Blockchain Technology for IoT Device Identity Management
June 13, 2019
Blockchain Technology for IoT: One of the significant enemies of cybersecurity is knowledge. The IoT devices, wherever they are, collect and store much information about the user, are a prime target for cybercriminals. The more important aspect is that the devices of the Internet of Things collect private & precious information about the behavior of the user in specific areas: financial, health, education. Hence a more comprehensive security mechanism like managing the device identity management on the blockchain is essential to secure the devices.
In the Internet of things, the role of identity management is expanding to validate the authenticity of a device to perform a particular function. Identity management has grown beyond just identifying people and managing their access to various kinds of data on the devices or things being used by a particular user group like sensitive data, non-sensitive data, device data. In the IoT, identity management must be able to identify devices, sensors, monitors, and manage their access to sensitive and non-sensitive data.
The growth of the Internet of Things has impacted how Identity and Access Management (IAM) should work. The concept of Identity of Things (IDoT), leverages IAM to manage the various interaction points securely, i.e., human-to-device, device-to-device, and device-to-service/system.
The concept of Identity of Things is to ensure there is a method for managing device identity, and for this, it should do some of the following:
Identify a naming system for IoT devices.
Establish a process for having an identity lifecycle for IoT devices to meet the projected lifetime of these devices.
Build a transparent process for registering the IoT devices; the type of data that the device handles to shape the device registration process.
Define security protocols & safeguards for data from IoT devices.
Draw a well-defined authentication and authorization process for access to connected devices.
Create a firewall for protecting different types of data, making sure to create privacy firewalls
Blockchain Technology Usecase for IoT Device Identity Management
Using blockchain for performing Identity of Things creates an immutable way to authenticate an IoT device based on its unique properties. A device identification key is created in the blockchain using device properties like source, design, assembly, configuration, deployment, faults, certification, and data patterns.
The key management process for device identification involves creating, renewing, and managing private keys. As key management is a critical part of device security, any lost keys may compromise security. Also, expired certificates and keys can potentially shut down device communications because keys created with certificate expires can no longer be used to create a secure connection channel. Hence the first step to key management is deciding on the way to store the keys securely: either by hosted public CA or on-premise and managed by the organization.
Here is the workflow for blockchain based Device Identification Management. While the workflow in this picture is self-explanatory, it is to note that the identity of the device is built and validated by the blockchain. Device identity is created and verified with blockchain for various IoT operations like device update & device communication. This workflow addresses all the critical aspects of identity and key management to ensure the device is protected from vulnerability or data hacks.
Hurify is working on multiple use cases based on this device identity management concept. This article provides a preview of the first phase implementation and solution built out of its BIAT (Blockchain of Intelligent and Autonomous Things) corporate vision.
Hurify operates the IoT Blockchain marketplace & Blockchain for Intelligent and Autonomous Things as Hurify Digital Markets, Inc in the United States & HUR Technologies, UAB in Europe