Project title: A Permissioned Blockchain-based Device Identity Management

Application for Internet-of-Things (IoT) – Cloud Network

Principal Investigator (PI) name: Anang Amin

Expected Research Future Plans:

The future plan for this research is to expand the applications of blockchain
technology in the area of Internet-of-Things (IoT) applications. The decentralized
nature of blockchain brings great potential for IoT deployments, including
applications in the field of remote monitoring, transportation, healthcare, and
smart cities. This could lead to -HCT Industry Collaboration Project and potential
collaboration with industry.

Abstract:

The recent proliferation of the Internet of Things (IoT) has enabled seamless
integration of interconnected sensors, actuators, and any other computational
devices, in the form of distributed computing network. The establishment of such
network requires a form of identification mechanism for all devices to be
connected. Potential threats exist, such as rogue host that can masquerade
authentic IoT device, enabling it to take control over the entire network. Existing
implementation relies on a third-party authentication and identification
management that resides over the cloud or within the distributed network. The
deployment of such auspicious solution has faced many challenges since the
centralization of the trust and connectivity of the IoT devices forces network to
become a single point of failure that may disrupt the entire IoT operations. A
decentralized approach offers an elegant solution to solve this problem. Hence,
this work proposes a permissioned blockchain-based identity management
application for interconnected IoT devices within a distributed network
infrastructure. Unlike existing approach where the identification and
authentication of devices are handled by a single entity, this formulated
framework utilizes the immutable blockchain network as a decentralized identity
management authority and repository through a combination of distributed
ledger scheme and smart contracts.

Project Description:

Problem Statement

Nowadays, IoT ecosystems are becoming massive infrastructure of

interconnected devices. The growth of such robust and dynamic environment is
achieved through a scalable and distributed computing model such as cloud
computing. Cloud computing has emerged as a paradigm to provide IoT devices,
a seamless access to shared pool of on-demand and elastic resources in order to
execute intensive and critical applications. However, with the expansion of IoT-
cloud infrastructure, there is a need to monitor the participation of IoT devices,
in terms of their identity and functions. Existing approach utilizes a centralized
Identity Management (IDM) entity that manages and keep track of the device
credentials. Failure to this entity would leads to failure towards the entire IoT-
cloud network operations. The goal of this project is to develop a decentralized
IDM scheme using a permissioned blockchain-based framework, to minimize the
effect of single point-of-failure in a centralized approach. The proposed scheme
will utilizes the smart contract mechanism for the identity establishment within
the network, as well as distributed ledger for identity data verification.

Literature Review

Leveraging on the cloud computing infrastructure seems to alleviate the

resource-constrained issue of the IoT device. Cloud computing provides the
distributed provisioning platform for IoT devices to access abundant computing
and storage resources in order to perform their intensive and critical
applications. Nevertheless, the centralization of the resources and Identity
Management (IDM) has forced the cloud to become a single point of failure that
can disrupt the entire IoT operations [1].

Recent works have shown several initiatives on IoT device identity management.
These include the development of unique reliable identity system for lightweight
devices by Urunov et.al [2], in which unique reliable ID management system is
used to manage lightweight underwater IoT devices. This approach however,
utilizes a centralized management information base (MIB), which is kept on a
single network management device. Butkus [3] also proposed a unique ID
management system by incorporating user identity, device identity and the
relations between them. Nevertheless, there is still a dependency on a
centralized system to manage these identities.

Blockchain technology has evolved since the concept appearance in white paper
[4], outlining how the cryptocurrency Bitcoin could be constructed. A blockchain
is a distributed ledger which records every transaction unit called block with a
mathematical proof to provide verification and to keep track of the transaction.
Since the implementation of Bitcoin, other applications of blockchain technology
have emerged, mainly in the financial sector but also with non-cryptocurrency
related use cases. Research by Zyskind et al. [5] proposed blockchain as a
stand-alone technology as a method for access-control and the removal of
trusted third parties when dealing with personal data. Integrating IoT devices on
blockchain network requires fast validation and verification to be performed on
blockchain network. Existing blockchain network such as Ethereum [6] has made
this possible. Ethereum offers faster block generation period of about 12
seconds, with smart contract deployment.

Smart contract technology is booming with the release of Ethereum and

programming language such as Solidity and Serpent, which have made contracts
much simpler to build and deploy. Smart contract is also described as “a set of
promises, specified in digital form, including protocols within which the parties
perform on these promises” [7]. Smart contracts are, in the context of
blockchain, simply logic that is published on a blockchain, can receive or perform
transactions like any address (transactions may be rejected or require special
arguments to function) and that can act as an immutable agreement. Smart
contract is a combination of transaction information and individual identity to
form an immutable agreement that form into a block [8].

