43 research outputs found
Application of Blockchain Technology for iLearning Student Assessment
Blockchain is the core technology used to create cryptocurrencies, such as Bitcoin. As one part of the fourth industrial Revolution since the invention of steam engines, electricity, and information technology, blockchain technology has begun to be applied in areas such as finance, judiciary, and trade. Blockchain technology uses decentralized, distributed and transparency techniques for data security. This research aims to determine the implementation of blockchain technology in the field of education, especially in the Data Security section. The study uses two methods namely the mind mapping method and literature review. The results of this study showed that with the presence of blockchain technology, the data is more secure from attacks from both inside and outside because it passes through two levels of security, namely encryption and decentralized data
A blockchain-IoT platform for the smart pallet pooling management
Pallet management as a backbone of logistics and supply chain activities is essential to supply chain parties, while a number of regulations, standards and operational constraints are considered in daily operations. In recent years, pallet pooling has been unconventionally advocated to manage pallets in a closed-loop system to enhance the sustainability and operational effectiveness, but pitfalls in terms of service reliability, quality compliance and pallet limitation when using a single service provider may occur. Therefore, this study incorporates a decentralisation mechanism into the pallet management to formulate a technological eco-system for pallet pooling, namely Pallet as a Service (PalletaaS), raised by the foundation of consortium blockchain and Internet of things (IoT). Consortium blockchain is regarded as the blockchain 3.0 to facilitate more industrial applications, except cryptocurrency, and the synergy of integrating a consortium blockchain and IoT is thus investigated. The corresponding layered architecture is proposed to structure the system deployment in the industry, in which the location-inventory-routing problem for pallet pooling is formulated. To demonstrate the values of this study, a case analysis to illustrate the human–computer interaction and pallet pooling operations is conducted. Overall, this study standardises the decentralised pallet management in the closed-loop mechanism, resulting in a constructive impact to sustainable development in the logistics industry
Blockchain Securities Issues: Decentralized Identity System With Key Management Perspective
Blockchain was created many years ago to solve the problems of data transfer Integrity, several years later the issues persist. Blockchain securities are one of the most important considerations to be investigated, and data integrity is about ensuring the accuracy and validity of messages such that when they are read, they are the same as when they were first written. It is of the opinion that passing information across from one person to another cannot be the same as it was first said at the onset. Our work investigated Blockchain security issues, studying Integrity emanating from transactions across the blocks and how to deal with the securities issues. It also investigated decentralization and issues in blockchain to investigate how to mitigate the security issues associated with blockchain. It further discusses the use of key management in solving security issues in blockchain, viewing different key management systems of private and public keys, and solutions in addressing the blockchain problems. Lastly, we contributed the use of Decentralized Identity systems (DIDs) into the blockchain where we use a unique identifier, “ID.me” to verifier the individual credentials before any transaction, this was done by sending a digital ID through the issuer to the verifier to authenticate the integrity and identity of the holder and this proof worthy of protecting the information and maintaining the privacy of the user of the blockchain technology
Achieving cybersecurity in blockchain-based systems: a survey
With The Increase In Connectivity, The Popularization Of Cloud Services, And The Rise Of The Internet Of Things (Iot), Decentralized Approaches For Trust Management Are Gaining Momentum. Since Blockchain Technologies Provide A Distributed Ledger, They Are Receiving Massive Attention From The Research Community In Different Application Fields. However, This Technology Does Not Provide With Cybersecurity By Itself. Thus, This Survey Aims To Provide With A Comprehensive Review Of Techniques And Elements That Have Been Proposed To Achieve Cybersecurity In Blockchain-Based Systems. The Analysis Is Intended To Target Area Researchers, Cybersecurity Specialists And Blockchain Developers. For This Purpose, We Analyze 272 Papers From 2013 To 2020 And 128 Industrial Applications. We Summarize The Lessons Learned And Identify Several Matters To Foster Further Research In This AreaThis work has been partially funded by MINECO, Spain grantsTIN2016-79095-C2-2-R (SMOG-DEV) and PID2019-111429RB-C21 (ODIO-COW); by CAM, Spain grants S2013/ICE-3095 (CIBERDINE),P2018/TCS-4566 (CYNAMON), co-funded by European Structural Funds (ESF and FEDER); by UC3M-CAM grant CAVTIONS-CM-UC3M; by the Excellence Program for University Researchers, Spain; and by Consejo Superior de Investigaciones Científicas (CSIC), Spain under the project LINKA20216 (“Advancing in cybersecurity technologies”, i-LINK+ program)
Blockchain-IoT peer device storage optimization using an advanced time-variant multi-objective particle swarm optimization algorithm
The integration of Internet of Things devices onto the Blockchain implies an increase in the transactions that occur on the Blockchain, thus increasing the storage requirements.
