nach oben

Erschienen in:

2018 | OriginalPaper | Buchkapitel

Towards Blockchain-Based Identity and Access Management for Internet of Things in Enterprises

verfasst von : Martin Nuss, Alexander Puchta, Michael Kunz

Erschienen in: Trust, Privacy and Security in Digital Business

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

With the Internet of Things (IoT) evolving more and more, companies active within this area face new challenges for their Identity and Access Management (IAM). Namely, general security, resource constraint devices, interoperability, and scalability cannot be addressed anymore with traditional measures. Blockchain technology, however, may act as an enabler to overcome those challenges. In this paper, general application areas for blockchain in IAM are described based on recent research work. On this basis, it is discussed how blockchain can address IAM challenges presented by IoT. Finally, a corporate scenario utilizing blockchain-based IAM for IoT is outlined to assess the applicability in practice. The paper shows that private blockchains can be leveraged to design tamper-proof IAM functionality while maintaining scalability regarding the number of clients and transactions. This could be useful for enterprises to prevent single-point-of-failures as well as to enable transparent and secure auditing & monitoring of security-relevant events.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel A Decision-Making Approach for Improving Organizations’ Cloud Forensic Readiness

Nächstes Kapitel Access Control Requirements for Physical Spaces Protected by Virtual Perimeters

Adireddy, A., Gottapu, U., Aravamudhan, A.P.: Usercentric federation of access to Internet-of-Things(IoT) devices: a valet key for IoT devices. In: 2016 International Conference on Circuits, Controls, Communications and Computing (I4C), pp. 1–7, October 2016. https://doi.org/10.1109/CIMCA.2016.8053280

Azaria, A., Ekblaw, A., Vieira, T., Lippman, A.: Medrec: Using blockchain for medical data access and permission management. In: International Conference on Open and Big Data (OBD), pp. 25–30. IEEE (2016)

Babar, S., Mahalle, P., Stango, A., Prasad, N., Prasad, R.: Proposed security model and threat taxonomy for the Internet of Things (IoT). In: Recent Trends in Network Security and Applications, pp. 420–429 (2010)CrossRef

Cachin, C.: Architecture of the hyperledger blockchain fabric. In: Workshop on Distributed Cryptocurrencies and Consensus Ledgers (2016)

Chen, J., Liu, Y., Chai, Y.: An identity management framework for internet of things. In: 2015 IEEE 12th International Conference on e-Business Engineering (ICEBE), pp. 360–364. IEEE (2015)

Christidis, K., Devetsikiotis, M.: Blockchains and smart contracts for the internet of things. IEEE Access 4, 2292–2303 (2016)CrossRef

Crosby, M., Pattanayak, P., Verma, S., Kalyanaraman, V.: Blockchain technology: beyond bitcoin. Appl. Innov. 2, 6–10 (2016)CrossRef

Douceur, J.R.: The Sybil attack. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45748-8_24CrossRef

Fischer, M.J., Lynch, N.A., Paterson, M.S.: Impossibility of distributed consensus with one faulty process. J. ACM (JACM) 32(2), 374–382 (1985)MathSciNetCrossRef

10.

Godik, S., Moses, T.: OASIS extensible access control markup language (XACML). OASIS Committee Secification cs-xacml-specification-1.0 (2002)

11.

Gusmeroli, S., Piccione, S., Rotondi, D.: IoT access control issues: a capability based approach. In: 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp. 787–792. IEEE (2012)

12.

Haller, S., Karnouskos, S., Schroth, C.: The internet of things in an enterprise context. In: Domingue, J., Fensel, D., Traverso, P. (eds.) FIS 2008. LNCS, vol. 5468, pp. 14–28. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00985-3_2CrossRef

13.

Hevner, A.R., March, S.T., Park, J., Ram, S.: Design science in information systems research. MIS Q. 28(1), 75–105 (2004)CrossRef

14.

Hu, V.C., et al.: Guide to attribute based access control (ABAC) definition and considerations. NIST Special Publication 800–162 (2014)

15.

Kshetri, N.: Can blockchain strengthen the internet of things? IT Prof. 19(4), 68–72 (2017)CrossRef

16.

