The New Advanced Society

33. Barber, S., Boyen, X., Shi, E., Uzun, E., Bitter to better—How to make bitcoin a better currency. Presented at the 16th International Conference on Financial Cryptography and Data Security , Kralendijk, Bonaire, Feb–2 March 2012, p. 27, 2012.

34. Barber, S., Boyen, X., Shi, E., Uzun, E., Bitter to better—How to make bitcoin a better currency. Presented at 16th Int. Conf. Financial Cryptography Data Security, Kralendijk, Bonaire , 27, 399–414, 2012.

35. Mosakheil, J.H., Master of Science in Information Assurance, St. Cloud State University, 2018, [Online]. Available: https://repository.stcloudstate.edu/cgi/viewcontent.cgi?article=1093&context=msia_etds.

36. Li, X., Jiang, P., Chen, T., Luo, X., Wen, Q., A survey on the security of blockchain systems. Future Generat. Comput. Syst. , 107, 841–853, 2017. https://doi.org/10.1016/j.future.2017.08.020.

37. Jesus, E.F., Chicarino, V.R.L., Albuquerque, C.V.N.d., Rocha, A.A. d. A.A., A survey of how to use blockchain to secure internet of things and the stalker attack. Secur. Commun. Netw. , 2018, 1–27, 2018.

38. Valenta, M. and Sandner, P., Comparison of Ethereum, hyperledger fabric and Corda. FSBC Working Chapter , 1, 1–8, 2017. [Online]. Available: https://pdfs.semanticscholar.org/00c7/5699db7c5f2196ab0ae92be0430be4b291b4.pdf.

39. Chernykh, P., R3 to release first production version of its corda platform by the end of september , Coinspeaker, UK, 2017, https://www.coinspeaker.com/r3-corda-launch/(accessed 10November, 2018).

40. Brown, R.G., Carlyle, J., Grigg, I., Hearn, M., Corda: A distributed ledger (Technical white chapter) , 2016, [Online]. Available: https://www.corda.net/content/corda-technical-whitechapter.pdf.

41. Greenspan, G., R3 Corda: Deep dive and technical review , MultiChain, UK, 2018, Available: https://www.multichain.com/blog/2018/05/r3-corda-deep-diveand-technical-review/.

42. The network—R3 Corda V3.3 documentation (Technical white chapter) , 2018, [Online]. Available: https://docs.corda.net/key-concepts-ecosystem.html.

43. Ward, M., Transactions Per Second (TPS). https://medium.com/corda/transactions-per-second-tps-de3fb55d60e3(accessed 5 November, 2018).

44. Nofer, M., Gomber, P., Hinz, O., Schiereck, D., Blockchain , (in English). Bus. Inf. Syst. Eng. , 59, 3, 183–187, Jun 2017. https://doi.org/10.1007/s12599-017-0467-3.

45. R3 Limited, Corda documentation , 2018, https://docs.corda.net/releases/release-M7.0/index.html(accessed 15 November, 2018).

46. Kuo, T.T., Kim, H.E., Machado, L.O., Blockchain distributed ledger technologies for biomedical and health care applications. J. Am. Med. Inf. Assoc. , 24, 6, 1211–1220, Nov 1 2017, https://doi.org/10.1093/jamia/ocx068.

47. Walport, M., Distributed ledger technology: beyond blockchain , UK Government Office for Science, UK, 2016.

48. Dorri, A., Kanhere, S.S., Jurdak, R., Blockchain in internet of things: Challenges and solutions, 2016.

49. Atlam, H.F., Alenezi, A., Alassafi, M.O., Wills, G.B., Blockchain with internet of things: Benefits, challenges, and future directions. Int. J. Intell. Syst. Appl. , 10, 6, 40–48, 2018. https://doi.org/10.5815/ijisa.2018.06.05.

50. Lewis, A. and Larson, M., Understanding blockchain technology and what it means for your business. DBS , 1, 1–28, 2016.

51. Weernink, M.O., Engh, W.V.D., Francisconi, M., Thorborg, F., The blockchain potential for port logistics , AUBEA Conference 2019, Australia, 2017.

52. Zheng, Z., Xie, S., Dai, H.-N., Chen, X., Wang, H., Blockchain challenges and opportunities: A survey. Working Chapter , 14, 352, 2016.

53. Yli-Ojanperä, M., Sierla, S., Papakonstantinou, N., Vyatkin, V., Adapting an agile manufacturing concept to the reference architecture model industry 4.0: A survey and case study. J. Ind. Inf. Integrat. , 15, 1–24, 2018.

