Identity and Access Management Resilience against Intentional Risk for Blockchain-Based IOT Platforms

Some Internet of Things (IoT) platforms use blockchain to transport data. The value proposition of IoT is the connection to the Internet of a myriad of devices that provide and exchange data to improve people’s lives and add value to industries. The blockchain technology transfers data and value in an immutable and decentralised fashion. Security, composed of both non-intentional and intentional risk management, is a fundamental design requirement for both IoT and blockchain. We study how blockchain answers some of the IoT security requirements with a focus on intentional risk. The review of a sample of security incidents impacting public blockchains confirm that identity and access management (IAM) is a key security requirement to build resilience against intentional risk. This fact is also applicable to IoT solutions built on a blockchain. We compare the two IoT platforms based on public permissionless distributed ledgers with the highest market capitalisation: IOTA, run on an alternative to a blockchain, which is a directed acyclic graph (DAG); and IoTeX, its contender, built on a blockchain. Our objective is to discover how we can create IAM resilience against intentional risk in these IoT platforms. For that, we turn to complex network theory: a tool to describe and compare systems with many participants. We conclude that IoTeX and possibly IOTA transaction networks are scale-free. As both platforms are vulnerable to attacks, they require resilience against intentional risk. In the case of IoTeX, DIoTA provides a resilient IAM solution. Furthermore, we suggest that resilience against intentional risk requires an IAM concept that transcends a single blockchain. Only with the interplay of edge and global ledgers can we obtain data integrity in a multi-vendor and multi-purpose IoT network.

Download Full-text

Blockchain as a mean to secure Internet of Things ecosystems – a systematic literature review

Journal of Enterprise Information Management ◽

10.1108/jeim-12-2020-0533 ◽

2021 ◽

Vol ahead-of-print (ahead-of-print) ◽

Author(s):

Mazen El-Masri ◽

Eiman Mutwali Abdelmageed Hussain

Keyword(s):

Internet Of Things ◽

Literature Review ◽

Language Processing ◽

Systematic Literature Review ◽

Relevant Literature ◽

Security Requirements ◽

Security Threats ◽

Iot Security ◽

Content Type ◽

Blockchain Technology

PurposeBlockchain is evolving to become a platform for securing Internet of things (IoT) ecosystems. Still, challenges remain. The purpose of this literature review is to highlight the applicability of blockchain as a medium to secure IoT ecosystems. A two-dimensional framework anchored on (1) IoT layers and (2) security goals is used to organize the existent IoT security threats and their corresponding countermeasures identified in the reviewed literature. The framework helped in mapping the IoT security threats with the inherent features of blockchain and accentuate their prominence to IoT security.Design/methodology/approachAn approach integrating computerized natural language processing (NLP) with a systematic literature review methodology was adopted. A large corpus of 2,303 titles and abstracts of blockchain articles was programmatically analyzed in order to identify the relevant literature. The identified literature was subjected to a systematic review guided by a well-established method in IS research.FindingsThe literature evidently highlights the prominence of blockchain as a mean to IoT security due to the distinctive features it encompasses. The authors’ investigation revealed that numerous existent threats are better addressed with blockchain than conventional mechanisms. Nevertheless, blockchain consumes resources such as electricity, time, bandwidth and disk space at a rate that is not yet easily accessible to common IoT ecosystems.Research limitations/implicationsResults suggest that a configurational approach that aligns IoT security requirements with the resource requirements of different blockchain features is necessary in order to realize the proper balance between security, efficiency and feasibility.Practical implicationsPractitioners can make use of the classified lists of convention security mechanisms and the IoT threats they address. The framework can help underline the countermeasures that best achieve their security goals. Practitioners can also use the framework to identify the most important features to seek for in a blockchain technology that can help them achieve their security goals.Originality/valueThis study proposes a novel framework that can help classify IoT threats based on the IoT layer impacted and the security goal at risk. Moreover, it applies a combined man-machine approach to systematically analyze the literature.

Download Full-text

Towards a Decentralized Access Control System for IoT Platforms based on Blockchain Technology

2020 International Symposium on Networks, Computers and Communications (ISNCC) ◽

10.1109/isncc49221.2020.9297174 ◽

2020 ◽

Author(s):

Dana Haj Hussein ◽

Ragunath Anbarasu ◽

Ashraf Matrawy ◽

Mohamed Ibnkahla

Keyword(s):

Control System ◽

Access Control ◽

Blockchain Technology ◽

Access Control System ◽

Iot Platforms

Download Full-text

An Overview of Blockchain Technology for Identity and Access Management in the IoT Ecosystem

10.1109/comsnets53615.2022.9668412 ◽

2022 ◽

Author(s):

Rajesh S M ◽

Santosh Pattar ◽

Prabha R ◽

Manjula S H

Keyword(s):

Access Management ◽

Blockchain Technology

Download Full-text

The application of graph theoretical analysis to complex networks in medical malpractice: Lessons learned from China (Preprint)

10.2196/preprints.35709 ◽

2021 ◽

Author(s):

Shengjie Dong ◽

Chenshu Shi ◽

Zhiying Jia ◽

Minye Dong ◽

Yuyin Xiao ◽

...

