Data security in IoT networks

Data protection may be entrusted to the blockchain technology, which is spreading fast even in non-financial applications. In the IoT field, it allows to track billions of connected and interacting devices.

by Valerio Alessandroni

Security in IoT networks is somewhat more demanding than traditional network security because a wider range of communication protocols, standards and device functions may be present; all these factors imply specific problems and greater complexity. One of the most interesting solutions currently available is the blockchain technology.

A constantly growing distributed database
A blockchain is a database with a constantly growing amount of records, called blocks, which are interconnected and protected using encryption. Every block of the chain contains a pointer (hash) connecting it to the previous block, a timestamp and transaction data. The blockchain may record transactions between two parties efficiently, permanently and in a verifiable form. Once registered, data in a block may not be altered retroactively without all successive blocks being modified, which would require consensus from most of the network. The blockchain technology therefore allows recording digital transactions or interactions among nodes in a safe, transparent and efficient way which is also resistant to interruptions. No single computer may manage the entire chain; rather, all participant nodes have a copy of it. Besides, the blockchain does not allow recording of any type of physical information; it can only certify its existence.

Three types of blockchain: public, federate and private
A blockchain is based upon transactions, that is, actions created by participating nodes, and blocks, which record these transactions and ensure that these are in the correct sequence and are not tampered with. All participants may see the blocks and the transactions memorized therein. When a node wants to add a transaction to the chain, all participants to the network check its validity. A set of approved transactions is then grouped as a block, sent to all the nodes in the network which, in turn, validate the new block. Each successive block contains a unique fingerprint (hash) of the previous block. There are three types of blockchain. In a public blockchain everyone can see all transactions and therefore anyone may take part in the consensus process. A federate blockchain allows a limited number of nodes to participate in the consensus process. Private blockchains are normally used within companies, and only selected members may access them and carry out transactions.

Processing transactions and coordinating devices
In the IoT filed, the blockchain technology may be used to trace billions of connected and interacting devices, allowing the certified processing of single transactions and the coordination of devices, eliminating the single error points and creating a more resilient ecosystem. Today many different technologies are grouped under the term “blockchain”, sch as the Bitcoin, Ethereum, Hyperledger and Corda Blockchains and Blockchain-as-a-service by Microsoft. The first application of the blockchain technology, which is currently in the limelight, is the crytpocurrency, Bitcoin. But a blockchain may also be used in the real estate or healthcare industries, or to create one’s own digital identity. Many consider that blockchains are a new generation of Internet, or better still, a New Internet, a sort of Internet of Transactions.

WSN guarantees confidentiality, integrity and authenticity
Wireless sensor networks, an implementation of Internet of Things, are made up of autonomous sensors, distributed within a certain space to monitor such physical and environmental properties as temperature, sound, pressure and so forth, and to transfer in a cooperative way their data to a central workstation by means of the network. More modern networks work in two directions, allowing to monitor even the sensors’ activity from the central workstation. A WSN is therefore made up of “nodes”, where every node is connected to one or more sensors. The main objective of security in WSNs is guaranteeing confidentiality, integrity and authenticity. “Confidentiality” means that the data carried by the network may not be read by others except by the envisaged recipient. “Integrity” implies that every message received is absolutely identical to the corresponding sent message, with no additions, deletions or changes in the content. Finally, “authenticity” means that a message coming from a certain source must really have been sent out by that source. If, within the authentication scheme, time is factored in, authenticity also serves the purpose of protecting a message from recording or replication.

Suitable tools to build secure wireless communication
The issue of authentication in IoT networks is peculiar: while in the best part of corporate networks authentication processes require insertion of credentials on the part of a human being, many IoT authentication scenarios (such as embedded sensors) are based on machine-to-machine interactions without any human intervention. The consequences of scarce security are not always easy to foretell. For instance, when ZigBee technology was introduced, in most networks there was no security. As a consequence, in demonstrations to show the possibility of multi-vendor operations, many ZigBee networks used to fail miserably, since they interpreted a command sent using another network. Fortunately, powerful tools are today available to build safe and sturdy wireless communication networks: encryption tools, message integrity checks, random figure generators, shared keys, access control ans so on. Using well-defined principles, appropriate protocols and encryption systems, besides the randomness implicit in physical and thermal noise, it is possible to build secure and efficient systems.