Blockchain for IoT Access Control: Recent Trends and Future Research Directions

With the rapid development of wireless sensor networks, smart devices, and traditional information and communication technologies, there is tremendous growth in the use of Internet of Things (IoT) applications and services in our everyday life. IoT systems deal with high volumes of data. This data can be particularly sensitive, as it may include health, financial, location, and other highly personal information. Fine-grained security management in IoT demands effective access control. Several proposals discuss access control for the IoT, however, a limited focus is given to the emerging blockchain-based solutions for IoT access control. In this paper, we review the recent trends and critical needs for blockchain-based solutions for IoT access control. We identify several important aspects of blockchain, including decentralised control, secure storage and sharing information in a trustless manner, for IoT access control including their benefits and limitations. Finally, we note some future research directions on how to converge blockchain in IoT access control efficiently and effectively

Internet of Thing Based Confidential Healthcare Data Storage, Access Control and Monitoring Using Blockchain Technique

Internet of Things plays a significant role in multiple sectors like agriculture, manufacturing and healthcare for collecting information to automation. The collected information is in different diversity and consists of confidential and non-confidential information. Secure handling of confidential data is a crucial task in cloud computing like storage, access control and monitoring. The blockchain based storage technique provides immutable data storage, efficient access control and dynamic monitoring to confidential data. Thus, the secure internet of things data storage, access control and monitoring using blockchain technique is proposed in this work. The patients health information that are in different formats are pruned by a decision tree algorithm and it classifies the confidential data and non-confidential data by the fuzzy rule classification technique. Depending on data owner's willing, the fuzzy rule is framed and the confidential and non-confidential data collected by internet of things sensors are classified. To provide confidentiality to confidential data, Attribute Based Encryption is applied to confidential data and stored in an off-chain mode of blockchain instead of entire data encryption and storage. The non-confidential data is stored in a plaintext form in cloud storage. When compared to support vector machine, K-nearest neighbor and Naive Bayes classification techniques, the proposed fuzzy rule based confidential data identification produces greater than 96 % of accuracy based on data owner willing and confidential data storage takes lesser than 20 % of storage space and processing time in an entire data storage. Additionally, the blockchain performances like throughput, network scalability and latency is optimized through minimal block size and transactions. Thus, our experimental results show that the proposed blockchain based internet of things data storage, access control and monitoring technique provides better confidentiality and access control to confidential data than the conventional cloud storage technique with lesser processing time

Mobility Support 5G Architecture with Real-Time Routing for Sustainable Smart Cities

[EN] The Internet of Things (IoT) is an emerging technology and provides connectivity among physical objects with the support of 5G communication. In recent decades, there have been a lot of applications based on IoT technology for the sustainability of smart cities, such as farming, e-healthcare, education, smart homes, weather monitoring, etc. These applications communicate in a collaborative manner between embedded IoT devices and systematize daily routine tasks. In the literature, many solutions facilitate remote users to gather the observed data by accessing the stored information on the cloud network and lead to smart systems. However, most of the solutions raise significant research challenges regarding information sharing in mobile IoT networks and must be able to stabilize the performance of smart operations in terms of security and intelligence. Many solutions are based on 5G communication to support high user mobility and increase the connectivity among a huge number of IoT devices. However, such approaches lack user and data privacy against anonymous threats and incur resource costs. In this paper, we present a mobility support 5G architecture with real-time routing for sustainable smart cities that aims to decrease the loss of data against network disconnectivity and increase the reliability for 5G-based public healthcare networks. The proposed architecture firstly establishes a mutual relationship among the nodes and mobile sink with shared secret information and lightweight processing. Secondly, multi-secured levels are proposed to protect the interaction with smart transmission systems by increasing the trust threshold over the insecure channels. The conducted experiments are analyzed, and it is concluded that their performance significantly increases the information sustainability for mobile networks in terms of security and routing.Rehman, A.; Haseeb, K.; Saba, T.; Lloret, J.; Ahmed, Z. (2021). Mobility Support 5G Architecture with Real-Time Routing for Sustainable Smart Cities. Sustainability. 13(16):1-16. https://doi.org/10.3390/su13169092S116131

