The New Advanced Society. Группа авторовЧитать онлайн книгу.
collect data from the IoT devices. Then this data is registered and associated with the particular IoT device in the blockchain and subsequently forwarded to a Distributed Hash Table (DHT). Blockchain based cryptographic means are used to address queries on specific data. It is registered as a transaction in the blockchain for verification of authentication. After being successfully authenticated, DHT then releases the desired data. In this approach blockchain works like a trusted third party (TTP) for storing of data and its management, provides protection to the stored data and also facilitates user authentication.
A distributed cloud architecture was proposed in [16] using blockchain utilizing Software Defined Networking (SDN) enabled controller fog nodes as edge nodes in the system. The edge nodes process data analysis, their classification for the huge volume of acquired data from the IoT devices present at the edge of the network. This system also took care of efficient data traffic management of the system using data distribution within the fog and associated edge nodes.
To improve scalability and also for eliminating the role of a TTP, in Manzoor et al. [17] have presented a blockchain based proxy controlled re-encryption scheme [18]. This is implemented with deployment of Smart Contracts. In this scheme the proxy re-encryption facilitates data transparency and mapping between the data owner and the registered user associated to the Smart Contract. In this, secure storage and sharing of the IoT acquired data’s confidentiality is maintained by first performing data encryption before their storage on cloud and then subsequently re- encrypting the stored data before their sharing among users.
In Kim et al. [19] have suggested an idea based on Blockchain of Things (BoT) model to address the corresponding hacking issues of IoT devices. A specialized method called color spectrum chain blockchain technique is used. This proposal tried to address the security vulnerabilities in the sensors. In this technique Thin Plate Spline (TPS) is used along with multiple-agreement algorithm to access required security strengths of the system.
A fingerprint verification based automatic door locking system was proposed and implemented using mobile handsets in [20] based on blockchain technology. This system implementation has been proved to be efficient about the prevention of attempt to forge, any move to tamper or leak biometric information of the users. In the system the users could authenticate themselves using a mobile handset with biometric fingerprint printing authentication coupled with blockchain based security measures.
3.5.3 Proposed Distributed Ledger-Based IoT Cloud IAM
Distributed Ledger implementation needs a basic platform namely a Blockchain. As the blockchain facilitates distributed database and essential characteristics of immutability, Distributed Ledger implementation can be done upon this platform efficiently. Blockchain as a technology can easily be integrated with access control and data sharing mechanisms. This way it may provide a new means for elimination of shortcomings of the age old traditional schemes. Blockchain provides solutions to many problems that are more effective to provide data integrity, fairness, authenticity, security, and distribution [21]. By virtue of the inherent cryptographic properties and decentralized storage and processing, as a technology Blockchain has been assessed as a suitable method for providing IAM services for IoT ecosystem as deliberated by the authors of [22, 23].
In any cryptographically secured system key management plays a vital role. In our proposed method Elliptic Curve Digital Signature Algorithm (ECDSA) may be conveniently used for generating public and private keys for the devices and the IoT clusters associated with Blockchain nodes. It provides the same level of security as with the RSA method. We have selected this approach depending upon a detailed comparison between encryption algorithms described by [24]. The ECDSA based program needs comparatively reduced power consumption from other similar methods. Hence it also suits the requirements of IoT infrastructure, keeping the constraint resources availability of the IoT devices.
Figure 3.4 above represents a schematic diagram of the proposed Blockchain based IoT Cloud model for the IAM service implementation. Vital aspects of the proposed model are as follows.
1 (i) Establishment of an Ethereum-based private blockchain as a core of the distributed ledger network.
2 (ii) Device address and user Ids are mapped over the nodes of the blockchain.
3 (iii) Storage of the acquired data from the devices is done off the blockchain inn the cloud storage.
4 (iv) Use of multiple smart contracts for ensuring ‘user’ and ‘things’ mapping for effective service management as well as identity management.
5 (v) Use of blockchain consensus mechanism for verification of data access as a registered event logged in the blockchain
6 (vi) Use of cloud nodes for processing and relieving the edge devices from loading of processing due to their constrained resources availability.
7 (vii) Superimposing the IAM functionality of Cloud with the inherent advantages of blockchain related information security and event logging.
Figure 3.4 Proposed model of blockchain-based IoT Cloud for IAM.
3.6 Conclusion
Steadily the use of IoT devices is making ingress to our day to day lives affecting improvements towards our living conditions. It is quite evident to note that IoT is one of most prominent and emerging technologies in today’s scenario. The proliferation and application of IoT in all spheres of life is ever increasing for ease of life as well as efficient functioning of things. At the same time the value of sensitive data and its adverse effect to a fully functional IoT network is not hidden from anyone. It has been established in many researches that secured storage of data both in static and transit plays a vital role in the domain of information security. However as a new and emerging trend, the identity of entities of IoT as well as proper access management is emerging as a more crucial reason in the dynamics of information security matters. Accordingly, IAM is going to play a critically prominent role in future time to come.
Blockchain and distributed ledger empowered security technique have proved their significance as potential technology for tomorrow’s world. But there is a way forward for its effective application and wide acceptance as a decentralize approach based solution towards security of an IoT cloud. Gradual improvement in efficiency and the consensus algorithms used by blockchain, needs comparatively heavy computational loads to be addressed for its effective use. Thus without introducing significant overhead, the design of a less computation intensive consensus mechanism for resource constrained IoT devices cloud could be more pertinent for security solution empowered with blockchain and using distributed ledger based IoT ecosystems.
References
1. GSMA, IoT Security Guidelines for Endpoint Ecosystems, https://www.gsma.com/iot/iot-security-guidelines-for-endpoint-ecosystem/, Last accessed: 07 Nov 2020.
2. GSMA, IoT Security Guidelines for Network Operators, https://www.gsma.com/iot/iot-security-guidelines-for-network-operators/, Last accessed: 08 Nov 2020.
3. Miessler, D., Securing the internet of things: Mapping attack surface areas using the OWASP IoT top 10, in: RSA Conference, 2015.
4. Andersen, M.P., Kolb, J., Chen, K., Fierro, G., Culler, D.E., Popa, R.A., WAVE: A Decentralized Authorization System for IoT via Blockchain Smart Contracts. Tech. Rep., 2017.
5.