Application of Blockchain Technology for iLearning Student Assessment

Blockchain is the core technology used to create cryptocurrencies, such as Bitcoin. As one part of the fourth industrial Revolution since the invention of steam engines, electricity, and information technology, blockchain technology has begun to be applied in areas such as finance, judiciary, and trade. Blockchain technology uses decentralized, distributed and transparency techniques for data security. This research aims to determine the implementation of blockchain technology in the field of education, especially in the Data Security section. The study uses two methods namely the mind mapping method and literature review. The results of this study showed that with the presence of blockchain technology, the data is more secure from attacks from both inside and outside because it passes through two levels of security, namely encryption and decentralized data

A blockchain-IoT platform for the smart pallet pooling management

Pallet management as a backbone of logistics and supply chain activities is essential to supply chain parties, while a number of regulations, standards and operational constraints are considered in daily operations. In recent years, pallet pooling has been unconventionally advocated to manage pallets in a closed-loop system to enhance the sustainability and operational effectiveness, but pitfalls in terms of service reliability, quality compliance and pallet limitation when using a single service provider may occur. Therefore, this study incorporates a decentralisation mechanism into the pallet management to formulate a technological eco-system for pallet pooling, namely Pallet as a Service (PalletaaS), raised by the foundation of consortium blockchain and Internet of things (IoT). Consortium blockchain is regarded as the blockchain 3.0 to facilitate more industrial applications, except cryptocurrency, and the synergy of integrating a consortium blockchain and IoT is thus investigated. The corresponding layered architecture is proposed to structure the system deployment in the industry, in which the location-inventory-routing problem for pallet pooling is formulated. To demonstrate the values of this study, a case analysis to illustrate the human–computer interaction and pallet pooling operations is conducted. Overall, this study standardises the decentralised pallet management in the closed-loop mechanism, resulting in a constructive impact to sustainable development in the logistics industry

Blockchain Securities Issues: Decentralized Identity System With Key Management Perspective

Blockchain was created many years ago to solve the problems of data transfer Integrity, several years later the issues persist. Blockchain securities are one of the most important considerations to be investigated, and data integrity is about ensuring the accuracy and validity of messages such that when they are read, they are the same as when they were first written. It is of the opinion that passing information across from one person to another cannot be the same as it was first said at the onset. Our work investigated Blockchain security issues, studying Integrity emanating from transactions across the blocks and how to deal with the securities issues. It also investigated decentralization and issues in blockchain to investigate how to mitigate the security issues associated with blockchain. It further discusses the use of key management in solving security issues in blockchain, viewing different key management systems of private and public keys, and solutions in addressing the blockchain problems. Lastly, we contributed the use of Decentralized Identity systems (DIDs) into the blockchain where we use a unique identifier, “ID.me” to verifier the individual credentials before any transaction, this was done by sending a digital ID through the issuer to the verifier to authenticate the integrity and identity of the holder and this proof worthy of protecting the information and maintaining the privacy of the user of the blockchain technology

Achieving cybersecurity in blockchain-based systems: a survey

With The Increase In Connectivity, The Popularization Of Cloud Services, And The Rise Of The Internet Of Things (Iot), Decentralized Approaches For Trust Management Are Gaining Momentum. Since Blockchain Technologies Provide A Distributed Ledger, They Are Receiving Massive Attention From The Research Community In Different Application Fields. However, This Technology Does Not Provide With Cybersecurity By Itself. Thus, This Survey Aims To Provide With A Comprehensive Review Of Techniques And Elements That Have Been Proposed To Achieve Cybersecurity In Blockchain-Based Systems. The Analysis Is Intended To Target Area Researchers, Cybersecurity Specialists And Blockchain Developers. For This Purpose, We Analyze 272 Papers From 2013 To 2020 And 128 Industrial Applications. We Summarize The Lessons Learned And Identify Several Matters To Foster Further Research In This AreaThis work has been partially funded by MINECO, Spain grantsTIN2016-79095-C2-2-R (SMOG-DEV) and PID2019-111429RB-C21 (ODIO-COW); by CAM, Spain grants S2013/ICE-3095 (CIBERDINE),P2018/TCS-4566 (CYNAMON), co-funded by European Structural Funds (ESF and FEDER); by UC3M-CAM grant CAVTIONS-CM-UC3M; by the Excellence Program for University Researchers, Spain; and by Consejo Superior de Investigaciones Científicas (CSIC), Spain under the project LINKA20216 (“Advancing in cybersecurity technologies”, i-LINK+ program)