Blockchain-Based Access Control Techniques for IoT Applications

The Internet of Things is gaining more importance in the present era of Internet technology. It is considered as one of the most important technologies of everyday life. Moreover, IoT systems are ceaselessly growing with more and more devices. They are scalable, dynamic, and distributed, hence the origin of the crucial security requirements in IoT. One of the most challenging issues that the IoT community must handle recently is how to ensure an access control approach that manages the security requirements of such a system. Traditional access control technologies are not suitable for a large-scale and distributed network structure. Most of them are based on a centralized approach, where the use of a trusted third party (TTP) is obligatory. Furthermore, the emergence of blockchain technology has allowed researchers to come up with a solution for these security issues. This technology is highly used to record access control data. Additionally, it has great potential for managing access control requests. This paper proposed a blockchain-based access control taxonomy according to the access control nature: partially decentralized and fully decentralized. Furthermore, it presents an overview of blockchain-based access control solutions proposed in different IoT applications. Finally, the article analyzes the proposed works according to certain criteria that the authors deem important

Reputation Driven Dynamic Access Control Framework for IoT atop PoA Ethereum Blockchain

Security and Scalability are two major challenges that IoT is currently facing. Access control to critical IoT infrastructure is considered as top security challenge that IoT faces. Data generated by IoT devices may be driving many hard real time systems, thus it is of utmost importance to guarantee integrity and authenticity of the data and resources at the first place itself. Due to heterogeneous and constrained nature of IoT devices, traditional IoT security frameworks are not able to deliver scalable, efficient and manageable mechanisms to meet the requirements of IoT devices. On the other hand Blockchain technology has shown great potential to bridge the missing gap towards building a truly decentralized, trustworthy, secure and scalable environment for IoT. Allowing access to IoT resources and data managed through Blockchain will provide an additional security layer backed by the strongest cryptographic algorithms available. In this work we present a reputation driven dynamic access control framework for small scale IoT applications based on Proof of Authority Blockchain, we name it as Rep-ACM. In RepACM framework we build two major services, one for Reputation building (for better IoT device behaviour regulations) and other for Misbehaviour detection (for detecting any Misbehaviour on object resource usage). Both of these services work in coordination with other services of proposed framework to determine who can access what and under what conditions access should be granted. For Proof of Concept (PoC) we created private Ethereum network consisting of two Raspberry Pi single board computers, one desktop computer and a laptop as nodes. We configured Ethereum protocol to use Istanbul Byzantine Fault Tolerance (IBFT) as Proof of Authority (PoA) consensus mechanism for performance optimization in constrained environment. We deployed our model on private network for feasibility and performance analysis

Permissão para partilha seletiva em ambientes IoT

The increasing use of smart devices for monitoring spaces has caused an increase in concerns about the privacy of users of these spaces. Given this problem, the legislation on the right to privacy has been worked to ensure that the existing laws on this subject are sufficiently comprehensive to preserve the privacy of users. In this way, research on this topic evolves in the sense of creating systems that ensure compliance with these laws, that is, increase transparency in the treatment of user data. In the context of this dissertation, a demonstrator-based strategy is presented to provide users control over their stored data during the temporary use of an intelligent environment. In addition, this strategy includes transparency guarantees, highlights the right to forgetting, provides the ability to consent and proof of that consent. A strategy for privacy control in such environments is also mentioned in this paper. This dissertation was developed within the CASSIOPEIA project where the case study focuses on the SmartBnB problem where a user rents a smart home for a limited time. This paper presents the developed system that ensures the user’s privacy and control over their data.O uso crescente de dispositivos inteligentes para monitorização de espaços tem provocado um aumento das preocupações sobre a privacidade dos utilizadores destes espaços. Face a este problema, a legislação sobre o direito à privacidade tem sido trabalhada de forma a garantir que as leis existentes sobre este tema são suficientemente abrangentes para preservar a privacidade dos utilizadores. Desta forma, a investigação neste tópico evolui no sentido de criar sistemas que garantam o cumprimento destas leis, ou seja aumentam a transparência no tratamentos dos dados dos utilizadores. No contexto desta dissertação, é apresentada uma estratégia baseado num demonstrador para fornecer um controlo ao utilizador sobre os seus dados armazenados durante a utilização temporária de um ambiente inteligente. Para além disso, esta estratégia inclui garantias de transparência, evidencia o direito ao esquecimento, fornece a capacidade de consentimento e prova desse consentimento. É também mencionada neste documento uma estratégia para um controlo de privacidade neste tipo de ambientes. Esta dissertação foi desenvolvida no âmbito do projeto CASSIOPEIA onde o caso de estudo se foca no SmartBnB problem onde um utilizador arrenda uma casa inteligente durante um tempo limitado. Este documento apresenta o sistema desenvolvido que garante a privacidade e controlo do utilizador sobre os seus próprios dados.This work is partially funded by NGI Trust, with number 3.85, Pro-ject CASSIOPEIA.Mestrado em Engenharia de Computadores e Telemátic

