ABSTRACT
One of the biggest challenges for the Internet of Things (IoT) is to bridge the currently fragmented trust domains. The traditional PKI model relies on a common root of trust and does not fit well with the heterogeneous IoT ecosystem where constrained devices belong to independent administrative domains. In this work we describe a distributed trust model for the IoT that leverages the existing trust domains and bridges them to create end-to-end trust between IoT devices without relying on any common root of trust. Furthermore we define a new cryptographic primitive, denoted as obligation chain designed as a credit-based Blockchain with a built-in reputation mechanism. Its innovative design enables a wide range of use cases and business models that are simply not possible with current Blockchain-based solutions while not experiencing traditional blockchain delays. We provide a security analysis for both the obligation chain and the overall architecture and provide experimental tests that show its viability and quality.
- Muneeb Ali, Jude Nelson, Ryan Shea, and Michael J. Freedman. 2016. Bootstrapping Trust in Distributed Systems with Blockchains. Technical Report. Blockstack.Google Scholar
- Sulin Ba and Paul A. Pavlou. 2002. Evidence of the Effect of Trust Building Technology in Electronic Markets: Price Premiums and Buyer Behavior. MIS Quarterly Vol. 26, 3 (sep. 2002), 243. Google ScholarDigital Library
- Gary E. Bolton, Elena Katok, and Axel Ockenfels. 2004. How Effective Are Electronic Reputation Mechanisms? An Experimental Investigation. Management Science Vol. 50, 11 (nov. 2004), 1587--1602. Google ScholarDigital Library
- V. Daza, R. Di Pietro, I. Klimek, and M. Signorini. 2017. CONNECT: CONtextual NamE disCovery for blockchain-based services in the IoT 2017 IEEE International Conference on Communications (ICC). IEEE, Paris, France, 1--6.Google Scholar
- Christian Decker and Roger Wattenhofer. 2013. Information propagation in the Bitcoin network. In IEEE P2P 2013 Proceedings. Institute of Electrical and Electronics Engineers (IEEE), Trento, Italy, 1--10.Google Scholar
- Roberto di Pietro, Xavier Salleras, Matteo Signorini, and Erez Waisbard. 2018. A blockchain-based Trust System for the Internet of Things - Extended. deftempurl%https://cri-lab.net/wp-content/uploads/2018/04/IslandsOfTrust-Clean.pdf tempurlGoogle Scholar
- John R. Douceur. 2002. The Sybil Attack. In Revised Papers from the First International Workshop on Peer-to-Peer Systems (IPTPS '01). Springer-Verlag, London, UK, UK, 251--260. Google ScholarDigital Library
- Open Connectivity Foundation. 2017. Online: https://openconnectivity.org/.Google Scholar
- D. Fraga, Z. Bankovic, and J.M. Moya. 2012. A Taxonomy of Trust and Reputation System Attacks. In 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications. Institute of Electrical and Electronics Engineers (IEEE), Liverpool, UK, 41--50. Google ScholarDigital Library
- Audun Josang and Roslan Ismail. 2002. The beta reputation system. In In Proceedings of the 15th Bled Conference on Electronic Commerce. Electronic Commerce Center, Bled, Slovenia.Google Scholar
- Sergio Martins and Yang Yang. 2011. Introduction to Bitcoins: A Pseudo-anonymous Electronic Currency System Proceedings of the 2011 Conference of the Center for Advanced Studies on Collaborative Research (CASCON '11). IBM Corp., Riverton, NJ, USA, 349--350. Google ScholarDigital Library
- Do-Hyung Park, Jumin Lee, and Ingoo Han. 2007. The Effect of On-Line Consumer Reviews on Consumer Purchasing Intention: The Moderating Role of Involvement. International Journal of Electronic Commerce Vol. 11, 4 (jul. 2007), 125--148. Google ScholarDigital Library
- Paul Resnick, Ko Kuwabara, Richard Zeckhauser, and Eric Friedman. 2000. Reputation systems. Commun. ACM Vol. 43, 12 (dec. 2000), 45--48. Google ScholarDigital Library
- Dennis Richard and Owenson Gareth. 2016. Rep on the Roll: A Peer to Peer Reputation System Based on a Rolling Blockchain. International Journal of Digital Society (IJDS) Vol. 7 (3. 2016), 1123--1134.Google Scholar
- Alexander Schaub, Rémi Bazin, Omar Hasan, and Lionel Brunie. 2016. A Trustless Privacy-Preserving Reputation System. In ICT Systems Security and Privacy Protection. Springer Nature, Cham, 398--411.Google Scholar
- Kyle Soska and Nicolas Christin. 2015. Measuring the Longitudinal Evolution of the Online Anonymous Marketplace Ecosystem Proceedings of the 24th USENIX Conference on Security Symposium (SEC'15). USENIX Association, Berkeley, CA, USA, 33--48. Google ScholarDigital Library
- Haifeng Yu, Michael Kaminsky, Phillip B. Gibbons, and Abraham Flaxman. 2006. SybilGuard: Defending Against Sybil Attacks via Social Networks Proceedings of the 2006 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications (SIGCOMM '06). ACM, New York, NY, USA, 267--278. Google ScholarDigital Library
- Guy Zyskind, Oz Nathan, and Alex' Sandy' Pentland. 2015. Decentralizing Privacy: Using Blockchain to Protect Personal Data 2015 IEEE Security and Privacy Workshops. Institute of Electrical and Electronics Engineers (IEEE), San Jose, CA, USA, 180--184. Google ScholarDigital Library
Index Terms
- A blockchain-based Trust System for the Internet of Things
Recommendations
Internet of Things security
The Internet of things (IoT) has recently become an important research topic because it integrates various sensors and objects to communicate directly with one another without human intervention. The requirements for the large-scale deployment of the ...
Blockchain applications for the Internet of Things: Systematic review and challenges
Highlights- We investigate and analyze the BC technologies in terms of fundamental features, and ledger systems.
AbstractTechnological advancements have always been influencing our lives. Recently, the Internet of Things (IoT) and Blockchain (BC) are emerging as potentially disruptive technologies. Whereby, the IoT is a system of inter-related devices ...
Taxonomy and analysis of security protocols for Internet of Things
AbstractThe Internet of Things (IoT) is a system of physical as well as virtual objects (each with networking capabilities incorporated) that are interconnected to exchange and collect information locally or remotely over the Internet. Since ...
Highlights- We first discuss essential security requirements that are needed to secure IoT environment. We also discuss the threat model and various attacks related to ...
Comments