A solution approach is to leverage cloud resources for storing blocks within the chain. The paper, therefore, proposes two solutions to this problem. The first being an improved hybrid architecture design which uses containerization to create a side chain on a fog node for the devices connected to it and an Advanced Time‑variant Multi‑objective Particle Swarm Optimization Algorithm (AT‑MOPSO) for determining the optimal number of blocks that should be transferred to the cloud for storage. This algorithm uses time‑variant weights for the velocity of the particle swarm optimization and the non‑dominated sorting and mutation schemes from NSGA‑III. The proposed algorithm was compared with results from the original MOPSO algorithm, the Strength Pareto Evolutionary Algorithm (SPEA‑II), and the Pareto Envelope‑based Selection Algorithm with region‑based selection (PESA‑II), and NSGA‑III. The proposed AT‑MOPSO showed better results than the aforementioned MOPSO algorithms in cloud storage cost and query probability optimization. Importantly, AT‑MOPSO achieved 52% energy efficiency compared to NSGA‑III.
To show how this algorithm can be applied to a real‑world Blockchain system, the BISS industrial Blockchain architecture was adapted and modified to show how the AT‑MOPSO can be used with existing Blockchain systems and the benefits it provides
Cybersecurity applications of Blockchain technologies
With the increase in connectivity, the popularization of cloud services, and the rise
of the Internet of Things (IoT), decentralized approaches for trust management
are gaining momentum. Since blockchain technologies provide a distributed ledger,
they are receiving massive attention from the research community in different application
fields. However, this technology does not provide cybersecurity by itself.
Thus, this thesis first aims to provide a comprehensive review of techniques and
elements that have been proposed to achieve cybersecurity in blockchain-based systems.
The analysis is intended to target area researchers, cybersecurity specialists
and blockchain developers. We present a series of lessons learned as well. One of
them is the rise of Ethereum as one of the most used technologies.
Furthermore, some intrinsic characteristics of the blockchain, like permanent
availability and immutability made it interesting for other ends, namely as covert
channels and malicious purposes.
On the one hand, the use of blockchains by malwares has not been characterized
yet. Therefore, this thesis also analyzes the current state of the art in this area. One
of the lessons learned is that covert communications have received little attention.
On the other hand, although previous works have analyzed the feasibility of
covert channels in a particular blockchain technology called Bitcoin, no previous
work has explored the use of Ethereum to establish a covert channel considering all
transaction fields and smart contracts.
To foster further defence-oriented research, two novel mechanisms are presented
on this thesis. First, Zephyrus takes advantage of all Ethereum fields and smartcontract
bytecode. Second, Smart-Zephyrus is built to complement Zephyrus by
leveraging smart contracts written in Solidity. We also assess the mechanisms feasibility
and cost. Our experiments show that Zephyrus, in the best case, can embed
40 Kbits in 0.57 s. for US 1.82 per bit), the provided stealthiness might be worth the price for attackers. Furthermore,
these two mechanisms can be combined to increase capacity and reduce
costs.Debido al aumento de la conectividad, la popularización de los servicios en la nube
y el auge del Internet de las cosas (IoT), los enfoques descentralizados para la
gestión de la confianza están cobrando impulso. Dado que las tecnologías de cadena
de bloques (blockchain) proporcionan un archivo distribuido, están recibiendo
una atención masiva por parte de la comunidad investigadora en diferentes campos
de aplicación. Sin embargo, esta tecnología no proporciona ciberseguridad por sí
misma. Por lo tanto, esta tesis tiene como primer objetivo proporcionar una revisión
exhaustiva de las técnicas y elementos que se han propuesto para lograr la ciberseguridad
en los sistemas basados en blockchain. Este análisis está dirigido a investigadores
del área, especialistas en ciberseguridad y desarrolladores de blockchain. A
su vez, se presentan una serie de lecciones aprendidas, siendo una de ellas el auge
de Ethereum como una de las tecnologías más utilizadas.
