Blockchain – A Solution for IoT Security
If you haven’t kept yourself abreast of the latest technology trends, the possibility of using blockchain for IoT security solutions might take you by surprise. Most of us have heard of Blockchain as the engine behind cryptocurrency and IoT as the technology behind smart homes, connected medical devices, etc.
Blockchain for IoT security gives us an interesting view of how diverse technologies can come together to potentially create new ways of deriving value in the years to come.
Challenges in IoT Security
Internet of things or IoT as we call it is a set of interconnected networks and heterogeneous devices. It is characterized by device-to-device or M2M (machine-to-machine) communication. The resources available to each device are limited as compared to other endpoint devices like smartphones, tablets, or laptops. This is due to their small sizes and limited memory and power.
Traditional security methods that are deployed in other setups are an expensive proposition for IoT security in terms of energy consumption and memory requirements. Further, many of the security frameworks are centralized which means they present a single gateway. Such a centralized setup, when compromised via any single device can allow access to a whole IoT network.
An ideal IoT security solution would be one which can guarantee data integrity and confidentiality, and enable end-to-end communication through an authentication mechanism. All this while being light on resource requirements.
What is Blockchain?
To appreciate how blockchain can be used for IoT security solutions, let’s first understand the basics of Blockchain.
A blockchain is a database ledger, which is decentralized, shared, distributed, and immutable. All transactions – or data, are stored in chronological order, in a set of participating computer memories (called nodes) that are tamper-proof. Basically, every modification or deletion of data is recorded and stored as blocks, which creates a chain of events. Each transaction comes with a digital signature that can never be modified or removed. It is like storing a registry of assets and transactions across a peer-to-peer (P2P) network in the form of a public ledger that is impossible to modify. This is because every user or node in the system retains the same ledger as all other users or nodes in the network.
Benefits of Using Blockchain in IoT Security
Based on our understanding of the blockchain architecture, the key strengths that blockchain brings to the IoT security table are
- Distributed and decentralized nature of blockchain removes the possibility of having a single point of failure
- Impossible to tamper with and maintains the integrity of data
- Scalable because nodes can be added as and when needed
- Smart contracts provide effective authorization access rules to IoT devices with considerably less complexity as compared to traditional authorization protocols
Blockchain Security in a Smart Home
The decentralized nature of blockchain can prevent a compromised device from disrupting a network or broadcasting misinformation in a smart home environment or a smart factory or a healthcare IoT.
To deploy blockchain in say a smart home environment, an always-online, high-resource device known as the miner can be installed. This node is made responsible for handling all communication within the home devices and also with those external to the home. The miner device can also host a private and secure blockchain for controlling and auditing any transaction or communication. If a device is corrupted, it can be programmed to instantly disconnect from the network without needing consensus from all the nodes, to protect other devices and their operation.
A blockchain-based framework like this can:
- Authenticate users and devices
- Remove a single point of failure
- Continuously track all the devices in the network
Blockchain Security for IoMT (Internet of Medical Things)
Personal Medical Devices (PMDs) are used to monitor the medical condition of a patient. They are either planted in a patient’s body or attached externally. The communication between devices and sensors allows the doctors and caretakers to stay on top of the patient’s health and initiate necessary treatments or diagnostics.
A blockchain-based medical network would include the doctors, lab assistants (who upload diagnostic reports), caretakers, and the devices as nodes. A typical block would contain the patient data, time of creation, and the information of the initiator of the block. This block is shared with all the peers or nodes in the patient network. Only when a new block is approved by the majority of the peers, it is inserted into the chain.
A solution like this can protect against a variety of attacks that are inflicted on medical devices. Eavesdropping in which the privacy of the patient is leaked, or integrity error in which the message can be tampered with, or making devices unavailable by means of battery draining attacks can all be prevented.
Why Blockchain for IoT Security – A Final Look at Statistics
Without adequate security, IoT networks are easy targets for cybercriminals who access devices and steal personal information, such as financial data or sensitive medical information.
They can also launch conventional denial-of-service attacks, sinkhole attacks, jamming adversaries, or replay attacks to exploit IoT components at different layers. Such attacks hamper the quality of service and can lead to serious consequences and financial loss. As per the IoT Threat Report published by Unit 42 in 2020, 98% of IoT device traffic is unencrypted and 57% of IoT devices can be easily exploited by hackers as they are vulnerable to medium-severity attacks. In 2019, a whopping 60% of businesses in the UK, France, and Germany were hacked through printers connected to the respective networks.
The world is changing and Internet of Things is one of the key technologies driving this change. However, with its increasing applications and adoption, the security challenges associated with IoT are mounting at the same pace. Blockchain-based IoT security solutions that provide decentralized, distributed, shared, and immutable database ledgers are showing great potential to tackle these security challenges and threats.