Keyword(s):

Informed Consent ◽

Medical Malpractice ◽

Semantic Network ◽

Lessons Learned ◽

World Health ◽

Complex Network Theory ◽

Scale Free ◽

Interactive Behavior ◽

Technical Errors ◽

Malpractice Claims

BACKGROUND Studies have shown that hospitals or physicians with multiple malpractice claims are more likely to be involved in new claims; this finding indicates that medical malpractice may be clustered by institutions. OBJECTIVE We aimed to identify common factors that contribute to developing interventions to reduce future claims and patient harm. METHODS This study implemented a null hypothesis whereby malpractice claims are random events—attributable to bad luck with random frequency. As medical malpractice is a complex issue, thus, this study applied the complex network theory, which provided the methodological support for understanding interactive behavior in medical malpractice. Specifically, this study extracted the semantic network in 6610 medical litigation records (unstructured data) obtained from a public judicial database in China; they represented the most serious cases of malpractice in the country. The medical malpractice network of China (MMNC) was presented as a knowledge graph; it employs the International Classification of Patient Safety from the World Health Organization as a reference. RESULTS We found that the MMNC was a scale-free network: the occurrence of medical malpractice in litigation cases was not random, but traceable. The results of the hub nodes revealed that orthopedics, obstetrics and gynecology, and emergency department were the three most frequent specialties that incurred malpractice; inadequate informed consent work constituted the most errors. Non-technical errors (e.g. inadequate informed consent) showed a higher centrality than technical errors. CONCLUSIONS Hospitals and medical boards could apply our approach to detect hub nodes that are likely to benefit from interventions; doing so could effectively control medical risks. CLINICALTRIAL Not applicable

Download Full-text

Blockchain Technology - Based Solutions for IOT Security

Iraqi Journal for Computer Science and Mathematics ◽

10.52866/ijcsm.2022.01.01.006 ◽

2022 ◽

pp. 53-63

Author(s):

Israa Al_Barazanchi ◽

Aparna Murthy ◽

Ahmad AbdulQadir Al Rababah ◽

Ghadeer Khader ◽

Haider Rasheed Abdulshaheed ◽

...

Keyword(s):

Data Privacy ◽

Smart Contracts ◽

Iot Security ◽

Security Issues ◽

Iot Applications ◽

Blockchain Technology ◽

Private Data ◽

Long Time ◽

It Applications

Blockchain innovation has picked up expanding consideration from investigating and industry over the later a long time. It permits actualizing in its environment the smart-contracts innovation which is utilized to robotize and execute deals between clients. Blockchain is proposed nowadays as the unused specialized foundation for a few sorts of IT applications. Blockchain would aid avoid the duplication of information because it right now does with Bitcoin and other cryptocurrencies. Since of the numerous hundreds of thousands of servers putting away the Bitcoin record, it’s impossible to assault and alter. An aggressor would need to change the record of 51 percent of all the servers, at the precise same time. The budgetary fetched of such an assault would distantly exceed the potential picks up. The same cannot be said for our private data that lives on single servers possessed by Google and Amazon. In this paper, we outline major Blockchain technology that based as solutions for IOT security. We survey and categorize prevalent security issues with respect to IoT data privacy, in expansion to conventions utilized for organizing, communication, and administration. We diagram security necessities for IoT together with the existing scenarios for using blockchain in IoT applications.

Download Full-text

Blockchain as an Enabler for Zero-Trust Architectures

Real-Time and Retrospective Analyses of Cyber Security - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-3979-8.ch008 ◽

2021 ◽

pp. 234-263

Keyword(s):

Supply Chain ◽

Cyber Security ◽

Fourth Dimension ◽

Access Management ◽

Security Controls ◽

Blockchain Technology ◽

Control Sets ◽

Critical Areas ◽

New Strategy ◽

Finger Printing

From the lessons that can be learned so far in this book, the author justifies why a new strategy is required to refocus our perception and utilization of computerized capabilities in the future. Chapter 8 focuses on the advancement of the cyber security discipline by determining trust-less control-sets – a fourth dimension if you will, comprising blockchain technology. Blockchain has been implemented in fungible forms, such as public bitcoin and Ethereum, and in a non-fungible manner like private keyless signature infrastructure. It is the latter that is of particular interest, where proven implementations have the potential to demonstrably act as a verifiable trust anchor, embellishing cyber security controls in a number of critical areas to ensure (1) preservation of data integrity, (2) digital finger printing of IoT assets to prove the source of data is trustworthy, (3) validation of identity and access management mechanisms, and (4) software provenance in the supply chain for not only traditional code-bases but also AI algorithms.

