ABSTRACT
Internet of Things (IoT) is a network of smart devices that can communicate with each other without or with little human interaction. Maintaining security and trust among these millions of smart devices is a big concern because the transportation of their information generally takes place over the Internet. Limited resources available in IoT devices makes it more difficult to apply conventional security protocols. Moreover, IoT devices are generally located in such remote areas where unethical means can easily not only access them and inject false data but also completely replace them. This physical access can make other devices vulnerable to different attacks, so trust among these IoT devices is a critical factor. Trust management can be considered an important factor for a successful IoT system in which smart devices can communicate with one other without worry of security and integrity of data. Trust management is the process of identifying malicious and unwanted nodes or devices and removing them from any communication process. Key parameters of trust management in IoT systems are authentication, authorization/access control, integrity, privacy, and adaptability that depend on some direct measurable and non-measurable factors. However, despite numerous security solutions in IoT systems, there are some attacks specially designed by unethical means to manipulate the trust values in trust management systems. These attacks need to be addressed for the proper functioning of trust management systems in the IoT.
Blockchain, which is mainly known for cryptocurrencies such as Bitcoin and Ethereum, has proven its effectiveness in data immutability, integrity, and decentralized ledgers and can be a perfect solution for many security and trust-related problems of the IoT. Additionally, advancement in blockchain technology can improve its applicability in securing and managing trust in the IoT. For instance, smart contracts that enable programmability in blockchain can make processing of data conditional and automated. Security features of blockchain, such as authentication, integrity, access control, etc., can be used for managing trust among IoT devices by protecting them from security attacks.
Initially, blockchain was designed to be public in nature, where anyone can join and send transactions, and the same data are transparently distributed among all the participants. But in real-world scenarios, we need more control over accessing services. Permissioned blockchain such as Hyperledger Fabric, which is specially designed for business needs can provide more control over the functioning of available services. In Hyperledger Fabric, data are distributed among authorized entities only and all activities are controlled by the admin entity. For authentication, every entity in Hyperledger Fabric has a unique identity provided by some Certification Authority (CA) using X.509 protocols. It also supports smart contracts or chaincodes that provide more control over invoking transactions in its network.
This chapter will introduce trust management in IoT systems with its issues and all possible trust-related security attacks on it. It will also discuss important trust parameters that need to be addressed for a successful trust management system. After it, an introduction to blockchain technology with its supported protocols will be explained in this chapter. The evolution of blockchain, its various variants, and applications will also be discussed in the book chapter. The chapter will mainly focus on Hyperledger Fabric, which is a permissioned blockchain, and will define its architecture, security features, and working mechanisms.
The chapter will also explain blockchain and IoT integration issues in detail and then expose their solutions with multiple strategies such as the Inter IoT model, IoT blockchain, and the cloud-based IoT blockchain model. Finally, the chapter will describe six important trust management issues in IoT such as “Trust in Authentication,” “Trust in Identity Management,” “Trust in Integrity of Data,” “Trust in Authorization,” “Trust in Interoperabilty,” and “Trust in Privacy.” Thereafter, the chapter will expose their possible solutions using Hyperledger Fabric Blockchain. These solutions will be useful for managing trust in IoT scenarios, as well as for industrial IoT, blockchain, and IoT enthusiasts, students, Ph.D. scholars, and researchers.
