Edge-Based Blockchain Design for IoT Security

Pao Ann Hsiung, Wei-Shan Lee, Thi Thanh Dao, I. Chien, and Yong-Hong Liu

National Chung Cheng University, Taiwan

Introduction

Overall

Recently, the Internet of Things (IoT) has grown more and more popular and is being deployed in many different applications. IoT devices can connect with each other through wireless or wired technologies and can make smart decisions. Normally, the IoT refers to a system of homogeneous devices having the abilities of sensing, processing, and network connecting, and it relies on a cloud server, where the data from IoT devices can be processed. Since it is a cloud-based system, every device needs to connect to the cloud server to be identified and authenticated, which makes IoT systems more centralized. Since the size and complexity of IoT networks grows every year, cloud servers need to be more and more powerful, which leads to an expensive deployment and a high maintenance cost.

IoT devices usually do not have a powerful ability to calculate, since they are designed just to sense and transmit data to the cloud. In some IoT architecture, there are gateways between the cloud and IoT devices, called fog computing layers, which provide local services and help connect IoT devices and the cloud. To reduce the latency of connection, these fog computing devices are usually deployed near the IoT devices. Thus, fog computing layers are geographically decentralized. Along with the devices’ advances in computing ability,, fog computing layers can process more data than before and thus can also handle the calculations required by blockchain technology. The feature of decentralized architecture is also suitable for blockchain. Though IoT devices bring lots of convenience to human life, some issues also arise. The IoT's problems with privacy, security, and users’ confidence still do not have effective solutions.

Blockchain is a distributed ledger technology without third-party verification, which is suitable for fog computing. A blockchain system consists of four parts. First, consensus, which ensures that the ledger information distributed across all the nodes is of the same version. Second, the ledger, which records every operation and every piece of data in a blockchain. It is deployed to every node, and the same version is maintained. Third, cryptography, which ensures that data in the ledger and their transmissions among nodes are all encrypted. Only a user with authorized access can decrypt them. Fourth, a smart contract, seen as a contract that can be executed automatically when the corresponding condition is satisfied. Since they are self-executable, smart contracts make a blockchain system provide more diversified services than before.

Along with the rapid growth in blockchain applications, several consensus methods have been proposed. The Proof of Work (PoW) consensus was first published by Cynthia Dwork and later applied in Bitcoin. Blockchain needs to add a new block behind the old one. In order to add a new block, the PoW will choose the first node that solves a complex math problem, regarded as work, and this node will have the right to add a new block. Though it is a well-known consensus method, it consumes extensive energy and time to mine a new block, thus leading to a very high cost. Proof of Stack (PoS) is a consensus method that can provide an alternative to PoW. PoS attributes mining power through the amount of coins that a miner holds, instead of through the mining ability that a miner has. Through PoS, the cost of maintaining a blockchain system is reduced. The practical byzantine fault tolerance (PBFT) consensus is an effective consensus that is used in many private blockchain systems. The PBFT consensus selects a node in a blockchain to become a leader. The other nodes need to verify the leader, to make sure the leader is working and is safe. If the leader does not respond to the other nodes, PBFT will select another node to become a new leader. Through the transfer of the leader, the security of the system is enhanced.

In IoT gateways or fog computing layers, data security problems possibly lead to data tampering or data loss. A comprehensive survey on IoT security issues is given by Alaba Ayotunde Fadele et al. [ l ]. As Sachin Goswami et al. [2] discuss, fog computing can improve the computation and storage capability in centralized architecture, however, it performs very poorly in rising edge processing and protecting data privacy. A large amount of the data collected from a traditional centralized system is unreliable and not to be trusted. These are important issues to consider, especially the contradiction between secured sharing and performance isolation [3]. Many works in IoT application is proposed, and the future challenges associated with IoT big data research are identified by Hang Liu et al. [4]. Traditionally, the IoT applies fog computing to handle the big heterogeneous data stream generated by various terminals [5]. IoT applications are increasingly popular and play an indispensable role in the rapid development of society. Along with that is the integration of new technologies, including various communication devices. Nevertheless, a lack of resources and mechanisms restrict the full implementation of the IoT and limits the practical application of IoT features. But in future, the adoption of blockchain technology will overcome the limitations that the IoT is facing and improve the performance of IoT processing.

Blockchain technologies can provide a permanent forensic record of transactions and a single version of the truth: a network state that is fully transparent and ensures reliability and security for the benefit of all participants. Shaoyong Guo et al. [6] have proposed a distributed and trusted authentication system based on blockchain and edge computing. The main goal of their work is to improve authentication efficiency by an optimized practical Byzantine fault tolerance consensus algorithm. This consensus is designed to construct a consortium blockchain to store authentication data and logs. It guarantees trusted authentication and achieves transaction traceability. Haya Hasan et al. [7] have proposed the blockchain-based creation process of digital twins. Digital twins are necessary for rapid developments in the computing, storage, communication, and networking technologies of the IoT. This proposal was made to ensure secure and trusted traceability, accessibility, and provide a ledger to remain a permanent, indelible, and unalterable history of transactions. In addition, blockchain-based edge computing also has promise for future 5G networks. One important component in the 5G architecture is mobile edge computing. Xumin Huang et al. [8] have proposed exploring mobile edge computing for 5G, which can support many applications and services with low latency. Nasir Abbas et al. [9] have provided a comprehensive survey of the relevant research and developments in the mobile edge computing area, such as its advantages, architectures, and applications. However, the problem of security and data privacy remains. To enhance security in a mobile edge computing system, blockchain technology has been applied in some works. XiaoDong Zhang et al. [10] proposed a security architecture of VANET based on blockchain and mobile edge computing. Xiaoyu Qiu et al. [11] propose a new model-free deep reinforcement learning-based online computation offloading approach for blockchain-empowered mobile edge computing in mining and data processing tasks. Yaodong Huang et al. [12] propose a block- chain system that adapts to the limitations of edge devices.