Blockchain-IoT peer device storage optimization using an advanced time-variant multi-objective particle swarm optimization algorithm

The integration of Internet of Things devices onto the Blockchain implies an increase in the transactions that occur on the Blockchain, thus increasing the storage requirements. A solution approach is to leverage cloud resources for storing blocks within the chain. The paper, therefore, proposes two solutions to this problem. The first being an improved hybrid architecture design which uses containerization to create a side chain on a fog node for the devices connected to it and an Advanced Time‑variant Multi‑objective Particle Swarm Optimization Algorithm (AT‑MOPSO) for determining the optimal number of blocks that should be transferred to the cloud for storage. This algorithm uses time‑variant weights for the velocity of the particle swarm optimization and the non‑dominated sorting and mutation schemes from NSGA‑III. The proposed algorithm was compared with results from the original MOPSO algorithm, the Strength Pareto Evolutionary Algorithm (SPEA‑II), and the Pareto Envelope‑based Selection Algorithm with region‑based selection (PESA‑II), and NSGA‑III. The proposed AT‑MOPSO showed better results than the aforementioned MOPSO algorithms in cloud storage cost and query probability optimization. Importantly, AT‑MOPSO achieved 52% energy efficiency compared to NSGA‑III. To show how this algorithm can be applied to a real‑world Blockchain system, the BISS industrial Blockchain architecture was adapted and modified to show how the AT‑MOPSO can be used with existing Blockchain systems and the benefits it provides

