Blockchains and Smart Contracts for the Internet of Things
TL;DR: The conclusion is that the blockchain-IoT combination is powerful and can cause significant transformations across several industries, paving the way for new business models and novel, distributed applications.
Abstract: Motivated by the recent explosion of interest around blockchains, we examine whether they make a good fit for the Internet of Things (IoT) sector. Blockchains allow us to have a distributed peer-to-peer network where non-trusting members can interact with each other without a trusted intermediary, in a verifiable manner. We review how this mechanism works and also look into smart contracts—scripts that reside on the blockchain that allow for the automation of multi-step processes. We then move into the IoT domain, and describe how a blockchain-IoT combination: 1) facilitates the sharing of services and resources leading to the creation of a marketplace of services between devices and 2) allows us to automate in a cryptographically verifiable manner several existing, time-consuming workflows. We also point out certain issues that should be considered before the deployment of a blockchain network in an IoT setting: from transactional privacy to the expected value of the digitized assets traded on the network. Wherever applicable, we identify solutions and workarounds. Our conclusion is that the blockchain-IoT combination is powerful and can cause significant transformations across several industries, paving the way for new business models and novel, distributed applications.
Citations
More filters
01 Jul 2018
TL;DR: A novel privacy - preserving framework to facilitate keyword search over encrypted data stored on the blockchain network i.e., Hyperledger-Fabric is presented, which guarantees prominent security and privacy gains.
Abstract: Enabling keyword search directly over the data stored on the blockchain is a desirable technique that can help in the effective utilization of the data while preserving the privacy. Searchable Encryption (SE) is a well-known technique that allows search queries over the encrypted Cloud data, however, existing solutions are based on the assumption of the Cloud Server being “trusted-but-curious” or “honest-but-curious”. This leads to a compelling case to use permissioned blockchain technology to ensure greater levels of security when the Cloud Server is malicious. The amalgamation of SE and permissioned blockchain empowers a client to place complete trust on the Cloud Server and the services it has to offer. This paper presents a novel privacy - preserving framework to facilitate keyword search over encrypted data stored on the blockchain network. The framework for the first time studies SE over a permissioned blockchain network i.e., Hyperledger-Fabric. The SE scheme is privacy-preserving as it is based on probabilistic trapdoors. As a result the framework guarantees prominent security and privacy gains.
17 citations
Cites background from "Blockchains and Smart Contracts for..."
...Similarly, it could have a profound impact on digital voting [7], driverless cars [8] and the Internet of Things (IoT) [9]....
[...]
17 Dec 2018
TL;DR: In this article, the authors examine how the digital revolution is bringing about fundamental changes to the size and scope of firms, and to how they are organized and managed, with a particular focus on public policy.
Abstract: This paper examines how the ‘digital revolution’ (enabled by exponential increases in processing power and connectivity) is bringing about fundamental changes to the size and scope of firms, and to how they are organised and managed. The large, vertically integrated firms of the industrial era are being superseded by narrower, more specialised, firms that link buyers and sellers through digital ‘platforms’. The traditional bureaucratic ways of organising that were invented in the industrial era are gradually being replaced with flatter and more fluid ways of organising. The consequences of these changes are discussed, with a particular focus on public policy. Many of the current tensions between governments and big digital firms—for example, in terms of competition policy, intellectual property rules, and labour laws—are the result of a disconnect between regulations developed during the industrial era and the demands of firms operating by digital era norms. The paper identifies opportunities for institutional innovations to resolve these tensions.
17 citations
TL;DR: The proposed stack allows to speed up the prototyping process and lets the developers focus on coding the product behaviors rather than solving customization issues, as the prototype can be easily converted into an industrially viable solution.
Abstract: The paper presents a novel approach for prototyping interconnected products belonging to the Internet of Things context. The proposed solution aims at merging the benefits provided by monolithic vertical approaches (where all the IoT elements are pre-selected, from the hardware to the cloud) with those of horizontal solutions (that leave the freedom to select the single components and write the integration code). The proposed solution allows to speed up the prototyping process and lets the developers focus on coding the product behaviors rather than solving customization issues. The advantages of the proposed solution goes beyond the prototyping, as the prototype can be easily converted into an industrially viable solution. The paper ends with a real case application where the proposed stack is used for the development of an IoT unit that converts industrial refrigerators into smart connected systems.
17 citations
Cites background from "Blockchains and Smart Contracts for..."
...implemented architecture tamper proof and less vulnerable to hacking [21, 22] (D....
[...]
TL;DR: In this article, the authors propose an access control framework based on blockchain for IoT endpoints, called BorderChain, which can ensure IoT users and services communicate with approved IoT gateways as endpoints and hold verified IoT devices that they need.
