Blockchains and Smart Contracts for the Internet of Things
TL;DR: The conclusion is that the blockchain-IoT combination is powerful and can cause significant transformations across several industries, paving the way for new business models and novel, distributed applications.
Abstract: Motivated by the recent explosion of interest around blockchains, we examine whether they make a good fit for the Internet of Things (IoT) sector. Blockchains allow us to have a distributed peer-to-peer network where non-trusting members can interact with each other without a trusted intermediary, in a verifiable manner. We review how this mechanism works and also look into smart contracts—scripts that reside on the blockchain that allow for the automation of multi-step processes. We then move into the IoT domain, and describe how a blockchain-IoT combination: 1) facilitates the sharing of services and resources leading to the creation of a marketplace of services between devices and 2) allows us to automate in a cryptographically verifiable manner several existing, time-consuming workflows. We also point out certain issues that should be considered before the deployment of a blockchain network in an IoT setting: from transactional privacy to the expected value of the digitized assets traded on the network. Wherever applicable, we identify solutions and workarounds. Our conclusion is that the blockchain-IoT combination is powerful and can cause significant transformations across several industries, paving the way for new business models and novel, distributed applications.
Citations
More filters
TL;DR: Wang et al. as discussed by the authors used Tobit regression to conduct a quantitative analysis on the influencing factors of the acceptance and adoption of relevant text content on Zhihu platform and found that four factors are significant at a confidence level of 0.1.
21 citations
TL;DR: In this article , a blockchain-based remote mutual authentication (B-RMA) is proposed for IoT-based sustainable information systems, which considers smart devices and cloud networks to offer security and privacy.
Abstract: Internet of Things (IoT) has led to significant advancements in communication technologies, specifically, concerning IoT-based sustainable information systems. Lately, industry-academic communities have made great strides for the development of security in IoT-based applications, such as traffic management, industrial automation systems, military surveillance systems, transportation, parking, etc. The sustainable IoT converges AI and blockchain technologies for enhancing quality of individual’s life. As a result, emerging IoT applications operate a distributed ledger technology to provide robust-level of encryption and execution for contractual agreement that resolves interoperability and security issues. Thus, this article proposes a blockchain-based remote mutual authentication (B-RMA) that considers smart devices and cloud networks to offer security and privacy. The proposed B-RMA can coexist with the IoT-based smart environment to decentralize the processing of user authentication requests. The prominence of the proposed strategies including security efficiency and privacy protection, is evaluated using informal security analysis. Moreover, a runtime platform “Node.js” was used to analyze the communication metrics, such as execution time, throughput, and overhead ratio, over the concurrent requests. The investigation results prove that the B-RMA achieves a scalable environment, accordingly.
21 citations
TL;DR: A blockchain provides a solution that does not require trusted third parties, works in a distributed eHealth environment, and supports document removal, and is based on a blockchain using the Practical Byzantine Fault Tolerant algorithm.
Abstract: (1) Background: Large eHealth systems should have a mechanism to detect unauthorized changes in patients’ medical documentation, access permissions, and logs. This is due to the fact that modern eHealth systems are connected with many healthcare providers and sites. (2) Methods: Design-science methodology was used to create an integrity-protection service model based on blockchain technology. Based on the problem of transactional transparency, requirements were specified and a model was designed. After that, the model’s security and performance were evaluated. (3) Results: a blockchain-based eHealth integrity model for ensuring information integrity in eHealth systems that uses a permissioned blockchain with off-chain information storage was created. In contrast to existing solutions, the proposed model allows information removal, which in many countries’ eHealth systems is a legal requirement, and is based on a blockchain using the Practical Byzantine Fault Tolerant algorithm. (4) Conclusion: A blockchain can be used to store medical data or only security-related data. In the proposed model, a blockchain is mainly used to implement a data-integrity service. This service can be implemented using other mechanisms, but a blockchain provides a solution that does not require trusted third parties, works in a distributed eHealth environment, and supports document removal.
20 citations
Cites background from "Blockchains and Smart Contracts for..."
...To begin with, the PoW consensus in practice requires a blockchain that supports cryptocurrency [24]....
[...]
...The PoW and PoS algorithms cannot be used as, in practice, they can only be applied to cryptocurrencies [24]....
[...]
Journal Article•
TL;DR: The security risks associated with data storage in cyber-physical systems are analyzed and the use of blockchain technology is proposed to ensure the secure storage of data in CPS to provide batch addition/removal and non-membership proof.
