Recently, the popularity of the Internet of Things (IoT) has led to a rapid development and significant advancement of ubiquitous applications seamlessly integrated within our daily life. Gartner Research predicts 20 billion IoT connected devices by 2020. A significant risk to IoT systems comes from a large number of connected devices. As more devices communicate and share data with each other and the user over the Internet, it is critical to determine the origins of requests and responses. Thus, security and privacy issues regarding data ownership in IoT are considered a major concern. However, the decentralized nature of IoT and the resource constraints of its interconnected devices create several serious security and privacy issues. Edge devices are typically very small and most are computationally vulnerable due to their primitive operating systems. However, with that, a new opportunity to use blockchain (BC) solutions in order to reinforce some security aspects for the Edge layer presents itself.
Blockchain can provide decentralized security and privacy, which is something IoT systems desperately need. The massive scale and distributed nature of IoT systems make the use of blockchain as integral to security improvements rather ideal. Blockchain technology is a valuable and promising link to address reliability and privacy challenges in an Internet of Things. This decentralized approach would deliver a resilient ecosystem in which IoT devices can function effectively. Moreover, it will provide reliability by eliminating single points of failure, and achieve anonymity by using privacy-preserving cryptographic algorithms.
The main contribution of this research project is to introduce a blockchain-based architecture for IoT that delivers lightweight and decentralized security and privacy. The proposed design includes a Blockchain Connected Gateway which adaptively and securely maintains user privacy preferences for IoT devices in the blockchain network. Individual privacy leakage can be prevented because the gateway effectively protects users’ sensitive data from being accessed without their consent. A digital signature mechanism is proposed for the purposes of authentication and secure management of privacy preferences. Furthermore, we adopt the blockchain network as the underlying architecture of data processing and maintenance to resolve privacy disputes.