We address the limitations of existing information security solutions when applied to the cyber-physical world. In particular, we consider the case of Internet of Things (IoT) actuation and we argue that it is hard to secure such a process. To this end, we propose a “damage control” approach, where service time is divided into slots and users perform microservice transactions, paying essentially in advance for each one, corresponding to one service slot. Under these circumstances, in the case of service disruption, a user, in the worst case, may lose the amount of money that corresponds to a single micro-service transaction in a single time slot. We implement our solution by leveraging blockchain-based smart contracts, off-chain payments, and one-time Hash-based Message Authentication Code (HMAC) passwords. Our solution supports IoT devices with limited processing capabilities and which are not necessarily connected to the Internet. Moreover, with our solution, IoT devices do not interact directly with the blockchain. In fact, they are oblivious to the use of blockchain technology. They do not store any usersensitive information, neither are payments made to or is value stored on the devices.

View More Papers

IoT Security Solution Distribution via DLT

Le Su (Nanyang Technological University, Singapore); Dinil Mon Divakaran (Trustwave, Singapore); Sze Ling Yeo (Institute for Infocomm Research, Singapore); Jiqiang...

Read More

Poisoning Attacks on Federated Learning-based IoT Intrusion Detection System

Thien Duc Nguyen, Phillip Rieger, Markus Miettinen and Ahmad-Reza Sadeghi (TU Darmstadt, Germany)

Read More

Enabling Decentralised Identifiers and Verifiable Credentials for Constrained IoT...

Dmitrij Lagutin, Yki Kortesniemi, Nikos Fotiou and Vasilios A. Siris

Read More

Proof-of-Authentication for Private Distributed Ledger

Zhiyi Zhang, Vishrant Vasavada, Randy King and Lixia Zhang

Read More