Professional Documents
Culture Documents
TECHNOLOGY-
INFORMATION
ASSURANCE
Blockchain-IoT Integration
Akshaya Lakshminarasimhan
BL.BU.P2MBA19008
Table of Contents
What is Blockchain?.................................................................................................................2
How Blockchain Works?..........................................................................................................2
Privacy and Security.................................................................................................................2
Blockchain's Practical Application..........................................................................................2
Bank Use..........................................................................................................................................3
Healthcare Uses...............................................................................................................................3
Smart Contracts..............................................................................................................................3
Supply Chain...................................................................................................................................3
What Is the Internet of Things (IoT)?.....................................................................................3
History of IoT............................................................................................................................3
How the Internet of Things Works?.........................................................................................4
Benefits of the Internet of Things............................................................................................4
Security in IoT...........................................................................................................................4
Some Security Incidents in IoT:.....................................................................................................4
Introducing Blockchain in IoT................................................................................................5
Blockchain Benefits in IoT:............................................................................................................5
Blockchain Technology for IoT:.....................................................................................................5
(Ali Dorri)........................................................................................................................................5
Reference:.................................................................................................................................6
What is Blockchain?
The words “block” and “chain” here, it is about digital information (the “block”) stored in a
public database (the “chain”).
“Blocks” on the blockchain are the digital pieces of information. Specifically, they have three
parts:
Blocks stores information about transactions like the date, time, and amount of the
most recent purchase.
Blocks store information about who is participating in transactions.
Blocks store information that distinguishes them from other blocks.
Bank Use
Blockchain in Banks,
Transactions processed in little time, adding a block to the blockchain, at any time this
is an opportunity to exchange funds more quickly and securely.
Stock Market, for example, the settlement and clearing process can take up to three
days, here the money is not growing or available for liquidity. This entire process can
change.
Healthcare Uses
Blockchain in Healthcare,
Securely store the patients’ medical records.
A medical record is generated and signed, it can be written into the blockchain,
builds Patients confidence about privacy.
Insurance Companies
Smart Contracts
Rental Agreements
Automobile
Real Estate
Financial Services/Derivatives
Legal Processes
Loans
Supply Chain
History of IoT
“Internet of Things” came from Kevin Ashton of Procter & Gamble, He in 1999 in an article
had used the words to describe the RFID tags which are used in supermarkets, or mainly in
making the supply chains more efficient. So, that is how the phrase came into existence.
In Pure Medical field, the more accurate data at correct timing obtained from continuous
monitoring helps the doctors make a better diagnosis and support them in giving a premium
healthcare treatments which improves the patients outcomes.
Security in IoT
IoT security is the need of the hour, it has become an important part of any device.
Vulnerability here, attracts the hackers in getting hands on the information. Also, with IoT
devices, the access to the homes and most important areas where information could stored are
exposed to social engineering attacks.
Stuxnet
It was a type of highly sophisticated type of computer worm which was designed to
identify the specific machine used in the industry and manipulate it to the
requirement.
Here, in this case it was nuclear industry, begins to look for centrifuges i.e, the
machines that are used to isolate isotopes of uranium. Stuxnet was sent to reprogram
the centrifuges to perform any varying cycles that result in the disintegrating the
machine
This Stuxnet which was introduced was programmed with many layers of protection
for itself from being detected. It could not be detected on machine which running
certain type of a security program, it was also programmed with self-disable and self-
erasing features.
It was widely believed that it was created to damage the Iranian nuclear program.
Mirai
This is a Specialized malware that is specifically created to exploit the IoT devices
security vulnerability. This malware works on the basis of using the common
usernames and passwords to gain access to IoT devices.
Like For example, Internet cameras, monitors, which runs on the Linux platform may
have some default credentials such as a standard operating procedure “admin” and
“password,” . This allows the malware to get into easily accessing the system,
comfortably install itself, and triggers turning the device in a bot.
This attack by Mirai botnet had occurred on October 21st, 2016, this attacked a
company “Dyn”, they provide domain name services to notably major companies that
core rely on this secured information as their including Netflix, GitHub, Twitter, and
Reddit.
Major Lessons learnt from the Mirai botnet attack was How all the IoT devices with
security vulnerability can be integrated and abused for serious attacks.
Introducing Blockchain in IoT
IoT is bringing a lot of new opportunities and these provide an edge for most businesses in
current markets and in creation of new markets. It is a wholesome of data, the how the data is
processes, when an executive action is taken, and why is it basically collected in the first
place. These devices are deployed process data into a useful information without any human
intervention at many levels.
With so much data collected, stored and processed, the primary concern here is the security
for the data from the beginning through end of its processing. This involves in handling them
across many boundaries, policies and fundamentally their intent.
A Private immutable Ledger is created, that performs exactly like a blockchain. However it is
centrally managed to deal with optimization of energy consumption. This architecture will
use the trust that is distributed, primarily to significantly reduce the validation processing
time of each block entered.
Reference:
1. https://101blockchains.com/centralized-vs-decentralized-internet-networks/
2. https://www2.deloitte.com/us/en/insights/topics/understanding-blockchain-
potential/global-blockchain-survey-2019.html
3. https://www2.deloitte.com/us/en/insights/topics/understanding-blockchain-
potential/global-blockchain-survey.html?
id=us:2ps:3gl:consem21:eng:cons:061620:nonem:na:rDgvbReU:1192554124:442262
763111:b:Blockchain:Blockchain_Survey_2020_BMM:nb
4. https://hackernoon.com/centralization-vs-decentralization-the-best-and-worst-of-both-
worlds-7bfdd628ad09
5. https://consoltech.com/blog/blockchain-cybersecurity/
6. https://www.forbes.com/sites/andrewarnold/2019/01/30/4-promising-use-cases-of-
blockchain-in-cybersecurity/#48f466913ac3
7. https://www.i-scoop.eu/internet-of-things-guide/blockchain-iot/#:~:text=IBM
%20Blockchain%2C%20for%20instance%2C%20already,in%20myriad%20possible
%20IoT%20applications.
