Abstract

۱٫ Introduction

۲٫ Background and related works

۳٫ Context

۴٫ Trust of biot services

۵٫ Blockchain certificates

۶٫ Usage architecture

۷٫ An application example and evaluation

۸٫ Experiments

۹٫ Discussion and conclusion

References

Abstract

     The advancement of hardware, software, and Internet infrastructure leads to the increasing quantities of smart Internet of Things (IoT) devices. Meanwhile, security issues have increasingly brought to us the concerns due to the evolving IoT scope and mass communications. Trusting service vendors depends on their devices that generate information and provide executions. Blockchain becomes an attractive choice, as evidenced by its wide adoptions. However, trusting IoT-based services becomes an important issue since the implementation of Blockchain-based IoT (BIoT) services is proprietary and independent. This paper introduces a generic architecture design that incorporates Public Key Infrastructure (PKI) to establish trust of BIoT services. This can potentially solve the trust problem and based on our experiment it can be scaled well. We also demonstrate how specification languages can be useful to express requirements. It decouples users from Blockchain and thus they can specify qualities of BIoT services without deep knowledge to work with Blockchain.

Introduction

     In recent years, numerous studies have been conducted on Internet of Things (IoT) and Blockchain integration. Since IoT is now getting broader, many new security issues arise, whereas the existing ones are getting more intense. One security vulnerability might have a high impact on many devices and a simple attack can be very devastating.

     Despite of a lot of security concerns, the benefits of IoT outweigh the challenging security problems (Wu et al. 2018). The future of IoT is expected to revolutionise our society. Complex applications begin to rely on the collaborations of multiple IoT devices that can deliver more personalised local services to users. Interconnecting tons of IoT devices raises many security issues. IoT is not secure-by-design. The interoperation of IoTbased services leverages the risks of security attacks. Many attempts that apply traditional security mechanisms to IoT are facing difficulties and limitations to handle high-volume communications, decentralisation and scarcity of resources, which in many cases makes complex operations such as encryption impossible (Viriyasitavat, Anuphaptrirong, and Hoonsopon 2019; Wu et al. 2018). Other common security incidents found in IoT include privacy, insecure interface, unencrypted communications and physical security (Viriyasitavat, Anuphaptrirong, and Hoonsopon 2019). Therefore, these devices are more vulnerable to attacks than endpoint devices such as smartphones, tablets or computers (Khan and Salah 2018).

Discussion and conclusion

     This section concludes our work and identify major challenges the capability of our approach to respond to the problems. Trust of BIoT services largely depends on Blockchain implementation and configuration. BIoT services are dynamically composed of proprietary devices with various configurations. Most of them employ permission Blockchain and an underlying system. Our approach employs PKI to establish trust of this type of service, which can reduce risk and influence the prevalent use of BIoT services.  In the users’ point of view, trust is subjected to their requirements that are initially issued as constraints before deciding to use a service. Using the same service from different users may be subject to different requirements. In our approach, a specification language is employed to mathematically capture the requirements and certificates are used to endorse properties of validators and BIoT services. The main reason of using PKI is the robustness. PKI has been widely and successfully used for verification of identities and deployed into various fields that require certification of information. Certifying BIoT services and validators is relatively an extended idea from original PKI. However, some challenges of our approach are discussed below.