Abstract
The Internet of Things (IoT) has caused a revolutionary paradigm shift in computer networking. After decades of human-centered routines, where devices were merely tools that enabled human beings to authenticate themselves and perform activities, we are now dealing with a device-centered paradigm: the devices themselves are actors, not just tools for people. Conventional identity access management (IAM) frameworks were not designed to handle the challenges of IoT. Trying to use traditional IAM systems to reconcile heterogeneous devices and complex federations of online services (e.g., IoT sensors and cloud computing solutions) adds a cumbersome architectural layer that can become hard to maintain and act as a single point of failure. In this paper, we propose UniquID, a blockchain-based solution that overcomes the need for centralized IAM architectures while providing scalability and robustness. We also present the experimental results of a proof-of-concept UniquID enrolment network, and we discuss two different use-cases that show the considerable value of a blockchain-based IAM.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
- 2.
For instance, the first enrolment is verifiable at: https://testnet.litecore.io/tx/feac5a1dc645c701ea17ceb1657541d7094fbb43f18749cd9bd8a54014bd0197.
References
Back, A., et al.: Hashcash-a denial of service counter-measure (2002). http://www.hashcash.org/papers/hashcash.pdf
Boyle, D.: Tesla driver gets stranded in the desert after leaving his keys behind (2017). http://www.dailymail.co.uk/news/article-4128220/Tesla-driver-stranded-desert-forgot-keys.html
Brewer, E.: Cap twelve years later: How the “rules” have changed. Computer 45(2), 23–29 (2012). https://doi.org/10.1109/MC.2012.37
Bünz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., Maxwell, G.: Bulletproofs: short proofs for confidential transactions and more. In: 2018 IEEE Symposium on Security and Privacy (SP), pp. 319–338 (2018). https://doi.org/10.1109/SP.2018.00020
Caronni, G.: Walking the web of trust. In: IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises 2000, WET ICE 2000, pp. 153–158. IEEE (2000)
Dhillon, V., Metcalf, D., Hooper, M.: The hyperledger project. In: Dhillon, V., Metcalf, D., Hooper, M. (eds.) Blockchain Enabled Applications, pp. 139–149. Apress, Berkeley (2017). https://doi.org/10.1007/978-1-4842-3081-7_10
Grandison, T., Sloman, M.: A survey of trust in internet applications. IEEE Commun. Surv. Tutor. 3(4), 2–16 (2000). https://doi.org/10.1109/COMST.2000.5340804
Greenberg, A.: Hackers remotely kill a jeep on the highway with me in it (2015). https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/
ISO/IEC: Iso/iec 20922:2016 - information technology - message queuing telemetry transport (mqtt) v3.1.1 (2016). https://www.iso.org/standard/69466.html
Kshetri, N.: Can blockchain strengthen the internet of things? IT Prof. 19(4), 68–72 (2017). https://doi.org/10.1109/MITP.2017.3051335
Le, T., Mutka, M.W.: Capchain: a privacy preserving access control framework based on blockchain for pervasive environments. In: 2018 IEEE International Conference on Smart Computing (SMARTCOMP), pp. 57–64, June 2018. https://doi.org/10.1109/SMARTCOMP.2018.00074
van der Meulen, R.: Gartner says 6.4 billion connected “things” will be in use in 2016, up 30 percent from 2015 (2015). www.gartner.com/newsroom/id/3165317
Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system (2008). https://bitcoin.org/bitcoin.pdf
Novo, O.: Blockchain meets IoT: an architecture for scalable access management in IoT. IEEE Internet Things J. 5(2), 1184–1195 (2018). https://doi.org/10.1109/JIOT.2018.2812239
Ouaddah, A., Abou Elkalam, A., Ait Ouahman, A.: Fairaccess: a new blockchain-based access control framework for the internet of things. Secur. Commun. Netw. 9(18), 5943–5964 (2017). https://doi.org/10.1002/sec.1748
Roman, R., Zhou, J., Lopez, J.: On the features and challenges of security and privacy in distributed internet of things. Comput. Netw. 57(10), 2266–2279 (2013). https://doi.org/10.1016/j.comnet.2012.12.018. http://www.sciencedirect.com/science/article/pii/S1389128613000054
Sasson, E.B., et al.: Decentralized anonymous payments from bitcoin. In: 2014 IEEE Symposium on Security and Privacy, pp. 459–474, May 2014. https://doi.org/10.1109/SP.2014.36
Acknowledgements
We would like to thank Charles Kozierok for his help to proofread the manuscript.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Giaretta, A., Pepe, S., Dragoni, N. (2019). UniquID: A Quest to Reconcile Identity Access Management and the IoT. In: Mazzara, M., Bruel, JM., Meyer, B., Petrenko, A. (eds) Software Technology: Methods and Tools. TOOLS 2019. Lecture Notes in Computer Science(), vol 11771. Springer, Cham. https://doi.org/10.1007/978-3-030-29852-4_20
Download citation
DOI: https://doi.org/10.1007/978-3-030-29852-4_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-29851-7
Online ISBN: 978-3-030-29852-4
eBook Packages: Computer ScienceComputer Science (R0)