Abstract: As cyber-physical systems (CPS) flourish, the data security issues it encounters have increasingly become a research focus in the field. And it has received widespread attention from academia and industry. Blockchain technology has the characteristics of decentralization, openness, transparency, reliability and non-tampering. It has natural advantages in solving the security of the CPS. Thus, this paper first analyzes the security risks associated with data storage in cyber-physical systems and proposes the use of blockchain technology to ensure the secure storage of data in CPS. In traditional blockchains, the data layer uses Merkle hash trees to store data; however, the Merkle hash tree cannot batch add/delete and provide non-membership proof. In order to solve this problem, this paper improves the accumulator and uses the combination of accumulator and Merkle hash tree to provide batch addition/removal and non-membership proof. This paper constructs a Merkle hash tree accumulator, and proves that the scheme is feasible through correctness and security.
20 citations
Cites background from "Blockchains and Smart Contracts for..."
...Since the first smart contract platform known as Ethereum [21] was released in 2015, smart contracts have gradually become one of the most innovative topics in the blockchain field....
[...]
01 Aug 2018
TL;DR: This paper proposes a new efficient authentication scheme for fog computing architecture that ensures mutual authentication and remedies to fog servers' misbehaviors, and provides a low overhead in terms of storage capacity.
Abstract: Fog computing is a new paradigm which extends cloud computing services into the edge of the network Indeed, it aims to pool edge resources in order to deal with cloud's shortcomings such as latency problems However, this proposal does not ensure the honesty and the good behavior of edge devices Thus, security places itself as an important challenge in front of this new proposal Authentication is the entry point of any security system, which makes it an important security service Traditional authentication schemes endure latency issues and some of them do not satisfy fog-computing requirements such as mutual authentication between end devices and fog servers Thus, new authentication protocols need to be implemented In this paper, we propose a new efficient authentication scheme for fog computing architecture Our scheme ensures mutual authentication and remedies to fog servers' misbehaviors Moreover, fog servers need to hold only a couple of information to verify the authenticity of every user in the system Thus, it provides a low overhead in terms of storage capacity Finally, we show through experimentation the efficiency of our scheme
20 citations
Cites background from "Blockchains and Smart Contracts for..."
...Indeed, to falsify one block yet validated, one needs to realize the same heavy validation process for this block and all its subsequent blocks [13]....
[...]
References
More filters
TL;DR: The Albanian Generals Problem as mentioned in this paper is a generalization of Dijkstra's dining philosophers problem, where two generals have to come to a common agreement on whether to attack or retreat, but can communicate only by sending messengers who might never arrive.
Abstract: I have long felt that, because it was posed as a cute problem about philosophers seated around a table, Dijkstra’s dining philosopher’s problem received much more attention than it deserves. (For example, it has probably received more attention in the theory community than the readers/writers problem, which illustrates the same principles and has much more practical importance.) I believed that the problem introduced in [41] was very important and deserved the attention of computer scientists. The popularity of the dining philosophers problem taught me that the best way to attract attention to a problem is to present it in terms of a story. There is a problem in distributed computing that is sometimes called the Chinese Generals Problem, in which two generals have to come to a common agreement on whether to attack or retreat, but can communicate only by sending messengers who might never arrive. I stole the idea of the generals and posed the problem in terms of a group of generals, some of whom may be traitors, who have to reach a common decision. I wanted to assign the generals a nationality that would not offend any readers. At the time, Albania was a completely closed society, and I felt it unlikely that there would be any Albanians around to object, so the original title of this paper was The Albanian Generals Problem. Jack Goldberg was smart enough to realize that there were Albanians in the world outside Albania, and Albania might not always be a black hole, so he suggested that I find another name. The obviously more appropriate Byzantine generals then occurred to me. The main reason for writing this paper was to assign the new name to the problem. But a new paper needed new results as well. I came up with a simpler way to describe the general 3n+1-processor algorithm. (Shostak’s 4-processor algorithm was subtle but easy to understand; Pease’s generalization was a remarkable tour de force.) We also added a generalization to networks that were not completely connected. (I don’t remember whose work that was.) I also added some discussion of practical implementation details.
5,208 citations
TL;DR: In this article, a group of generals of the Byzantine army camped with their troops around an enemy city are shown to agree upon a common battle plan using only oral messages, if and only if more than two-thirds of the generals are loyal; so a single traitor can confound two loyal generals.
