Blockchain-enhanced Roots-of-Trust

Establishing a root-of-trust is a key early step in establishing trust throughout the lifecycle of a device, notably by attesting the running software. A key technique is to use hardware security in the form of specialised modules or hardware functions such as TPMs. However, even if a device supports such features, other steps exist that can compromise the overall trust model between devices being manufactured until decommissioning. In this paper, we discuss how blockchains, and smart contracts in particular, can be used to harden the overall security management both in the case of existing hardware enhanced security or when only software attestation is possible

Blockchain's adoption in IoT: The challenges, and a way forward

© 2018 Elsevier Ltd The underlying technology of Bitcoin is blockchain, which was initially designed for financial value transfer only. Nonetheless, due to its decentralized architecture, fault tolerance and cryptographic security benefits such as pseudonymous identities, data integrity and authentication, researchers and security analysts around the world are focusing on the blockchain to resolve security and privacy issues of IoT. However, presently, not much work has been done to assess blockchain's viability for IoT and the associated challenges. Hence, to arrive at intelligible conclusions, this paper carries out a systematic study of the peculiarities of the IoT environment including its security and performance requirements and progression in blockchain technologies. We have identified the gaps by mapping the security and performance benefits inferred by the blockchain technologies and some of the blockchain-based IoT applications against the IoT requirements. We also discovered some practical issues involved in the integration of IoT devices with the blockchain. In the end, we propose a way forward to resolve some of the significant challenges to the blockchain's adoption in IoT

Blockchain Technology and its Applications Across Multiple Domains: A Survey

Blockchain technology has become an active area of research and a technological option for many businesses and industrial communities. With its distributed, decentralized, and trustless nature, blockchain can provide businesses with new opportunities and benefits through increased efficiency, reduced costs, enhanced integrity and transparency, better security, and improved traceability. Although blockchain’s largest applications have been in the finance and banking sector, we now see experiments and proposed applications in different fields. This paper provides an overview of blockchain technology; it brings together all the key design features, characteristics, and benefits of blockchain that make it a superior and unique technology, and it presents the popular consensus protocols and taxonomy of blockchain systems. Additionally, the paper surveys blockchain-based applications across multiple domains such as in finance, insurance, supply chain management, energy, advertising and media, real estate and healthcare. It aims at examining the industries’ key issues, blockchain solutions and use cases. The paper highlights three broad limitations that blockchain technology presents: scalability, security, and regulation, and shows how these challenges could impact blockchain application and adoption

Blockchain Oracles

Plokiahelatehnoloogia on osutunud paljude tööstusharude potentsiaalseks lammutajaks ning on saanud eraldiseisvate üksuste jaoks turvalise ja detsentraliseeritud toimimise võimaldajaks. Sellest hoolimata ei ole plokiahelatehnoloogia iseenesest väliste andmeallikatega otseselt seotud. Vajalikke väliseid andmeid vahendatakse oraaklite abil. Selle magistritöö eesmärk on uurida seoseid plokiahela võrkude ja oraaklite vahel ning töötada välja raamistik, mis aitab plokiahela arendajaid ja otsuste langetajaid nende plokiahela projektides millestki juhinduda. Mõnedes olemasolevates oraakliprojektides on kirjeldatud sarnaseid püüdluseid, kuid seni pole nende autorid süstemaatiliste ülevaadeteni jõudnud. Lõputöös esitatud raamistik on välja töötatud olemasolevate oraaklitega seotud plokiahela projektide süstemaatilise kirjanduse ülevaate põhjal. See hõlmab selliseid komponente nagu oraaklite poolt kogutud informatsiooni tüübid, plokiahelavõrgud, millega nad suhtlevad, ning ka oraaklite ja andmeallika vahelise suhtluse krüptimine. Lisaks mängib plokiahela oraakli projektides olulist rolli ka oraaklite otsuste tegemine, mis kajastab teabe edastamist oraaklile, nende andmete kontrollimist ja meetodeid, kuidas oraakleid integreeritakse plokiahela võrkudega. Läbivaatamise tulemused näitavad, et plokiahela oraaklid on keerulised lahendused, mis hõlmavad paljusid komponente ja aspekte. Need võivad olla immateriaalsed või materiaalsed ning edastada andmeid vastavalt veebist või anduriseadmetest. Oraakleid saab kasutada igat tüüpi plokiahela võrkudes ja integreerida erinevates formaatides, sealhulgas nutikates lepinguliidestes, või otse teiste plokiahela-sõlmedega. Neid saab otsustusprotsessides tsentraliseerida või detsentraliseerida ja nad suudavad kasutada andmete õigsuse üle otsustamiseks mitmesuguseid olemasolevaid nõuandemehhanisme või usaldada lihtsalt välist andmepakkujat. Need uurimise tulemused aitavad plokiahela arendajatel demüstifitseerida oraaklite potentsiaalset kasutamist või rakendamist oma plokiahela projektides ning aitavad ületada lõhet plokiahela virtuaalse maailma ja väliste keskkondade vahel.Blockchain technology has emerged as a potential disruptor of multiple industries and became an enabler for separate entities to trans-act in a secure and decentralized manner. Nevertheless, the blockchain technology in itself does not directly interact with the external data sources. External data, that is needed, is transferred by means of oracles. The research goal of this thesis is to explore the relationship between blockchain networks and oracles and develop a framework to help guide blockchain developers and decision makers in their blockchain projects. Few of the existing oracle projects have described similar efforts in their papers, but no systematic review has been made by authors. The framework, presented in the thesis, is developed based on Systematic Literature Review of existing blockchain projects involving oracles. It includes components such as type of information oracles collect, blockchain networks with which they interact as well as encryption of communication between the oracles and the data source. Additionally, oracle decision making, which captures how the information is passed to the oracle, along with the verification of that data and methods of integration of oracles with blockchain networks, play an important role in blockchain oracle projects. The results of the review demonstrate that blockchain oracles are complex solutions involving multiple components and aspects. They can be intangible or tangible and transport data from web or sensor devices respectively. Oracles can be used in all types of blockchain networks and integrated in different formats including custom smart contract interfaces or directly with blockchain nodes. They can be centralized or decentralized in terms of decision making and utilize various existing consensus mechanisms to decide on correctness of the data or simply trust the external data provider. These findings will help the blockchain developers demystify the potential usage or implementation of oracles in their blockchain projects and help bridge the gap between the virtual world of blockchain and the external environments