Abstract: The Internet of Things (IoT) providers serve better IoT services each year while producing more IoT gateways and devices to expand their services. However, the security of the IoT ecosystem remains an afterthought for most IoT providers. This action results in many cybersecurity breaches in the field, most likely due to the lack of access control mechanisms. In this paper, we propose BorderChain, an access control framework based on blockchain for IoT endpoints. The security protocol guarantees two properties. First, our proposal assures IoT users and services that they communicate with approved IoT gateways as endpoints, holding verified IoT devices that they need. Second, BorderChain also generates access tokens that the IoT service and users can use to query IoT resources legitimately inside the IoT domains. As a result, the protocol can convince IoT domain owners that the system will only authorize IoT requests that they approve. We realize our protocol in the form of a smart contract to allow many IoT entities such as IoT domain owners, IoT devices, IoT gateways, IoT vendors, IoT services, IoT users, and Internet Service Provider (ISP) to collaborate in a unified environment. We then implement entities in BorderChain as Node JS applications connecting to the Ethereum blockchain as our peer-to-peer platform. Based on our performance evaluation using several Raspberry Pi hardware and our private server, we show that BorderChain can process entities’ authentication and authorization requests efficiently using all hardware resources. Finally, we release BorderChain for public use.
17 citations
TL;DR: A framework that allows IoT devices to be securely connected and extended to other devices by automatically evaluating security using blockchain technology and the whitelist is proposed and applied to IoT network simulation environments and observed that the number of devices vulnerable to security was reduced by 48.5% compared with traditional IoT environments.
Abstract: The Internet of things (IoT) technology, which is currently considered the new growth engine of the fourth industrial revolution, affects our daily life and has been applied to various industrial fields. Studies on overcoming the limitations of scalability and stability in a centralized IoT operating environment by employing distributed blockchain technology have been actively conducted. However, the nature of IoT that ensures connectivity with multiple objects at any time and any place increases security threats. Further, it extends the influence of the cyber world into the physical domain, resulting in serious damage to human life and property. Therefore, we aim to study a method to increase the security of IoT devices and effectively extend them simultaneously. To this end, we analyze the authentication methods and limitations of traditional IoT devices and examine cases for improving IoT environments by using blockchain technology. Accordingly, we propose a framework that allows IoT devices to be securely connected and extended to other devices by automatically evaluating security using blockchain technology and the whitelist. The method proposed in this paper restricts the extension of devices vulnerable to security risks by imposing penalties and allows only devices with high security to be securely and quickly authenticated and extended without user intervention. In this study, we applied the proposed method to IoT network simulation environments and observed that the number of devices vulnerable to security was reduced by 48.5% compared with traditional IoT environments.
17 citations
References
More filters
TL;DR: The Albanian Generals Problem as mentioned in this paper is a generalization of Dijkstra's dining philosophers problem, where two generals have to come to a common agreement on whether to attack or retreat, but can communicate only by sending messengers who might never arrive.
Abstract: I have long felt that, because it was posed as a cute problem about philosophers seated around a table, Dijkstra’s dining philosopher’s problem received much more attention than it deserves. (For example, it has probably received more attention in the theory community than the readers/writers problem, which illustrates the same principles and has much more practical importance.) I believed that the problem introduced in [41] was very important and deserved the attention of computer scientists. The popularity of the dining philosophers problem taught me that the best way to attract attention to a problem is to present it in terms of a story. There is a problem in distributed computing that is sometimes called the Chinese Generals Problem, in which two generals have to come to a common agreement on whether to attack or retreat, but can communicate only by sending messengers who might never arrive. I stole the idea of the generals and posed the problem in terms of a group of generals, some of whom may be traitors, who have to reach a common decision. I wanted to assign the generals a nationality that would not offend any readers. At the time, Albania was a completely closed society, and I felt it unlikely that there would be any Albanians around to object, so the original title of this paper was The Albanian Generals Problem. Jack Goldberg was smart enough to realize that there were Albanians in the world outside Albania, and Albania might not always be a black hole, so he suggested that I find another name. The obviously more appropriate Byzantine generals then occurred to me. The main reason for writing this paper was to assign the new name to the problem. But a new paper needed new results as well. I came up with a simpler way to describe the general 3n+1-processor algorithm. (Shostak’s 4-processor algorithm was subtle but easy to understand; Pease’s generalization was a remarkable tour de force.) We also added a generalization to networks that were not completely connected. (I don’t remember whose work that was.) I also added some discussion of practical implementation details.