Abstract: Reliable computer systems must handle malfunctioning components that give conflicting information to different parts of the system. This situation can be expressed abstractly in terms of a group of generals of the Byzantine army camped with their troops around an enemy city. Communicating only by messenger, the generals must agree upon a common battle plan. However, one or more of them may be traitors who will try to confuse the others. The problem is to find an algorithm to ensure that the loyal generals will reach agreement. It is shown that, using only oral messages, this problem is solvable if and only if more than two-thirds of the generals are loyal; so a single traitor can confound two loyal generals. With unforgeable written messages, the problem is solvable for any number of generals and possible traitors. Applications of the solutions to reliable computer systems are then discussed.
4,901 citations
[...]
TL;DR: It is shown that, without a logically centralized authority, Sybil attacks are always possible except under extreme and unrealistic assumptions of resource parity and coordination among entities.
Abstract: Large-scale peer-to-peer systems face security threats from faulty or hostile remote computing elements. To resist these threats, many such systems employ redundancy. However, if a single faulty entity can present multiple identities, it can control a substantial fraction of the system, thereby undermining this redundancy. One approach to preventing these "Sybil attacks" is to have a trusted agency certify identities. This paper shows that, without a logically centralized authority, Sybil attacks are always possible except under extreme and unrealistic assumptions of resource parity and coordination among entities.
4,816 citations
"Blockchains and Smart Contracts for..." refers background in this paper
...Because of the Sybil attack [15], consensus in public networks is costly...
[...]
...anyone can join though, this would be catastrophic because of the Sybil attack [15]: a single entity could join with multiple identities, get multiple votes, and thus influence the network to favor this entity’s interests....
[...]
22 Feb 1999
TL;DR: A new replication algorithm that is able to tolerate Byzantine faults that works in asynchronous environments like the Internet and incorporates several important optimizations that improve the response time of previous algorithms by more than an order of magnitude.
Abstract: This paper describes a new replication algorithm that is able to tolerate Byzantine faults. We believe that Byzantinefault-tolerant algorithms will be increasingly important in the future because malicious attacks and software errors are increasingly common and can cause faulty nodes to exhibit arbitrary behavior. Whereas previous algorithms assumed a synchronous system or were too slow to be used in practice, the algorithm described in this paper is practical: it works in asynchronous environments like the Internet and incorporates several important optimizations that improve the response time of previous algorithms by more than an order of magnitude. We implemented a Byzantine-fault-tolerant NFS service using our algorithm and measured its performance. The results show that our service is only 3% slower than a standard unreplicated NFS.
3,562 citations
"Blockchains and Smart Contracts for..." refers background or methods in this paper
...5If more than 3f + 1 nodes are used, then the quorum thresholds listed in [26] may lead to forks....
[...]
...Tendermint vs PBFT—Tendermint....
[...]
...Sieve [38], a mechanism used in the HyperLedger Fabric project, augments the PBFT algorithm [26] by adding speculative execution and verification phases, inspired by the execute-verify architecture presented in [39]....
[...]
...Tendermint [32] provides BFT tolerance and is similar to the PBFT algorithm; however it provides a tighter guarantee with regards to the results returned to the client when more than one third of the nodes are faulty, and allows for a dynamically changing set of set of validators, and leaders that can be rotated in a round-robin manner, among other optimizations [33]....
[...]
...PBFT works on the assumption that less than one third of the nodes are faulty (f ), which is why say that it requires at least5 3f + 1 nodes....
[...]
Proceedings Article•
19 Jun 2014TL;DR: Raft is a consensus algorithm for managing a replicated log that separates the key elements of consensus, such as leader election, log replication, and safety, and it enforces a stronger degree of coherency to reduce the number of states that must be considered.
Abstract: Raft is a consensus algorithm for managing a replicated log. It produces a result equivalent to (multi-)Paxos, and it is as efficient as Paxos, but its structure is different from Paxos; this makes Raft more understandable than Paxos and also provides a better foundation for building practical systems. In order to enhance understandability, Raft separates the key elements of consensus, such as leader election, log replication, and safety, and it enforces a stronger degree of coherency to reduce the number of states that must be considered. Results from a user study demonstrate that Raft is easier for students to learn than Paxos. Raft also includes a new mechanism for changing the cluster membership, which uses overlapping majorities to guarantee safety.
1,811 citations
"Blockchains and Smart Contracts for..." refers methods in this paper
...popular Raft algorithm [30], is used as a consensus mechanism in Juno [31]....
[...]