Lamport, L., Shostak, R., Pease, M.: The byzantine generals problem. ACM Trans. Program. Lang. Syst. (TOPLAS) 4(3), 382–401 (1982)CrossRef

17.

Di Francesco Maesa, D., Mori, P., Ricci, L.: Blockchain based access control. In: Chen, L.Y., Reiser, H.P. (eds.) DAIS 2017. LNCS, vol. 10320, pp. 206–220. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59665-5_15CrossRef

18.

Mickens, J.: The saddest moment. Login Usenix Mag. 39(3), 52–54 (2014)

19.

Moinet, A., Darties, B., Baril, J.L.: Blockchain based trust & authentication for decentralized sensor networks. arXiv preprint arXiv:1706.01730 (2017)

20.

Osmanoglu, E.: Identity and Access Management: Business Performance Through Connected Intelligence. Newnes, Waltham (2013)

21.

Ouaddah, A., Mousannif, H., Elkalam, A.A., Ouahman, A.A.: Access control in the internet of things: big challenges and new opportunities. Comput. Netw. 112, 237–262 (2017)CrossRef

22.

Outchakoucht, A., Hamza, E.S., Leroy, J.P.: Dynamic access control policy based on blockchain and machine learning for the internet of things. Int. J. Adv. Comput. Sci. Appl. 8(7), 417–424 (2017)

23.

Polyzos, G.C., Fotiou, N.: Blockchain-assisted information distribution for the internet of things. In: 2017 IEEE International Conference on Information Reuse and Integration (IRI), pp. 75–78. IEEE (2017)

24.

Rodrigues, R., Liskov, B., Chen, K., Liskov, M., Schultz, D.: Automatic reconfiguration for large-scale reliable storage systems. IEEE Trans. Dependable Secure Comput. 9(2), 145–158 (2012)CrossRef

25.

Roman, R., Zhou, J., Lopez, J.: On the features and challenges of security and privacy in distributed internet of things. Comput. Netw. 57(10), 2266–2279 (2013)CrossRef

26.

Salman, O., Abdallah, S., Elhajj, I.H., Chehab, A., Kayssi, A.: Identity-based authentication scheme for the internet of things. In: 2016 IEEE Symposium on Computers and Communication (ISCC), pp. 1109–1111. IEEE (2016)

27.

Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38–47 (1996)CrossRef

28.

Schneider, F.B.: Implementing fault-tolerant services using the state machine approach: a tutorial. ACM Comput. Surv. (CSUR) 22(4), 299–319 (1990)CrossRef

29.

Shafagh, H., Hithnawi, A., Duquennoy, S.: Towards blockchain-based auditable storage and sharing of IoT data. arXiv preprint arXiv:1705.08230 (2017)

30.

Trnka, M., Cerny, T.: Identity management of devices in internet of things environment. In: 2016 6th International Conference on IT Convergence and Security (ICITCS), pp. 1–4. IEEE (2016)

31.

Vukolić, M.: The quest for scalable blockchain fabric: proof-of-work vs. BFT replication. In: Camenisch, J., Kesdoğan, D. (eds.) iNetSec 2015. LNCS, vol. 9591, pp. 112–125. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39028-4_9CrossRef

32.

Vukolić, M.: Rethinking permissioned blockchains. In: Proceedings of the ACM Workshop on Blockchain, Cryptocurrencies and Contracts, pp. 3–7. ACM (2017)

33.

Zhu, X., Badr, Y., Pacheco, J., Hariri, S.: Autonomic identity framework for the internet of things. In: 2017 International Conference on Cloud and Autonomic Computing (ICCAC), pp. 69–79. IEEE (2017)

Titel: Towards Blockchain-Based Identity and Access Management for Internet of Things in Enterprises
verfasst von: Martin Nuss
Alexander Puchta
Michael Kunz
Verlag: Springer International Publishing
Buch: Trust, Privacy and Security in Digital Business
Print ISBN: 978-3-319-98384-4

Electronic ISBN: 978-3-319-98385-1

Copyright-Jahr: 2018
DOI: https://doi.org/10.1007/978-3-319-98385-1_12

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"