KYoT: Self-sovereign IoT Identification with a Physically Unclonable Function

The integration of Internet-of-Things (IoT) and Blockchains (BC) for trusted and decentralized approaches enabled modern use cases, such as supply chain tracing, smart cities, and IoT data marketplaces. For these it is essential to identify reliably IoT devices, since the producer-consumer trust is not guaranteed by a Trusted Third Party (TTP). Therefore, this work proposes a Know Your IoT device platform (KYoT), which enables the self-sovereign identification of IoT devices on the Ethereum BC. KYoT permits manufacturers and device owners to register and verify IoT devices in a self-sovereign fashion, while data storage security is ensured. KYoT deploys an SRAM-based (Static Random Access Memory) Physically Unclonable Function (PUF), which takes advantage of the manufacturing variability of devices’ SRAM chips to derive a unique identifying key for each IoT device. The self-sovereign identification mechanism introduced is based on the ERC 734 and ERC 735 Ethereum identity standards

A System Proposal for Information Management in Building Sector Based on BIM, SSI, IoT and Blockchain

This work presents a Self Sovereign Identity based system proposal to show how Blockchain, Building Information Modeling, Internet of Thing devices, and Self Sovereign Identity concepts can support the process of building digitalization, guaranteeing the compliance standards and technical regulations. The proposal ensures eligibility, transparency and traceability of all information produced by stakeholders, or generated by IoT devices appropriately placed, during the entire life cycle of a building artifact. By exploiting the concepts of the Self Sovereign Identity, our proposal allows the identification of all involved stakeholders, the storage off-chain of all information, and that on-chain of the sole data necessary for the information notarization and certification, adopting multi-signature approval mechanisms where appropriate. In addition it allows the eligibility verification of the certificated information, providing also useful information for facility management. It is proposed as an innovative system and companies that adopt the Open Innovation paradigm might want to pursue it. The model proposal is designed exploiting the Veramo platform, hence the Ethereum Blockchain, and all the recommendations about Self Sovereign Identity systems given by the European Blockchain Partnership, and by the World Wide Web Consortium

Pay as You Go: A Generic Crypto Tolling Architecture

The imminent pervasive adoption of vehicular communication, based on dedicated short-range technology (ETSI ITS G5 or IEEE WAVE), 5G, or both, will foster a richer service ecosystem for vehicular applications. The appearance of new cryptography based solutions envisaging digital identity and currency exchange are set to stem new approaches for existing and future challenges. This paper presents a novel tolling architecture that harnesses the availability of 5G C-V2X connectivity for open road tolling using smartphones, IOTA as the digital currency and Hyperledger Indy for identity validation. An experimental feasibility analysis is used to validate the proposed architecture for secure, private and convenient electronic toll payment

Blockchain-based trust management and authentication of devices in smart grid

The digitalization of the power grid and advancement in intelligent technologies have enabled the service provider to convert the existing electrical grid into a smart grid. The transformation of the grid will help in integrating cleaner energy technologies with energy management to improve power network efficiency. Internet of things (IoT) and various network components need to be deployed to harness the full potential of the smart grid. Also, integrating intermittent renewable energy sources, energy storage, intelligent control of selected power-intensive loads, etc will improve energy efficiency. But deployment of this information and communication technologies will make the grid more vulnerable to cyber attacks from hackers. In this work, blockchain-based self-sovereign identification and authentication technique is presented to avert identity theft and masquerading. The proposed approach can minimize the chances of identity-based security breaches in the smart grid. This paper provides an overview of the model of identification and authentication of IoT devices in Smart Grid based on Blockchain technology. The Blockchain based implementation of identification and authentication of devices is proposed to validate the model in the distributed electrical energy network. The model is able to authenticate the device using Blockchain in a trusted model. The system works according to plan validating the authenticity of transaction in a node in log(n) time, which justifies presented result.publishedVersio

Enabling Identity for the IoT-as-a-Service Business Model

The IoT-as-a-Service (IoTaaS) business model has already been identified by some people from both industry and academia, but has not been formally defined. IoTaaS offers IoT devices on demand, with considerable cost savings and resource optimization. In addition, it enables different applications to reuse the existing devices. However, this business model is associated with different technological challenges that need to be addressed, one of which is the identity problem. Focusing on this, self-sovereign identity (SSI) schemes have proven to provide better privacy and scalability than traditional identity paradigms, which is especially important in the IoT owing to its characteristics. In this paper, we formally analyze an IoTaaS business model, identifying and detailing its main technological challenges. In addition, we tackle the identity problem of this business model and propose an SSI-based identity management system, which is compliant with the existing standards from the W3C, and include a performance evaluation.This work was supported in part by the Basque Country Government through the Collaborative Research Grants Program in Strategic Areas (ELKARTEK) Program by the Project TRUSTIND under Grant KK-2020/00054 and in part by the Spanish Government-Ministry of Science and Innovation through the Project AI4ES-2021 under Grant CER-20211030 and through the Project SICRAC under Grant PID2020-114495RB-I0

The Cybersecurity Aspects of New Entities Need a Cybernetic, Holistic Perspective

In our connected world security and proof (evidence constituted in Verifiable Credentials (VC, W3C)) is distributed over what an individual can attest, what my objects tell about me (that is why AI = inferences from that data, is so important), and my behavior: “apply shaving foam” is a number in coelition.org. It is clear that we can no longer isolate the notion of security as in securing devices or securing infrastructure. In this brief article which is the background to a number of workshops that the authors and the Journal will host together, we sketch what we believe to be the end of a paradigm of a government model that has outsourced capabilities to the market. It is in the process of privatizing its last public capability: identity management. This is causing tremendous stress in systems, services, organizational procedures, and individuals. We propose a holistic perspective, distributing security at two points: at the device level and a moral movement at a societal level. As a time out to create room to discuss this broadly, we propose a particular model of SSI and disposable identities