Asimismo, algunas características intrínsecas de la blockchain, como la disponibilidad
permanente y la inmutabilidad, la hacen interesante para otros fines, concretamente
como canal encubierto y con fines maliciosos.
Por una parte, aún no se ha caracterizado el uso de la blockchain por parte
de malwares. Por ello, esta tesis también analiza el actual estado del arte en este
ámbito. Una de las lecciones aprendidas al analizar los datos es que las comunicaciones
encubiertas han recibido poca atención.
Por otro lado, aunque trabajos anteriores han analizado la viabilidad de los
canales encubiertos en una tecnología blockchain concreta llamada Bitcoin, ningún
trabajo anterior ha explorado el uso de Ethereum para establecer un canal encubierto
considerando todos los campos de transacción y contratos inteligentes.
Con el objetivo de fomentar una mayor investigación orientada a la defensa,
en esta tesis se presentan dos mecanismos novedosos. En primer lugar, Zephyrus
aprovecha todos los campos de Ethereum y el bytecode de los contratos inteligentes.
En segundo lugar, Smart-Zephyrus complementa Zephyrus aprovechando los contratos inteligentes escritos en Solidity. Se evalúa, también, la viabilidad y el coste
de ambos mecanismos. Los resultados muestran que Zephyrus, en el mejor de los
casos, puede ocultar 40 Kbits en 0,57 s. por 1,64 US$, y recuperarlos en 2,8 s.
Smart-Zephyrus, por su parte, es capaz de ocultar un secreto de 4 Kb en 41 s. Si
bien es cierto que es caro (alrededor de 1,82 dólares por bit), el sigilo proporcionado
podría valer la pena para los atacantes. Además, estos dos mecanismos pueden
combinarse para aumentar la capacidad y reducir los costesPrograma de Doctorado en Ciencia y Tecnología Informática por la Universidad Carlos III de MadridPresidente: José Manuel Estévez Tapiador.- Secretario: Jorge Blasco Alís.- Vocal: Luis Hernández Encina
A Distributed Audit Trail for the Internet of Things
Sharing Internet of Things (IoT) data over open-data platforms and digital data
marketplaces can reduce infrastructure investments, improve sustainability by
reducing the required resources, and foster innovation. However, due to the
inability to audit the authenticity, integrity, and quality of IoT data, third-party
data consumers cannot assess the trustworthiness of received data. Therefore,
it is challenging to use IoT data obtained from third parties for quality-relevant
applications. To overcome this limitation, the IoT data must be auditable. Distributed
Ledger Technology (DLT) is a promising approach for building auditable
systems. However, the existing solutions do not integrate authenticity,
integrity, data quality, and location into an all-encompassing auditable model
and only focus on specific parts of auditability.
This thesis aims to provide a distributed audit trail that makes the IoT auditable
and enables sharing of IoT data between multiple organizations for
quality relevant applications. Therefore, we designed and evaluated the Veritaa
framework. The Veritaa framework comprises the Graph of Trust (GoT) as
distributed audit trail and a DLT to immutably store the transactions that build
the GoT. The contributions of this thesis are summarized as follows. First, we
designed and evaluated the GoT a DLT-based Distributed Public Key Infrastructure
(DPKI) with a signature store. Second, we designed a Distributed
Calibration Certificate Infrastructure (DCCI) based on the GoT, which makes
quality-relevant maintenance information of IoT devices auditable. Third, we
designed an Auditable Positioning System (APS) to make positions in the IoT
auditable. Finally, we designed an Location Verification System (LVS) to verify
location claims and prevent physical layer attacks against the APS. All these
components are integrated into the GoT and build the distributed audit trail.