Cybersecurity applications of Blockchain technologies

With the increase in connectivity, the popularization of cloud services, and the rise of the Internet of Things (IoT), decentralized approaches for trust management are gaining momentum. Since blockchain technologies provide a distributed ledger, they are receiving massive attention from the research community in different application fields. However, this technology does not provide cybersecurity by itself. Thus, this thesis first aims to provide a comprehensive review of techniques and elements that have been proposed to achieve cybersecurity in blockchain-based systems. The analysis is intended to target area researchers, cybersecurity specialists and blockchain developers. We present a series of lessons learned as well. One of them is the rise of Ethereum as one of the most used technologies. Furthermore, some intrinsic characteristics of the blockchain, like permanent availability and immutability made it interesting for other ends, namely as covert channels and malicious purposes. On the one hand, the use of blockchains by malwares has not been characterized yet. Therefore, this thesis also analyzes the current state of the art in this area. One of the lessons learned is that covert communications have received little attention. On the other hand, although previous works have analyzed the feasibility of covert channels in a particular blockchain technology called Bitcoin, no previous work has explored the use of Ethereum to establish a covert channel considering all transaction fields and smart contracts. To foster further defence-oriented research, two novel mechanisms are presented on this thesis. First, Zephyrus takes advantage of all Ethereum fields and smartcontract bytecode. Second, Smart-Zephyrus is built to complement Zephyrus by leveraging smart contracts written in Solidity. We also assess the mechanisms feasibility and cost. Our experiments show that Zephyrus, in the best case, can embed 40 Kbits in 0.57 s. for US$1.64, and retrieve them in 2.8 s. Smart-Zephyrus, however, is able to hide a 4 Kb secret in 41 s. While being expensive (around US$ 1.82 per bit), the provided stealthiness might be worth the price for attackers. Furthermore, these two mechanisms can be combined to increase capacity and reduce costs.Debido al aumento de la conectividad, la popularización de los servicios en la nube y el auge del Internet de las cosas (IoT), los enfoques descentralizados para la gestión de la confianza están cobrando impulso. Dado que las tecnologías de cadena de bloques (blockchain) proporcionan un archivo distribuido, están recibiendo una atención masiva por parte de la comunidad investigadora en diferentes campos de aplicación. Sin embargo, esta tecnología no proporciona ciberseguridad por sí misma. Por lo tanto, esta tesis tiene como primer objetivo proporcionar una revisión exhaustiva de las técnicas y elementos que se han propuesto para lograr la ciberseguridad en los sistemas basados en blockchain. Este análisis está dirigido a investigadores del área, especialistas en ciberseguridad y desarrolladores de blockchain. A su vez, se presentan una serie de lecciones aprendidas, siendo una de ellas el auge de Ethereum como una de las tecnologías más utilizadas. Asimismo, algunas características intrínsecas de la blockchain, como la disponibilidad permanente y la inmutabilidad, la hacen interesante para otros fines, concretamente como canal encubierto y con fines maliciosos. Por una parte, aún no se ha caracterizado el uso de la blockchain por parte de malwares. Por ello, esta tesis también analiza el actual estado del arte en este ámbito. Una de las lecciones aprendidas al analizar los datos es que las comunicaciones encubiertas han recibido poca atención. Por otro lado, aunque trabajos anteriores han analizado la viabilidad de los canales encubiertos en una tecnología blockchain concreta llamada Bitcoin, ningún trabajo anterior ha explorado el uso de Ethereum para establecer un canal encubierto considerando todos los campos de transacción y contratos inteligentes. Con el objetivo de fomentar una mayor investigación orientada a la defensa, en esta tesis se presentan dos mecanismos novedosos. En primer lugar, Zephyrus aprovecha todos los campos de Ethereum y el bytecode de los contratos inteligentes. En segundo lugar, Smart-Zephyrus complementa Zephyrus aprovechando los contratos inteligentes escritos en Solidity. Se evalúa, también, la viabilidad y el coste de ambos mecanismos. Los resultados muestran que Zephyrus, en el mejor de los casos, puede ocultar 40 Kbits en 0,57 s. por 1,64 US$, y recuperarlos en 2,8 s. Smart-Zephyrus, por su parte, es capaz de ocultar un secreto de 4 Kb en 41 s. Si bien es cierto que es caro (alrededor de 1,82 dólares por bit), el sigilo proporcionado podría valer la pena para los atacantes. Además, estos dos mecanismos pueden combinarse para aumentar la capacidad y reducir los costesPrograma de Doctorado en Ciencia y Tecnología Informática por la Universidad Carlos III de MadridPresidente: José Manuel Estévez Tapiador.- Secretario: Jorge Blasco Alís.- Vocal: Luis Hernández Encina

A Distributed Audit Trail for the Internet of Things

Sharing Internet of Things (IoT) data over open-data platforms and digital data marketplaces can reduce infrastructure investments, improve sustainability by reducing the required resources, and foster innovation. However, due to the inability to audit the authenticity, integrity, and quality of IoT data, third-party data consumers cannot assess the trustworthiness of received data. Therefore, it is challenging to use IoT data obtained from third parties for quality-relevant applications. To overcome this limitation, the IoT data must be auditable. Distributed Ledger Technology (DLT) is a promising approach for building auditable systems. However, the existing solutions do not integrate authenticity, integrity, data quality, and location into an all-encompassing auditable model and only focus on specific parts of auditability. This thesis aims to provide a distributed audit trail that makes the IoT auditable and enables sharing of IoT data between multiple organizations for quality relevant applications. Therefore, we designed and evaluated the Veritaa framework. The Veritaa framework comprises the Graph of Trust (GoT) as distributed audit trail and a DLT to immutably store the transactions that build the GoT. The contributions of this thesis are summarized as follows. First, we designed and evaluated the GoT a DLT-based Distributed Public Key Infrastructure (DPKI) with a signature store. Second, we designed a Distributed Calibration Certificate Infrastructure (DCCI) based on the GoT, which makes quality-relevant maintenance information of IoT devices auditable. Third, we designed an Auditable Positioning System (APS) to make positions in the IoT auditable. Finally, we designed an Location Verification System (LVS) to verify location claims and prevent physical layer attacks against the APS. All these components are integrated into the GoT and build the distributed audit trail. We implemented a real-world testbed to evaluate the proposed distributed audit trail. This testbed comprises several custom-built IoT devices connectable over Long Range Wide Area Network (LoRaWAN) or Long-Term Evolution Category M1 (LTE Cat M1), and a Bluetooth Low Energy (BLE)-based Angle of Arrival (AoA) positioning system. All these low-power devices can manage their identity and secure their data on the distributed audit trail using the IoT client of the Veritaa framework. The experiments suggest that a distributed audit trail is feasible and secure, and the low-power IoT devices are capable of performing the required cryptographic functions. Furthermore, the energy overhead introduced by making the IoT auditable is limited and reasonable for quality-relevant applications