Architecting a Blockchain-Based Framework for the Internet of Things

Traditionally, Internet-of-Things (IoT) solutions are based on centralized infrastructures, which necessitate high-end servers for handling and transferring data. Centralized solutions incur high costs associated to maintaining centralized servers, and do not provide built-in guarantees against security threats and trust issues. Therefore, it is an essential research problem to mitigate the aforementioned problems by developing new methods for IoT decentralisation. In recent years, blockchain technology, the underlying technology of Bitcoin, has attracted research interest as the potential missing link towards building a truly decentralized, trustless and secure environment for the IoT. Nevertheless, employing blockchain in the IoT has significant issues and challenges, related to scalability since all transactions logged in a blockchain undergo a decentralized consensus process. This thesis presents the design and implementation of a blockchain-based decentralized IoT framework that can leverage the inherent security characteristics of blockchains, while addressing the challenges associated with developing such a framework. This decentralized IoT framework aims to employ blockchains in combination with other peer-to-peer mechanisms to provide: access control; secure IoT data transfer; peer-to-peer data-sharing business models; and secure end-to-end IoT communications, without depending upon a centralized intermediary for authentication or data handling. This framework uses a multi-tiered blockchain architecture with a control-plane/data-plane split, in that the bulk data is transferred through peer-to-peer data transfer mechanisms, and blockchains are used to enforce terms and conditions and store relevant timestamped metadata. Implementations of the blockchain-based framework have been presented in a multitude of use-cases, to observe the framework's viability and adaptability in real-world scenarios. These scenarios involved traceability in supply chains, IoT data monetization and security in end-to-end communications.With all the potential applications of the blockchain-based framework within the IoT, this thesis takes a step towards the goal of a truly decentralized IoT

ChainSplitter: Towards Blockchain-based Industrial IoT Architecture for Supporting Hierarchical Storage

The fast developing Industrial Internet of Things (IIoT) technologies provide a promising opportunity to build large-scale systems to connect numerous heterogeneous devices into the Internet. Most existing IIoT infrastructures are based on a centralized architecture, which is easier for management but cannot effectively support immutable and verifiable services among multiple parties. Blockchain technology provides many desired features for large-scale IIoT infrastructures, such as decentralization, trustworthiness, trackability, and immutability. This paper presents a blockchain-based IIoT architecture to support immutable and verifiable services. However, when applying blockchain technology to the IIoT infrastructure, the required storage space posts a grant challenge to resource-constrained IIoT infrastructures. To address the storage issue, this paper proposes a hierarchical blockchain storage structure, \textit{ChainSplitter}. Specially, the proposed architecture features a hierarchical storage structure where the majority of the blockchain is stored in the clouds, while the most recent blocks are stored in the overlay network of the individual IIoT networks. The proposed architecture seamlessly binds local IIoT networks, the blockchain overlay network, and the cloud infrastructure together through two connectors, the \textit{blockchain connector} and the \textit{cloud connector}, to construct the hierarchical blockchain storage. The blockchain connector in the overlay network builds blocks in blockchain from data generated in IIoT networks, and the cloud connector resolves the blockchain synchronization issues between the overlay network and the clouds. We also provide a case study to show the efficiency of the proposed hierarchical blockchain storage in a practical Industrial IoT case

Droplet: Decentralized Authorization for IoT Data Streams

This paper presents Droplet, a decentralized data access control service, which operates without intermediate trust entities. Droplet enables data owners to securely and selectively share their encrypted data while guaranteeing data confidentiality against unauthorized parties. Droplet's contribution lies in coupling two key ideas: (i) a new cryptographically-enforced access control scheme for encrypted data streams that enables users to define fine-grained stream-specific access policies, and (ii) a decentralized authorization service that handles user-defined access policies. In this paper, we present Droplet's design, the reference implementation of Droplet, and experimental results of three case-study apps atop of Droplet: Fitbit activity tracker, Ava health tracker, and ECOviz smart meter dashboard