As summarized by Abid Sultan et al. [13], several blockchain characteristics can be used to address security issues. For example, blockchain’s decentralization addresses the single-point-of-failure security issue. Similarly, data privacy can be addressed by blockchain’s anonymity. Moreover, blockchain technology meets transparency and scalability challenges [14], which has the ability to make process transactions visible and nondiscriminatory participation. Ruizhe Yang et al. [15] have identified several vital challenges of integrating blockchain and edge computing. Blockchain-based edge computing can enable reliable network access and control. However, self-organization, functions integration, resource management, and new security issues need to be considered before the application of blockchain-based edge computing can be deployed. Four crucial technical challenges in terms of network and storage scalability, throughput, access control, and data retrieval in the practical application of supply chains are summarized and discussed by Hanqing Wu et al. [16].

To overcome the problems mentioned here, we provides a blockchain-based gateway management mechanism with smart contracts in order to increase reliability. Our blockchain was built on the Hyperledger Fabric platform. The effectiveness of the proposed smart contracts is demonstrated by addressing data anomaly problems in smart grids via two application scenarios, namely abnormal data loss and abnormal long/short term consumption. Based on the results of anomaly detection, smart contracts are triggered, such that a transaction is performed to record the corresponding data. Depending on the specific scenarios, which have different levels of security breaches, the corresponding smart contract notifies the smart grid owners about the current security situation. Thus, our proposed blockchain-based security solution provides not only security, but also fault tolerance at the IoT gateway (fog layer).

Contributions

In this chapter, we first present related work on blockchain technology and the IoT. Then we discuss the current challenges that exist for blockchain-enabled IoT systems. Afterward, we present the proposed edge-based blockchain architecture for IoT security. In our architecture, we describe how to design and implement each blockchain component. In addition, we describe the main role of edge-based block- chain in IoT security. With different IoT security scenarios, we demonstrate that our proposed architecture can address privacy and security issues. Performance on a Raspberry Pi 3 embedded platform shows that approximately Ю transactions-per- second (TPS) performance can be achieved with query transactions, and around 7 TPS for invoke transactions. The main contributions of this chapter can be summarized as follows.

  • • We propose a blockchain network architecture for the IoT. where we address several typical issues mentioned in previous work, including the consensus mechanism, the privacy mechanism, and smart contract design. Our architecture uses a permissioned blockchain system. Raft consensus, private data collection, and smart contracts to detect attacks and data anomalies. Details can be found in Section 10.4.1.
  • • Building upon this blockchain network architecture, we further propose an edge-based version called eBC system architecture for edge-based IoT systems. Two connectors were designed into eBC, namely the Blockchain Connector and the Edge Connector. The Blockchain Connector is responsible for permission management, transaction validation, access control, digital signatures, and invoke/query verification. The Edge Connector is responsible for synchronization, processing requests, and historical record logging. Details can be found in Section 10.4.2.
  • • The proposed eBC IoT architecture was implemented and deployed in gateways of the advanced metering infrastructure (AMI), to collect data from smart meters. Three different smart meter security scenarios were considered, including data loss abnormal, long-term consumption abnormal, and short-term consumption abnormal. Details can be found in Section 10.4.3. Corresponding smart contracts were implemented as chaincode in the Hyperledger Fabric v 1.4 and verified in our proposed eBC architecture. Further, deep neural network models were also employed for data anomaly detection and prediction. Our proposed eBC architecture for IoT security was able to protect the AMI smart meters from power theft, detect smart meter tampering, and detect smart meter malfunctioning.
  • • The performance of the proposed system was analyzed in terms of the execution time and the throughput of transactions. Solutions for addressing confidentiality, integrity, availability, and security with virtualization are presented to show the effectiveness of our architecture. Simulation results show that under these different attack scenarios, the proposed system is still reliable.

Organization

The remainder of this chapter is structured as follows. A discussion of works about blockchain technology and the IoT is presented in Section 10.2. Section 10.3 gives the main shortcomings of current IoT-based blockchain applications and outlines the primary technical challenges. In Section 10.4, our edge-based blockchain architecture and the methodology for evaluating blockchain implementations are presented. Then, a discussion of our performance results and implications are covered in Section 10.5. Finally, Section 10.6 concludes the chapter.

 
Source
< Prev   CONTENTS   Source   Next >