Architecting a Blockchain-Based Framework for the Internet of Things

Traditionally, Internet-of-Things (IoT) solutions are based on centralized infrastructures, which necessitate high-end servers for handling and transferring data. Centralized solutions incur high costs associated to maintaining centralized servers, and do not provide built-in guarantees against security threats and trust issues. Therefore, it is an essential research problem to mitigate the aforementioned problems by developing new methods for IoT decentralisation. In recent years, blockchain technology, the underlying technology of Bitcoin, has attracted research interest as the potential missing link towards building a truly decentralized, trustless and secure environment for the IoT. Nevertheless, employing blockchain in the IoT has significant issues and challenges, related to scalability since all transactions logged in a blockchain undergo a decentralized consensus process. This thesis presents the design and implementation of a blockchain-based decentralized IoT framework that can leverage the inherent security characteristics of blockchains, while addressing the challenges associated with developing such a framework. This decentralized IoT framework aims to employ blockchains in combination with other peer-to-peer mechanisms to provide: access control; secure IoT data transfer; peer-to-peer data-sharing business models; and secure end-to-end IoT communications, without depending upon a centralized intermediary for authentication or data handling. This framework uses a multi-tiered blockchain architecture with a control-plane/data-plane split, in that the bulk data is transferred through peer-to-peer data transfer mechanisms, and blockchains are used to enforce terms and conditions and store relevant timestamped metadata. Implementations of the blockchain-based framework have been presented in a multitude of use-cases, to observe the framework's viability and adaptability in real-world scenarios. These scenarios involved traceability in supply chains, IoT data monetization and security in end-to-end communications.With all the potential applications of the blockchain-based framework within the IoT, this thesis takes a step towards the goal of a truly decentralized IoT

ENABLING FIRMS IN THE MARCHE REGION TO UNDERSTAND BLOCKCHAIN FOR SUPPLY CHAIN TRACEABILITY THROUGH A TRIPLE HELIX APPROACH.

