Abstract
Some Internet of Things (IoT) platforms use blockchain to transport data. The value proposition of IoT is the connection to the Internet of a myriad of devices that provide and exchange data to improve people’s lives and add value to industries. The blockchain technology transfers data and value in an immutable and decentralised fashion. Security, composed of both non-intentional and intentional risk management, is a fundamental design requirement for both IoT and blockchain. We study how blockchain answers some of the IoT security requirements with a focus on intentional risk. The review of a sample of security incidents impacting public blockchains confirm that identity and access management (IAM) is a key security requirement to build resilience against intentional risk. This fact is also applicable to IoT solutions built on a blockchain. We compare the two IoT platforms based on public permissionless distributed ledgers with the highest market capitalisation: IOTA, run on an alternative to a blockchain, which is a directed acyclic graph (DAG); and IoTeX, its contender, built on a blockchain. Our objective is to discover how we can create IAM resilience against intentional risk in these IoT platforms. For that, we turn to complex network theory: a tool to describe and compare systems with many participants. We conclude that IoTeX and possibly IOTA transaction networks are scale-free. As both platforms are vulnerable to attacks, they require resilience against intentional risk. In the case of IoTeX, DIoTA provides a resilient IAM solution. Furthermore, we suggest that resilience against intentional risk requires an IAM concept that transcends a single blockchain. Only with the interplay of edge and global ledgers can we obtain data integrity in a multi-vendor and multi-purpose IoT network.
Highlights
Once we obtain the network profiles of the two Internet of Things (IoT) platforms we study, we apply the equations proposed by [11] to increase their resilience against intentional risk
We introduce IoTeX and a collection of security incidents in public blockchains
The blockchain technology can implement a number of IoT cybersecurity requirements based on its distributed and immutable nature
Summary
Ninety-one percent of those Internet users do it via mobile devices [1]. The former US Vice-President Al Gore referred to the Internet as the information superhighway. By the end of 2018, the number of IoT-connected devices surpassed the 20 billion mark [2] with a forecast of 30 billion IoT-connected devices for 2030 [3]. This information superhighway is being extended with many additional lanes that carry information from, among many other things, sensors, actuators, personal health devices and geolocation trackers. Reference [4] defines an IoT device as one having at least one transducer (sensor or actuator) to interact directly with the physical world and at least one network interface (Ethernet, Wi-Fi, Bluetooth) to interface with the digital world
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
