The authors in [10] proposed blockchain technology for handling security issues in IoT. A decentralized authentication method was followed for IoT devices. It had a prominent drawback in terms of interoperability between different interconnected systems. There is a prominent drawback with this system that the devices of one could not be able to communicate with other system devices. Accordingly, this was not very useful for seamless integration between systems where there was requirement to communicate between IoT devices belonging to different systems.
In Feng et al. [11], emphasized regarding remote use of a concept of attestation mechanism for IoT as well as Cyber-Physical Systems. IoT devices being resources constraint, were not able to meet the requirements of complex computations. Accordingly basing upon physical behavior of devices a software based remote authentication method was proposed. This needed storage of hardware properties and other related details of IoT devices on a local server. Whenever a device needs an authentication, corresponding hardware signature of device is matched with the details available at the local server. Further it was observed to be less efficient involving resource constrained devices.
Authors in [12] proposed a two-factor authentication mechanism for IoT devices which was easier for processing. It incorporated authentication details of IoT device along with physical properties of the devices. Along with device identification it was found useful for eliminating any type of physical attack on the device. To name a few, it could be impersonation attack or even side channel attack. Apart from processing latency delay, prominent drawback of this mechanism was dependent on storage of a centralized server.
3.5 Proposed Method for IoT Cloud IAM
A Distributed Ledger is implemented for the establishment of a Blockchain. A blockchain essentially is a decentralized, distributed and also an immutable shared ledger which keeps resources and all transaction within a peer-topeer network. From its structural point of view, it contains interconnected blocks of data which are timestamped and also validated with consensus algorithm. Each block contains a list of all transactions and a hash to the previous block. The blockchain uses Elliptic Curve Cryptography (ECC) and Secured Hashing (SHA-256) cryptographic means to ensure data integrity and authentication. Blockchain stores entire past events of all transactions after due verification. Such verification is done with a majority consensus of miner nodes, which also are used to validate each transaction. Out of the two categories, Private or permissioned Blockchain is used for restricted access to a certain group of participants, whereas Public or permission less Blockchain is open for anyone to access. Permissioned Blockchain is a preferred choice to provide privacy solution implementation and also better access control enforcement.
3.5.1 Distributed Ledger Approach for IoT Security
Both academia and industry have conducted several researches to arrive at a conclusion that Distributed Ledger and Blockchain technology can potentially play a crucial role to manage, control and secure all networked device. Schematic diagram of Blockchain empowered IoT Cloud is depicted at Figure 3.3. Accordingly, this can be seen as a promising security solution to counter the challenges with IoT related security issues. Some vital features of blockchain which are useful for IoT in general and IoT security specifically are described below.
For Addressing: Typically, Blockchain uses 160 bit address. As a standardized cryptographic function in Blockchain, it is capable to address 20 bytes or a 160 bit hash of the public key which is the output of Elliptic Curve Digital Signature Algorithm (ECDSA). Hence it is found to be a better addressing means than IP V6 (128 bit) for provisioning of Global Unique Identifier (GUI) at the time of allocating and assigning address for an IoT device.
Figure 3.3 Blockchain empowered IoT Cloud.
For Authentication: Smart contracts can be deployed with Blockchain to provide authentication using decentralized means. This can also be used to provide authentication to smart devices connected to the IoT system. Inherent advantages of Blockchain can also be suitably utilized for effective authentication establishment.
For Authorization: Using Smart contracts deployed over Blockchain and also integrating multiple smart contracts, effective authorization and access control mechanism for connected IoT devices can be established. This mechanism is found to be faster and efficient compared to commonly used protocols like Oath, Open ID, etc.
For Privacy: Smart contracts are such versatile tools, whereby using this over Blockchain enables ensuring data privacy. This technique can control access by enforcing a designated set of conditions and time to allow or deny access to users or group of users to control the acquired data or even transit data for the IoT system. Smart contracts can also be programmed to decide on patch updation. Using this means, changing of ownership and provisioning of IoT devices are found to be smooth exercises.
For Data Integrity: In a Blockchain based arrangement, the connected IoT devices are cryptographically safeguarded and signed by a verified and legitimate sender who is holding a unique public key and GUID. Secure storage mechanism along with its event time stamping of the distributed ledger facilitates data integrity for the interconnected IoT devices. For example, to maintain data integrity in a distributed system TrustChain is proposed with an aim to perform trusted transactions using blockchain.
For Identity of Things: Blockchain technology can be used to identify IoT devices with a set of attributes. Attribute management for the connected smart devices of IoT system holds a key factor for the Identity and Access Management (IAM). Attributes in terms of deployment location coordinates as registered by GPS, make, model and device serial no of IoT device along with its ownership, change or renovation of ownership play a crucial role with respect to identity of things.
3.5.2 Blockchain for IoT Security Solution
Emerging technologies like IoT as well as Bockchain has presented many technological advantages. Subsequently advantages of integrating Blockchain and IoT have been studied and analyzed by many researchers. The primary aspect of IoT device level security is mainly expected to cover diversified factors like managing huge amount of data, privacy preservation of user, trust assurance, confidentiality and also integrity. It also merits its significance related to advantages associated with Blockchain and distributed ledger applications. In this subsection we will consider some of the prominent research contributions addressing security concerns of IoT using Distributed Ledger technology with Blockchain.
A Blockchain Connected Gateway has been proposed in [13] for maintaining security and adaptive users’ privacy, where the authors have made use of Bluetooth Low Energy empowered IoT devices. Crucial data of user are protected from being accessed without user’s consent by means of the Gateway. To implement authentication and also secrecy in terms of privacy preservation, a digital signature scheme is also proposed. As basic fundamental architecture of the system, blockchain networks are applied to address privacy related issues between application providers of IoT and their users by encrypting users’ applied choices and keeping them for further reference in the network.
Authors have highlighted in [14] regarding difficulty for the mobile and handheld devices for performing required computation for proof of work for reaching a consensus due to their resource limitations. Hence a concept of edge computing was introduced wherein such mobile devices are facilitated to use the resources present at the level of edge devices for computations in order to get the proof of work.
A blockchain based data storage scheme was proposed in [15] for protecting and storing huge volume of generated data by IoT devices. This secured method applied register and forward methodology. The devices