La presente Tesi esplora come le imprese, particolarmente le PMI, situate nella regione Marche, possono sfruttare le potenzialità offerte dalla tecnologia blockchain per accrescere la propria competitività. Originariamente concepita per permettere transazioni di valore diretto tra pari senza intermediari, la blockchain è stata proposta per applicazioni oltre l'ambito delle criptovalute per la registrazione di dati in modo immutabile e trasparente. La promessa che sottende l'uso della blockchain è quella di superare la mancanza di fiducia che permea diversi settori, abolendo la necessità di fiducia interpersonale e di intermediari fidati. Particolarmente rilevante è il suo impiego nelle catene di fornitura, dove promette di garantire trasparenza nella tracciabilità dei prodotti, anche per quelli del Made in Italy. Considerando l'importanza che le imprese del Made in Italy rivestono per l'economia marchigiana, questa Tesi si focalizza sulle potenzialità della blockchain nella tracciabilità delle catene di fornitura di tali prodotti. Nonostante i molti benefici teorici discussi nella letteratura accademica, l'implementazione della blockchain per la tracciabilità si scontra con due sfide principali. Primo, l'accuratezza dei dati inseriti da fonti esterne, che può richiedere relazioni di fiducia preesistenti e il coinvolgimento di intermediari per la verifica dei dati, reintroducendo paradossalmente la necessità di fiducia e di intermediari che la blockchain mira a eliminare. Secondo, la scalabilità limitata ostacola la memorizzazione di grandi quantità di dati sulle blockchain. Le soluzioni proposte per affrontare la bassa scalabilità, come la memorizzazione off-chain e le blockchain di tipo permissioned, potenzialmente compromettono i principi di decentralizzazione e sicurezza che sono i fondamenti della blockchain. Una scarsità di studi empirici lascia spazio allo scetticismo riguardo la reale capacità della blockchain di eliminare la necessità di fiducia e intermediari nelle catene di fornitura. Vista la scarsità di studi empirici che attestino l'efficacia della blockchain per la tracciabilità, questa Tesi adotta un approccio esplorativo e qualitativo, basato su interviste e sondaggi, per raccogliere evidenze concrete sull'uso della blockchain da parte delle imprese Made in Italy e comprenderne le opportunità e le sfide. Dai risultati emerge che la blockchain per la tracciabilità è adottata dalle imprese del Made in Italy come strumento di marketing business-to-consumer, nonostante il rischio di perdita di dati con la memorizzazione off-chain e l’utilizzo di blockchain pubbliche di terza generazione che impiegano algoritmi di consenso che aumentano la scalabilità a spese di decentralizzazione e sicurezza. Inoltre, nel comprendere e adottare la blockchain per la tracciabilità, le imprese del Made in Italy si affidano quasi completamente a consulenti e fornitori di servizi blockchain, che potrebbero avere un conflitto di interessi nel promuovere la blockchain in una maniera che non tiene conto delle sue limitazioni. La mancanza di accesso diretto ai dati di performance della blockchain rende difficile per gli adottanti valutare la convenienza del servizio blockchain che utilizzano. Infine, l'assenza di quadri giuridici chiari pone ulteriori rischi per le imprese. Al fine di promuovere una comprensione più profonda, critica, e scevra da conflitti di interesse, delle implicazioni della blockchain per la tracciabilità, la Tesi avanza la proposta di un modello di Tripla Elica per la Regione Marche che incoraggi collaborazioni tra il mondo accademico, il settore industriale e le istituzioni governative, facilitate da intermediari dell'innovazione. Questo approccio enfatizza la necessità di decisioni informate, quadri giuridici chiari e collaborazioni strategiche per un'adozione consapevole della blockchain. Per quanto riguarda le implicazioni gestionali, le PMI della regione Marche dovrebbero adottare un approccio prudente verso la blockchain a causa dell'attuale assenza di prove conclusive sui benefici e sui costi di questa tecnologia. È inoltre consigliabile che queste aziende diano priorità alla digitalizzazione delle proprie catene di fornitura utilizzando tecnologie consolidate prima di prendere in considerazione l'adozione della blockchain. In aggiunta, si suggerisce di ricercare informazioni imparziali sulla blockchain, di valutare attentamente i compromessi insiti nel trilemma della blockchain, di assicurarsi di avere accesso diretto ai dati di performance del servizio blockchain utilizzato e di comprendere le implicazioni legali dell'uso di tale tecnologia. Le implicazioni a livello di politiche pubbliche evidenziano la necessità di ambienti normativi capaci di adattarsi per sostenere la sperimentazione con la blockchain e gli sforzi collaborativi, nonché l'importanza di iniziative educative volte a migliorare la comprensione della blockchain. Le direzioni per la ricerca futura includono la necessità di studi interdisciplinari che confrontino la blockchain con le soluzioni di tracciabilità esistenti, esplorino l'impatto degli aspetti giuridici e testino in modo rigoroso le preferenze dei consumatori per prodotti tracciati con blockchain assicurandosi che i partecipanti ai sondaggi ed esperimenti ricevano una descrizione equilibrata delle potenzialità e delle limitazioni di questa tecnologia