5,208 citations
TL;DR: In this article, a group of generals of the Byzantine army camped with their troops around an enemy city are shown to agree upon a common battle plan using only oral messages, if and only if more than two-thirds of the generals are loyal; so a single traitor can confound two loyal generals.
Abstract: Reliable computer systems must handle malfunctioning components that give conflicting information to different parts of the system. This situation can be expressed abstractly in terms of a group of generals of the Byzantine army camped with their troops around an enemy city. Communicating only by messenger, the generals must agree upon a common battle plan. However, one or more of them may be traitors who will try to confuse the others. The problem is to find an algorithm to ensure that the loyal generals will reach agreement. It is shown that, using only oral messages, this problem is solvable if and only if more than two-thirds of the generals are loyal; so a single traitor can confound two loyal generals. With unforgeable written messages, the problem is solvable for any number of generals and possible traitors. Applications of the solutions to reliable computer systems are then discussed.
4,901 citations
[...]
TL;DR: It is shown that, without a logically centralized authority, Sybil attacks are always possible except under extreme and unrealistic assumptions of resource parity and coordination among entities.
Abstract: Large-scale peer-to-peer systems face security threats from faulty or hostile remote computing elements. To resist these threats, many such systems employ redundancy. However, if a single faulty entity can present multiple identities, it can control a substantial fraction of the system, thereby undermining this redundancy. One approach to preventing these "Sybil attacks" is to have a trusted agency certify identities. This paper shows that, without a logically centralized authority, Sybil attacks are always possible except under extreme and unrealistic assumptions of resource parity and coordination among entities.
4,816 citations
"Blockchains and Smart Contracts for..." refers background in this paper
...Because of the Sybil attack [15], consensus in public networks is costly...
[...]
...anyone can join though, this would be catastrophic because of the Sybil attack [15]: a single entity could join with multiple identities, get multiple votes, and thus influence the network to favor this entity’s interests....
[...]
22 Feb 1999
TL;DR: A new replication algorithm that is able to tolerate Byzantine faults that works in asynchronous environments like the Internet and incorporates several important optimizations that improve the response time of previous algorithms by more than an order of magnitude.
Abstract: This paper describes a new replication algorithm that is able to tolerate Byzantine faults. We believe that Byzantinefault-tolerant algorithms will be increasingly important in the future because malicious attacks and software errors are increasingly common and can cause faulty nodes to exhibit arbitrary behavior. Whereas previous algorithms assumed a synchronous system or were too slow to be used in practice, the algorithm described in this paper is practical: it works in asynchronous environments like the Internet and incorporates several important optimizations that improve the response time of previous algorithms by more than an order of magnitude. We implemented a Byzantine-fault-tolerant NFS service using our algorithm and measured its performance. The results show that our service is only 3% slower than a standard unreplicated NFS.
3,562 citations
"Blockchains and Smart Contracts for..." refers background or methods in this paper
...5If more than 3f + 1 nodes are used, then the quorum thresholds listed in [26] may lead to forks....
[...]
...Tendermint vs PBFT—Tendermint....
[...]
...Sieve [38], a mechanism used in the HyperLedger Fabric project, augments the PBFT algorithm [26] by adding speculative execution and verification phases, inspired by the execute-verify architecture presented in [39]....
[...]
...Tendermint [32] provides BFT tolerance and is similar to the PBFT algorithm; however it provides a tighter guarantee with regards to the results returned to the client when more than one third of the nodes are faulty, and allows for a dynamically changing set of set of validators, and leaders that can be rotated in a round-robin manner, among other optimizations [33]....
[...]
...PBFT works on the assumption that less than one third of the nodes are faulty (f ), which is why say that it requires at least5 3f + 1 nodes....
[...]
Proceedings Article•
19 Jun 2014TL;DR: Raft is a consensus algorithm for managing a replicated log that separates the key elements of consensus, such as leader election, log replication, and safety, and it enforces a stronger degree of coherency to reduce the number of states that must be considered.
Abstract: Raft is a consensus algorithm for managing a replicated log. It produces a result equivalent to (multi-)Paxos, and it is as efficient as Paxos, but its structure is different from Paxos; this makes Raft more understandable than Paxos and also provides a better foundation for building practical systems. In order to enhance understandability, Raft separates the key elements of consensus, such as leader election, log replication, and safety, and it enforces a stronger degree of coherency to reduce the number of states that must be considered. Results from a user study demonstrate that Raft is easier for students to learn than Paxos. Raft also includes a new mechanism for changing the cluster membership, which uses overlapping majorities to guarantee safety.
1,811 citations
"Blockchains and Smart Contracts for..." refers methods in this paper
...popular Raft algorithm [30], is used as a consensus mechanism in Juno [31]....
[...]