Blockchain holds much promise for IoT security (Reader Forum)
The Internet of Things (IoT) is generating a great deal of excitement across all verticals, especially as operators ramp up plans for 5G networks. IoT increasingly is being used across a broad spectrum of industries, as well as in the consumer segment. Globally, IoT connections will grow to 3.9 billion by 2022, representing a 32 percent compound annual growth rate (CAGR) from 2017.
However, as more “things” are connected, IoT becomes increasingly vulnerable to cyberattacks and hacks. Currently, fewer than half of businesses can detect if any of their IoT devices suffer a breach. This comes despite increases on spending for protection and the widely held belief that security is a major consideration on IoT networks.
These security issues are driving increased consideration of blockchain to secure IoT. Blockchain creates a distributed ledger that tracks every transaction. Every “block” on the chain contains transactional records or other data that needs to be secured against tampering. Each block is linked to the previous one by a cryptographic hash, so any tampering with the block will invalidate that connection.
The system works because all of the blocks have to agree with each other on the specifics of the data that they’re safeguarding. If someone attempts to alter a previous transaction on a given node, the rest of the data on the network pushes back.
Adoption of blockchain more than doubled – from 9% to 19% – during 2018. Use of blockchain security for IoT could become a critical issue for service providers, 80 percent of which aim to become IoT service enablers or IoT service creators in different areas.
What is blockchain for IoT?
Blockchain contains strong protections against data tampering that can block access to IoT devices and shut down compromised devices in an IoT network. Blockchain secures connected devices by using digital signatures to identify and authenticate each device, adding them as authorized participants in the blockchain network. Every new device that’s added to the network is assigned a unique digital ID on the blockchain network. This creates secure channels for communication between IoT devices, as well as with core systems.
In a blockchain-protected IoT network, each authenticated device that joins is treated as a participating entity. All communication between devices and core systems is cryptographically secured and stored in tamper-proof logs. In this way, all authenticated devices are made invisible to attackers, adding an extra layer of security to the IoT network.
Because a blockchain-powered IoT platform is decentralized, there is no single point of failure that can be attacked to bring down the network. Security control is distributed across nodes within a blockchain network. This disables hackers from spoofing their way into an IoT network, while also protecting the IoT network from distributed denial of service (DDoS) attacks.
The decentralized nature of blockchain could also ensure scalability. It is true that in an environment with millions of devices the requirements for scaling will still need to be considered and answered first, but as IoT and blockchain become more established we will see participants receive immediate notifications when devices are added or removed from the platform. This provides adaptability and flexibility to the platform so it can expand and evolve over time without significant upgrades.
How can Hyperledger impact the IoT
A growing number of communications service providers (CSPs) are exploring the ways in which Hyperledger can impact IoT deployments. Hyperledger is an open source collaboration hosted by the Linux Foundation that aims to advance cross-industry blockchain technologies, with input from numerous verticals, including telecom, finance, manufacturing, transportation and technology.
Hyperledger enables more secure, reliable and streamlined interactions in a blockchain environment. It is modular in nature, highly secure, is interoperable and contains complete application programming interfaces (APIs). Moreover, Hyperledger encourages specialization, so participants that specialize in similar areas can collaborate instead of competing.
One Hyperledger platform that holds tremendous promise for CSPs is Hyperledger Fabric, which allows enrolled members to manage transactions in a blockchain system that is private and permissioned. By contrast, open network systems don’t require permissions and, thus, can be accessed by unknown identities.
Additionally, Hyperledger Fabric allows for ledger data to be stored in multiple formats and supports the creation of channels. These channels allow groups of participants to create a separate ledger of transactions, guaranteeing privacy.
For instance, a telecom service provider might create a channel for IoT devices from a network equipment manufacturer (NEM) using Hyperledger. However, competing CSPs and NEMs won’t be able to access copies of the ledger in that channel. In this way, Hyperledger Fabric supports IoT networks in which privacy is a key operational requirement.
The merging of blockchain with IoT holds tremendous promise, creating a verifiable, secure and permanent method for handling data generated by the “things” on IoT networks. However, security failures in IoT can expose devices, as well as sensitive personal and corporate data. Using blockchain to manage data access in an IoT environment creates an additional layer of security necessary for the overall success of IoT deployments.