The use of blockchain technology in managing identity system in IoT platform

allows the IoT device to manage their Device Identifiable Information (DII) as
Self-Sovereign Identity (SSI) for securely granting to personalized access control
and authentication purposes [9, 10].

Research Motivation
3. Formulation and development of permissioned blockchain-based identity management
(IDM) system.
Revolutionizing the IoT-cloud framework with blockchain technology has huge
impact on society, economy and nation. The framework will change the society
perception on the trustworthy of the information generated from the IoT devices.
The blockchain eliminates the risks that the information will be held or stored
centrally and will be corrupted or altered. Moreover, the blockchain enhances the
identity management of IoT devices which are connected to the cloud
infrastructure. The blockchain technology can also be unpacked to illuminate the
new business opportunity and unleash the biggest untapped talents and
entrepreneurs into global economy. Due to the decentralization of the
technology, industries and services are eager to adopt the blockchain
technology. This proposed framework will spur the business process
reengineering of the existing IoT-cloud applications or services.

Several initiatives to integrate IDM mechanism in blockchain network has been

presented in the works of Dunphy and Petitcolas [11]. This research aims to
extend this work by implementing a permission-based blockchain solution on
existing IoT-cloud network.

Research Methodology

The following phases have been identified that lead to the progression of this
research.

1. Investigation on deficiencies and limitations of existing identity

management (IDM) system in IoT-Cloud network.

This research starts with a preliminary study that defines the research
topic area and its significance. This covers an in-depth study of the
deficiencies and limitations of existing identity management (IDM) system
in IoT-Cloud network. Several IDM approaches on Blockchain network,
including uPort, Sovrin, BitID, ID.me, and IDchainZ will be reviewed. The
outputs from these initial activities lead towards the formulation of the
problem definition to the research process.

2. Formulation and development of permissioned blockchain-based identity

management (IDM) system.

This phase involves the formulation and development of permissioned

blockchain-based identity management (IDM) system. The development
will be based upon the key criteria being defined in the preliminary study
carried out in phase 1. A system prototype as outlined in Figure 1 will be
developed. This prototype will be used as an infrastructure for the
proposed IDM on permissioned blockchain network.
 Figure 1. Outline of the proposed IDM-Blockchain system prototype.

A small-scale private cloud, incorporating two physical nodes will be

developed, using OpenStack cloud platform. This cloud platform will host
the Ethereum nodes which is used to create a blockchain network. IoT
nodes used in this work, would be configured using a series of Raspberry
Pi System-on-Chip (SoC) devices with multiple sensors attached.

3. System evaluation.

The proposed system will be evaluated against several criteria, including

its effectiveness, scalability, and performance.

4. Documentation and Publications

The formulation of the proposed framework and the results from the
evaluation of the proposed framework will be published in international
conferences and journal.

Expected Research Outcomes

The outcomes of this research would be a complete identity management (IDM)

system for IoT devices in IoT-cloud network, which utilizes a decentralized
scheme using permissioned blockchain network.

References:

1. Liu, Y., Fieldsend, J. E., & Min, G. (2017). A framework of fog computing:
Architecture, challenges, and optimization. IEEE Access, 5, 25445-25454.
2. Urunov, K., Shin, S. Y., & Park, S. H. (2017, September). The unique
reliable identity system of enabling lightweight device management in
NMS mechanism for the U-IoT. In Network Operations and Management
Symposium (APNOMS), 2017 19th Asia-Pacific (pp. 411-414). IEEE.
3. Butkus, P. (2014, October). A user centric identity management for
Internet of things. In IT Convergence and Security (ICITCS), 2014
International Conference on (pp. 1-4). IEEE.
4. Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system.
5. Zyskind, G., & Nathan, O. (2015, May). Decentralizing privacy: Using
blockchain to protect personal data. In Security and Privacy Workshops
(SPW), 2015 IEEE (pp. 180-184). IEEE.
6. Wood, G. (2014). Ethereum: A secure decentralised generalised
transaction ledger. Ethereum project yellow paper, 151, 1-32.
7. Szabo, N. (2001). Smart contracts: building blocks for digital markets,
1996.
8. Alliance, S. C. (2016). Smart contracts: 12 use cases for business and
beyond. Chamber of Digital Commerce, 56.
9. Abraham, A. (2017). Self-Sovereign Identity.
10. Dunphy, P., & Petitcolas, F. A. (2018). A first look at identity
management schemes on the blockchain. arXiv preprint
arXiv:1801.03294.
11. Karmakar, A., & Sahib, U. (2017). SMART DUBAI: Accelerating
Innovation and Leapfrogging E-Democracy. In E-Democracy for Smart
Cities (pp. 197-257). Springer, Singapore.