We implemented a real-world testbed to evaluate the proposed distributed audit
trail. This testbed comprises several custom-built IoT devices connectable
over Long Range Wide Area Network (LoRaWAN) or Long-Term Evolution
Category M1 (LTE Cat M1), and a Bluetooth Low Energy (BLE)-based Angle
of Arrival (AoA) positioning system. All these low-power devices can manage
their identity and secure their data on the distributed audit trail using the IoT
client of the Veritaa framework. The experiments suggest that a distributed
audit trail is feasible and secure, and the low-power IoT devices are capable
of performing the required cryptographic functions. Furthermore, the energy
overhead introduced by making the IoT auditable is limited and reasonable
for quality-relevant applications
Architecting a Blockchain-Based Framework for the Internet of Things
Traditionally, Internet-of-Things (IoT) solutions are based on centralized infrastructures, which necessitate high-end servers for handling and transferring data. Centralized solutions incur high costs associated to maintaining centralized servers, and do not provide built-in guarantees against security threats and trust issues. Therefore, it is an essential research problem to mitigate the aforementioned problems by developing new methods for IoT decentralisation.
In recent years, blockchain technology, the underlying technology of Bitcoin, has attracted research interest as the potential missing link towards building a truly decentralized, trustless and secure environment for the IoT. Nevertheless, employing blockchain in the IoT has significant issues and challenges, related to scalability since all transactions logged in a blockchain undergo a decentralized consensus process.
This thesis presents the design and implementation of a blockchain-based decentralized IoT framework that can leverage the inherent security characteristics of blockchains, while addressing the challenges associated with developing such a framework. This decentralized IoT framework aims to employ blockchains in combination with other peer-to-peer mechanisms to provide: access control; secure IoT data transfer; peer-to-peer data-sharing business models; and secure end-to-end IoT communications, without depending upon a centralized intermediary for authentication or data handling.
This framework uses a multi-tiered blockchain architecture with a control-plane/data-plane split, in that the bulk data is transferred through peer-to-peer data transfer mechanisms, and blockchains are used to enforce terms and conditions and store relevant timestamped metadata. Implementations of the blockchain-based framework have been presented in a multitude of use-cases, to observe the framework's viability and adaptability in real-world scenarios. These scenarios involved traceability in supply chains, IoT data monetization and security in end-to-end communications.With all the potential applications of the blockchain-based framework within the IoT, this thesis takes a step towards the goal of a truly decentralized IoT
ENABLING FIRMS IN THE MARCHE REGION TO UNDERSTAND BLOCKCHAIN FOR SUPPLY CHAIN TRACEABILITY THROUGH A TRIPLE HELIX APPROACH.
La presente Tesi esplora come le imprese, particolarmente le PMI, situate nella regione Marche, possono sfruttare le potenzialità offerte dalla tecnologia blockchain per accrescere la propria competitività.
Originariamente concepita per permettere transazioni di valore diretto tra pari senza intermediari, la blockchain è stata proposta per applicazioni oltre l'ambito delle criptovalute per la registrazione di dati in modo immutabile e trasparente. La promessa che sottende l'uso della blockchain è quella di superare la mancanza di fiducia che permea diversi settori, abolendo la necessità di fiducia interpersonale e di intermediari fidati. Particolarmente rilevante è il suo impiego nelle catene di fornitura, dove promette di garantire trasparenza nella tracciabilità dei prodotti, anche per quelli del Made in Italy.
Considerando l'importanza che le imprese del Made in Italy rivestono per l'economia marchigiana, questa Tesi si focalizza sulle potenzialità della blockchain nella tracciabilità delle catene di fornitura di tali prodotti.