54. Chartered Accountants Australia and New Zealand, The future of blockchain: Applications and implications of distributed ledger technology. Charter. Account., Aus. N Zealand, Aust. , 1, 1–44, 2017.

55. Sun, J., Yan, J., Zhang, K.Z.K., Blockchain-based sharing services: What blockchain technology can contribute to smart cities. Financ. Innovat. , 2, 1, 55, 2016. https://doi.org/10.1186/s40854-016-0040-y.

56. Benji, M. and Sindhu, M., A Study on the Corda and Ripple Blockchain Platforms, in: Advances in Big Data and Cloud Computing. Advances in Intelligent Systems and Computing , vol. 750, J. Peter, A. Alavi, B. Javadi, (Eds.), Springer, Singapore, 2013.

57. https://docs.corda.net/key-concepts.html.

58. Mohanty, D., Installation, Development, Deployment, Unit, and Functional Testing, in: R3 Corda for Architects and Developers , Apress, Berkeley, CA, 2019.

59. Mohanty, D., Government and Real Estate, in: R3 Corda for Architects and Developers , Apress, Berkeley, CA, 2019.

60. Lanko, A., Vatin, N., Kaklauskas, A., Application of RFID combined with blockchain technology in logistics of construction materials. MATEC Web Conf. , 170, 3032, 2018.

* Corresponding author : skpanda00007@gmail.com

Soumya Prakash Otta and Subhrakanta Panda*

Department of CSIS BITS Pilani, Hyderabad Campus, Hyderabad, India

Abstract

The Internet of Things is an emerging technical ecosystem, composed of heterogeneous technological smart objects which are seamlessly connected to the Internet. Provisioning of high-speed data and bandwidth for connectivity for growing variety of IoT services would increase their exposure for fraudulent activity as well as cyber-attacks. Since security issues are significant for the deployment of many IoT services with its amalgamation with cloud implementation, threats severity and vulnerability associated show multiplying effect. This article highlights the emerging security issues associated with IoT Cloud and specifically addresses the challenges faced due to Identity and Access Control of the IoT Cloud. Internet of Things is getting established as a technological ecosystem enabling application of computing to anything, anywhere, and at any time. For such unique versatility and openness, such interconnected devices and users are vulnerable to cyber-attacks. In such a scenario a small lapse in identity management will have exponential effects from such attacks. In this work, an effort has been done to critically examine aspects of IoT security and particularly regarding identity and access management for IoT over Cloud infrastructure. This chapter analyses the identity and access management challenges in IoT, followed by a proposal of cloud identity management model for IoT using distributed ledger technology.

Keywords: Distributed ledger, Internet of Things, IoT security, cloud IoT, identity and access management

The concept of Internet of Things (IoT), for the first time was proposed in 1999 by Auto-ID laboratory of the Massachusetts Institute of Technology (MIT). IoT extensively uses Machine to Human (M2H) as well as Machine to Machine (M2M) communication models. Various Dedicated Short-Range Communication (DSC) techniques have enabled interconnection of sensors, receivers, actuators and associated computational nodes for IoT devices for exchanging the acquired data. Since inception, IoT has been continuously growing as a technological ecosystem. It is also noticed that IoT devices are generally constrained from high availability of resources point of view. It is observed that the interconnected systems comprise of a huge number of sensing devices which have less memory coupled with smaller processing capability as well as their firmware or driver software are seldom updated. Usually, they are also deployed at physically unsecured, even at public places and left unattended for prolonged duration. Hence there is a definite requirement to secure IoT infrastructure as well as the network. A principal factor in securing an IoT infrastructure is envisaged regarding device identity and mechanisms to authenticate them in the ecosystem. Well known and existing authentication mechanisms require sufficient computing requirement which are generally not possible by the IoT devices. Associated problems such as issues related to authentication, security, data privacy of the IoT devices are increasing with passage of time. In general, huge volume of data is acquired by various sensors and other IoT devices in the IoT system. Such data, if at all saved using a centrally controlled mechanism or under the supervision of a single Trusted Third Party (TTP) administrator, may lead to the data security and privacy issues. To securely control and manage issues of IoT, classical protection mechanisms like cryptographic means and secured communication protocols are insufficient. In order to tackle these problems, there is a requirement of efficient mechanism having distributed storage, thereby avoiding a central point of failure or control. The mechanism should also facilitate secured authentication and access control having capability of sustaining security related attacks on the system.