Download Full-text

Towards the Integration of Blockchain and IoT for Security Challenges in IoT

Transforming Businesses With Bitcoin Mining and Blockchain Applications - Advances in Finance, Accounting, and Economics ◽

10.4018/978-1-7998-0186-3.ch003 ◽

2020 ◽

pp. 45-67 ◽

Cited By ~ 1

Author(s):

K. Dinesh Kumar ◽

Venkata Rathnam T. ◽

Venkata Ramana R. ◽

M. Sudhakara ◽

Ravi Kumar Poluru

Keyword(s):

Internet Of Things ◽

Security Management ◽

Vital Role ◽

Management Systems ◽

Iot Security ◽

Communication Architecture ◽

Secure Systems ◽

Security Issues ◽

Blockchain Technology ◽

Iot Devices

Internet of things (IoT) technology plays a vital role in the current technologies because IoT develops a network by integrating different kinds of objects and sensors to create the communication among objects directly without human interaction. With the presence of internet of things technology in our daily comes smart thinking and various advantages. At the same time, secure systems have been a most important concern for the protection of information systems and networks. However, adopting traditional security management systems in the internet of things leads several issues due to the limited privacy and policies like privacy standards, protocol stacks, and authentication rules. Usually, IoT devices has limited network capacities, storage, and computing processors. So they are having more chances to attacks. Data security, privacy, and reliability are three main challenges in the IoT security domain. To address the solutions for the above issues, IoT technology has to provide advanced privacy and policies in this large incoming data source. Blockchain is one of the trending technologies in the privacy management to provide the security. So this chapter is focused on the blockchain technologies which can be able to solve several IoT security issues. This review mainly focused on the state-of-the-art IoT security issues and vulnerabilities by existing review works in the IoT security domains. The taxonomy is presented about security issues in the view of communication, architecture, and applications. Also presented are the challenges of IoT security management systems. The main aim of this chapter is to describe the importance of blockchain technology in IoT security systems. Finally, it highlights the future directions of blockchain technology roles in IoT systems, which can be helpful for further improvements.

Download Full-text

A Unified Architecture for Industrial IoT Security Requirements in Open Platform Communications

2019 24th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA) ◽

10.1109/etfa.2019.8869524 ◽

2019 ◽

Cited By ~ 2

Author(s):

Gerhard Hansch ◽

Peter Schneider ◽

Kai Fischer ◽

Konstantin Bottinger

Keyword(s):

Security Requirements ◽

Iot Security ◽

Open Platform ◽

Industrial Iot

Download Full-text

An In-Depth Analysis of IoT Security Requirements, Challenges, and Their Countermeasures via Software-Defined Security

IEEE Internet of Things Journal ◽

10.1109/jiot.2020.2997651 ◽

2020 ◽

Vol 7 (10) ◽

pp. 10250-10276

Author(s):

Waseem Iqbal ◽

Haider Abbas ◽

Mahmoud Daneshmand ◽

Bilal Rauf ◽

Yawar Abbas Bangash

Keyword(s):

Security Requirements ◽

Iot Security ◽

Depth Analysis

Download Full-text

Modeling and Simulation for Complex Network Based Military System-of-Systems (SoS)

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.145.224 ◽

2011 ◽

Vol 145 ◽

pp. 224-228 ◽

Cited By ~ 2

Author(s):

Xiao Song ◽

Bing Cheng Liu ◽

Guang Hong Gong

Keyword(s):

Modeling And Simulation ◽

Complex Network ◽

Network Topology ◽

Network Theory ◽

Small World ◽

System Of Systems ◽

Statistical Parameters ◽

Complex Network Theory ◽

Scale Free ◽

Topology Model

Military SoS increasingly shows its relation of complex network. According to complex network theory, we construct a SoS network topology model for network warfare simulation. Analyzing statistical parameters of the model, it is concluded that the topology model has small-world, high-aggregation and scale-free properties. Based on this model we mainly simulate and analyze vulnerability of the network. And this provides basis for analysis of the robustness and vulnerability of real battle SoS network.

Download Full-text