A Blockchain-based Decentralized, Fair and Authenticated Information Sharing Scheme in Zero Trust Internet-of-Things

This is the author accepted manuscript. The final version is available from IEEE via the DOI in this recordData availability statement: The [code] data used to support the findings of this study have been deposited in the [IEEE DATAPORT] repository ([10.21227/rtmq-t937]).Internet-of-Things (IoT) are increasingly operating in the zero-trust environments where any devices and systems may be compromised and hence untrusted. In addition, data collected by and sent from IoT devices may be shared with edge computing systems in order to reduce the reliance on centralized (cloud) servers, leading to further security and privacy issues. To cope with these challenges, this paper proposes an innovative blockchain-enabled information sharing solution in zero-trust context to guarantee anonymity yet entity authentication, data privacy yet data trustworthiness, and participant stimulation yet fairness. This new solution is able to support filtering of fabricated information through smart contracts, effective voting, and consensus mechanisms, which can prevent unauthenticated participants from sharing garbage information. We also prove the proposed solution is secure in the universal composability framework, and further evaluate its performance over an ETH-based platform to demonstrate its utility.Foundation of Yunnan Key Laboratory of Blockchain Application TechnologyNational Natural Science Foundation of ChinaProvincial Key Research and Development Program of HubeiFoundation of Henan Key Laboratory of Network Cryptography TechnologyFoundation of Hubei Key Laboratory of Intelligent Geo-Information Processin

A survey of empirical performance evaluation of permissioned blockchain platforms: Challenges and opportunities

This is an accepted manuscript of an article published by Elsevier in Computers and Security, available online: https://doi.org/10.1016/j.cose.2020.102078 The accepted version of the publication may differ from the final published version.Blockchain-based platforms, particularly those based on permissioned blockchain, are increasingly popular in a broad range of settings. In addition to security and privacy concerns, organizations seeking to implement such platforms also need to consider performance, especially in latency- or delay-sensitive applications. Performance is generally less studied in comparison to security and privacy, and therefore in this paper we survey existing empirical performance evaluations of different permissioned blockchain platforms published between 2015 and 2019, using a comparative framework. The framework comprises ten criteria. We then conclude the paper with a number of potential future research directions.Published versio

Povećanje bezbednosti i privatnosti integrisanjem sigurnog blokčejn interfejsa u arhitekturu interneta stvari

Internet stvari i blokčejn se smatraju za dve glavne tehnologije današnjice. Smanjenje kašnjena i povezanost sistema je dovelo do veće fleksibilnosti pri korišćenju aplikacija koje se nalaze na udaljenim uređajima. Najveći problem interneta stvari je to da nemaju dovoljno računarskih resusrsa, nedovoljna količina memorije i slabi procesori koji su optimizovani da troše malo energiije sprečavaju korišćenje robusnih algoritama za šifrovanje. Internet stvari se suočava sa mnogim izazovima, kao što su slaba interoperabilnost, bezbednosne ranjivosti, privatnost i nedostatak standarda. U ovom radu daje se predlog korišćenja softverskog interfejsa kao arhitekture sigurnosnog prolaza za pametne uređaje. Sigurnosni interfejs omogućava korišenje jačih kriptografskih algoritama za udaljenje servise pamethih uređaja. Ovaj pristup pobojšava bezbednost podataka koji šalju pametni uređaji korišćenjem kompitablnih algoritama za šifrovanje podataka pre nego što se proslede na udaljenje servise. Pored interfejsa u ovom radu se koristi i blokčejn tehnologiija. Razlog korišćenja blokčejn tehnolgije je da se u mrežu povezanih pametnih uređaja ubaci decentralizacija i autentifikacija. Samom integracijom blokčejna dobija se toliko potrebna anonimnost i fleksibilnost koju trenutni internet stvari nema. Blokčejn štiti interfejs svojim tehnologijama kojima se izbacuje jedna tačka kontrole, beleže se sve transakcije, proverava njihova validnost i samim tim se pruža poverenje među uređajima u jednoj mreži. Rezultat ovog rada je razvoj interfejsa koji daje podršku pametnim uređajima da koriste bilo koji kriptografski algoritam, daje mogućnost mapiranja IP adresa (engl. Internet Protocol address) i na taj način spreče pristup neautorizovani pristup mreži. Pored razvoja interfejsa, blokčejn tehnologija će biti uključena u kompitablnom režimu tako da je efikasna za rad na pametnim uređajima imajući u obzir limitacije sa resursima