Nonostante i molti benefici teorici discussi nella letteratura accademica, l'implementazione della blockchain per la tracciabilità si scontra con due sfide principali. Primo, l'accuratezza dei dati inseriti da fonti esterne, che può richiedere relazioni di fiducia preesistenti e il coinvolgimento di intermediari per la verifica dei dati, reintroducendo paradossalmente la necessità di fiducia e di intermediari che la blockchain mira a eliminare. Secondo, la scalabilità limitata ostacola la memorizzazione di grandi quantità di dati sulle blockchain. Le soluzioni proposte per affrontare la bassa scalabilità, come la memorizzazione off-chain e le blockchain di tipo permissioned, potenzialmente compromettono i principi di decentralizzazione e sicurezza che sono i fondamenti della blockchain. Una scarsità di studi empirici lascia spazio allo scetticismo riguardo la reale capacità della blockchain di eliminare la necessità di fiducia e intermediari nelle catene di fornitura.
Vista la scarsità di studi empirici che attestino l'efficacia della blockchain per la tracciabilità, questa Tesi adotta un approccio esplorativo e qualitativo, basato su interviste e sondaggi, per raccogliere evidenze concrete sull'uso della blockchain da parte delle imprese Made in Italy e comprenderne le opportunità e le sfide.
Dai risultati emerge che la blockchain per la tracciabilità è adottata dalle imprese del Made in Italy come strumento di marketing business-to-consumer, nonostante il rischio di perdita di dati con la memorizzazione off-chain e l’utilizzo di blockchain pubbliche di terza generazione che impiegano algoritmi di consenso che aumentano la scalabilità a spese di decentralizzazione e sicurezza. Inoltre, nel comprendere e adottare la blockchain per la tracciabilità, le imprese del Made in Italy si affidano quasi completamente a consulenti e fornitori di servizi blockchain, che potrebbero avere un conflitto di interessi nel promuovere la blockchain in una maniera che non tiene conto delle sue limitazioni. La mancanza di accesso diretto ai dati di performance della blockchain rende difficile per gli adottanti valutare la convenienza del servizio blockchain che utilizzano. Infine, l'assenza di quadri giuridici chiari pone ulteriori rischi per le imprese.
Al fine di promuovere una comprensione più profonda, critica, e scevra da conflitti di interesse, delle implicazioni della blockchain per la tracciabilità, la Tesi avanza la proposta di un modello di Tripla Elica per la Regione Marche che incoraggi collaborazioni tra il mondo accademico, il settore industriale e le istituzioni governative, facilitate da intermediari dell'innovazione. Questo approccio enfatizza la necessità di decisioni informate, quadri giuridici chiari e collaborazioni strategiche per un'adozione consapevole della blockchain.
Per quanto riguarda le implicazioni gestionali, le PMI della regione Marche dovrebbero adottare un approccio prudente verso la blockchain a causa dell'attuale assenza di prove conclusive sui benefici e sui costi di questa tecnologia. È inoltre consigliabile che queste aziende diano priorità alla digitalizzazione delle proprie catene di fornitura utilizzando tecnologie consolidate prima di prendere in considerazione l'adozione della blockchain. In aggiunta, si suggerisce di ricercare informazioni imparziali sulla blockchain, di valutare attentamente i compromessi insiti nel trilemma della blockchain, di assicurarsi di avere accesso diretto ai dati di performance del servizio blockchain utilizzato e di comprendere le implicazioni legali dell'uso di tale tecnologia.
Le implicazioni a livello di politiche pubbliche evidenziano la necessità di ambienti normativi capaci di adattarsi per sostenere la sperimentazione con la blockchain e gli sforzi collaborativi, nonché l'importanza di iniziative educative volte a migliorare la comprensione della blockchain.
Le direzioni per la ricerca futura includono la necessità di studi interdisciplinari che confrontino la blockchain con le soluzioni di tracciabilità esistenti, esplorino l'impatto degli aspetti giuridici e testino in modo rigoroso le preferenze dei consumatori per prodotti tracciati con blockchain assicurandosi che i partecipanti ai sondaggi ed esperimenti ricevano una descrizione equilibrata delle potenzialità e delle limitazioni di questa tecnologia