy built into it, and to be adaptable for various IoT use cases. To understand the feasibility and deployment considerations for implementing the proposed architecture, we conduct performance analysis of existing blockchain development platforms, Ethereum and Monax.
Article
Full-text available
Internet-of-Things (IoT) are increasingly found in civilian and military contexts, ranging from Smart Cities to Smart Grids to Internet-of-Medical-Things to Internet-of-Vehicles to Internet-of-Military-Things to Internet-of-Battlefield-Things, etc. In this paper, we survey articles presenting IoT security solutions published in English since January 2016. We make a number of observations, include the lack of publicly available IoT datasets that can be used by the research and practitioner communities. Given the potential sensitive nature of IoT datasets, there is a need to develop a standard for the sharing of IoT datasets among the research and practitioner communities and other relevant stakeholders. We then posit the potential for blockchain technology in facilitating secure sharing of IoT datasets (e.g. using blockchain to ensure the integrity of shared datasets) and securing IoT systems, before presenting two conceptual blockchain-based approaches. We then conclude this paper with nine potential research questions.
Conference Paper
Full-text available
Data assurance and resilience are crucial security issues in cloud-based IoT applications. With the widespread adoption of drones in IoT scenarios such as warfare, agriculture and delivery, effective solutions to protect data integrity and communications between drones and the control system have been in urgent demand to prevent potential vulnerabilities that may cause heavy losses. To secure drone communication during data collection and transmission, as well as preserve the integrity of collected data, we propose a distributed solution by utilizing blockchain technology along with the traditional cloud server. Instead of registering the drone itself to the blockchain, we anchor the hashed data records collected from drones to the blockchain network and generate a blockchain receipt for each data record stored in the cloud, reducing the burden of moving drones with the limit of battery and process capability while gaining enhanced security guarantee of the data. This paper presents the idea of securing drone data collection and communication in combination with a public blockchain for provisioning data integrity and cloud auditing. The evaluation shows that our system is a reliable and distributed system for drone data assurance and resilience with acceptable overhead and scalability for a large number of drones.
Conference Paper
Full-text available
Blockchain, the foundation of Bitcoin, has received extensive attentions recently. Blockchain serves as an immutable ledger which allows transactions take place in a decentralized manner. Blockchain-based applications are springing up, covering numerous fields including financial services, reputation system and Internet of Things (IoT), and so on. However, there are still many challenges of blockchain technology such as scalability and security problems waiting to be overcome. This paper presents a comprehensive overview on blockchain technology. We provide an overview of blockchain architechture firstly and compare some typical consensus algorithms used in different blockchains. Furthermore, technical challenges and recent advances are briefly listed. We also lay out possible future trends for blockchain.
Conference Paper
Full-text available
In the Internet of Things (IoT) scenario, the block-chain and, in general, Peer-to-Peer approaches could play an important role in the development of decentralized and data-intensive applications running on billion of devices, preserving the privacy of the users. Our research goal is to understand whether the blockchain and Peer-to-Peer approaches can be employed to foster a decentralized and private-by-design IoT. As a first step in our research process, we conducted a Systematic Literature Review on the blockchain to gather knowledge on the current uses of this technology and to document its current degree of integrity, anonymity and adaptability. We found 18 use cases of blockchain in the literature. Four of these use cases are explicitly designed for IoT. We also found some use cases that are designed for a private-by-design data management. We also found several issues in the integrity, anonymity and adaptability. Regarding anonymity, we found that in the blockchain only pseudonymity is guaranteed. Regarding adaptability and integrity, we discovered that the integrity of the blockchain largely depends on the high difficulty of the Proof-of-Work and on the large number of honest miners, but at the same time a difficult Proof-of-Work limits the adaptability. We documented and categorized the current uses of the blockchain, and provided a few recommendations for future work to address the above-mentioned issues.
Book
This book presents a selection of papers submitted to the 20th Tyrrhenian Workshop, which took place in September 2009 in Sardinia, Italy. The workshop focused on the "Internet of Things." This subject is quickly emerging in the wireless technology arena. It describes the pervasive presence of a variety of devices—such as sensors, actuators, and mobile phones—which, through unique addressing schemes, are able to interact and cooperate with each other to reach common goals. This novel paradigm, which originated from the idea of "smart" environments, will be sure to impact the future of logistics, Intelligent Transportation Systems, business and process management, assisted living, E-health, and other applications. The Internet of Things covers a wide array of essential topics related to this emerging paradigm, including infrastructures and applications, communication systems and network architectures, embedded systems, and location and tracking through navigation sensors. It also addresses the technological and social implications of this technology, as well as challenges that may arise.
Conference Paper
Since the start of Bitcoin in 2008[1], blockchain technology emerged as the next revolutionary technology. Though blockchain started off as a core technology of Bitcoin, its use cases are expanding to many other areas including finances, Internet of Things (IoT), security and such[2]. Currently, many private and public sectors are diving into the technology[3]. Aside from that, as software and hardware improve, we would see the beginning of IoT. And those IoT devices need to communicate and synchronize with each other. But in situations where more than thousands or tens of thousands of IoT devices connected, we expect that using current model of server-client may have some limitations and issues while in synchronization. So, we propose using blockchain to build IoT system. Using blockchain, we can control and configure IoT devices. We manage keys using RSA public key cryptosystems where public keys are stored in Ethereum and private keys are saved on individual devices. Specifically, we choose Ethereum as our blockchain platform because using its smart contract, we can write our own Turing-complete code to run on top of Ethereum. Thus, we can easily manage configuration of IoT devices and build key management system. Even though we can simply use account as a key management system, which most of blockchain platform supports, we decide to use Ethereum because we can manage the system in a more fine-grained way. For the proof of a concept, we use a few IoT devices instead of a full system of IoT system, which consists of thousands of IoT devices. But in our later study, we would like to build a fully scaled IoT system using blockchain.
Article
Motivated by the recent explosion of interest around blockchains, we examine whether they make a good fit for the Internet of Things (IoT) sector. Blockchains allow us to have a distributed peer-to-peer network where non-trusting members can interact with each other without a trusted intermediary, in a verifiable manner. We review how this mechanism works and also look into smart contracts-scripts that reside on the blockchain that allow for the automation of multi-step processes. We then move into the IoT domain, and describe how a blockchain-IoT combination: 1) facilitates the sharing of services and resources leading to the creation of a marketplace of services between devices and 2) allows us to automate in a cryptographically verifiable manner several existing, time-consuming workflows. We also point out certain issues that should be considered before the deployment of a blockchain network in an IoT setting: from transactional privacy to the expected value of the digitized assets traded on the network. Wherever applicable, we identify solutions and workarounds. Our conclusion is that the blockchain-IoT combination is powerful and can cause significant transformations across several industries, paving the way for new business models and novel, distributed applications.
Book
Handbook of Research on Digital Transformations edited by F. Xavier Olleros, and Majlinda ZheguA paraitre