8. https://datafloq.com/read/securing-internet-of-things-iot-with-blockchain/2228
9. https://www.investopedia.com/terms/i/internet-things.asp
10. https://www.investopedia.com/terms/b/blockchain.asp
11. Towards an optimized blockchain for IoT, Ali Dorri, Salil S. Kanhere, Raja Jurdak
Develop three detailed scenarios (5 points each) for the future of the cyber security/ privacy
industry. Remember that you are in 2019. Please use your experience with any homeworks OR
lectures for at least one detailed scenario (more than one is allowed) (please specify).
Home Entertainment
Usage of Home Assistance devices to build smart home, for example bringing in IoT
devices where it helps run the home handsfree.
However, this Like For example, Internet cameras, monitors, IoT devices which runs
on the Linux platform may have some default credentials such as a standard operating
procedure “admin” and “password,” this is exposed to huge risk. Bringing in
Blockchain can help with the scenario.
Bank Use
Blockchain in Banks,
Transactions processed in little time, adding a block to the blockchain, at any time this
is an opportunity to exchange funds more quickly and securely.
Stock Market, for example, the settlement and clearing process can take up to three
days, here the money is not growing or available for liquidity. This entire process can
change.
Healthcare Uses
Blockchain in Healthcare,
Securely store the patients’ medical records.
A medical record is generated and signed, it can be written into the blockchain,
builds Patients confidence about privacy.
In Pure Medical field, the more accurate data at correct timing obtained from
continuous monitoring helps the doctors make a better diagnosis and support them in
giving a premium healthcare treatments which improves the patients outcomes.
Insurance Companies
a) What impact is the Internet having on the way firms conduct business? Give details(choose
one case) b) What are the future implications with regard to risk? Answer these questions with
respect to your most favorite topic (touched upon in your readings/ lectures / etc.) (done in IA
class) Please be sure to choose different perspectives when deciding on your cases/topics (Cite
everything you are discussing.)
E-Commerce:
E-Commerce is bringing everything home delivered, connecting people all throughout the
world.
Security Risk:
The Misuse of Technology in hacking the Customer Identity details, Payment details,
Majorly Involving in Social Engineering Attacks.
Storage, distribution, portability and destruction of the customer data.
Clean Desk Policy to avoid any data be vulnerable to expose it to the hackers.
Reputation Risk:
Discuss issues in cyber-security from the context of the government and/or some specific
industry. Focus on three important issues (e.g. – legal, law enforcement, policy, etc). At least
One of them MUST cover the Telecommunications and Network Security domain (Lecture 8)
(Be happy )
Each of you has been exposed to some emergency management scenario. (Recall your
Homework.) Briefly describe (a)how you would handle the specific emergency management
situation if you were the Chief Security Officer of your firm in the year 2020. (b)possible future
directions (include your wish list) for handling the scenario in 2023.
Emergency Situation such as any disaster hitting or situations like COVID-19 where the
operations are disrupt on and off without any foreseeable future of resuming the services.
First of all, breakdown all the work structures and bring in the project initiation phase.
Here, take the top down approach in project planning and staffing details.
Build Infrastructure that is centralized and accessible from anywhere.
Constantly Test, Troubleshooting and Maintain the system ensuring a smooth flow.
Put up a Strategic Plan in place to assure the continuous availability of systems ready
to use in event of an attack
Identify critical business functions
Have a Business continuity plan by setting up shop for the critical business functions
to operate without any disruptions
Future Directions:
Build a Business Model that with a foreseeable fail proof system that doesn’t stop in
case of any disaster.
Operate a Business Continuity plan in normal days to refine the process and re-
engineer it continuously.
Don’t put all the eggs in one basket, have decentralized systems to bring in line
whenever something fails.
Introduce Blockchain technology for the security of data.
Continuously motivate the staff to work virtually.
Have a Continuous monitoring system in place for both systems and staff, with
improvements happening in parallel.
2.1 How did Advo mitigate or overcome security issues with respect to 3rd party vendors?
2.2 What are the advantages of having an integrated security management system that combines
physical + IT security?
6.1. What are the challenges a forensic investigator faces in obtaining information from mobile
devices?
6.2. What is FBI’s scope of investigation and how would it handle situations where the perpetrators
are not in the US?
7.2:
The security awareness program that AETNA implemented is cost effective and is
focused on realistic goals.
AETNA set up the Information Security Policy and Practices (ISPP) group.
ISPP - implement security awareness program.
The reason for the success of AETNA was them understanding the importance of
security system awareness.
7.1
One of the main contributing factors to the success of company’s employee security
awareness program is high placement of ISPP group within the organisation.
Information System of Awareness Program is managed by ISPP, which is headed by 5
employees.
Infosec Exam provides security training and testing to all users annually.
A systematic approach towards designing exams is one of the key elements of Aetna’s
security awareness program.
Exams were divided into independent and interactive modules.
In addition to exam redesigning, Role based exams were introduced.
It takes approximately 6 months to design and develop the exam.
As per the Council of state planning agencies Defines infrastructure as constitute of
public buildings wide set of public facilities as well as equipment that are required in
order to provide various social services as well as support to the many economic
activities that take place in the private sector of the economy
Facilities includes ( Roads , Bridges, water and sewer system, Ports, Airports,
Buildings, School, Jails, Health facilities, Electric Power System, waste disposal,
Communication Equipment,