Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Ensuring Data Security in the Context of IoT Forensics Evidence Preservation with Blockchain and Self-Sovereign Identities

  • Conference paper
  • First Online:
Information Systems Security (ICISS 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14424))

Included in the following conference series:

  • 604 Accesses

Abstract

As Internet of Things (IoT) networks expand, significant challenges related to the secure management of data generated by these devices emerge. The integrity and reliability of this data are critical in sensitive sectors, such as forensic evidence preservation. In this context, we present an innovative architecture based on Self-Sovereign Identity (SSI) tailored for resource-constrained IoT devices.

Our proposal addresses the intrinsic limitations of current systems, which often fail to ensure the integrity, reliability, and traceability of data originating from IoT devices. To tackle this issue, we propose using decentralized identifiers (DIDs) to establish unique identities for IoT devices, accompanied by verifiable credentials (VCs) that attest to data ownership. To implement this solution, we have developed an application that serves as a gateway for resource-constrained devices, typically certified and connected to a broker. Our application utilizes Hyperledger Aries and Indy libraries, providing essential resources to address these challenges. Furthermore, we conducted comprehensive simulations and a performance analysis to validate the effectiveness of our approach. Integrating these technologies enables the certification of data collected by IoT devices, offering a robust framework for the data custody chain. Consequently, this substantially contributes to preserving this data’s integrity, reliability, and traceability in critical environments.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 79.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Algarni, S., et al.: Blockchain-based secured access control in an IoT system. Appl. Sci. (Switzerland) 11(4), 1–16 (2021). https://doi.org/10.3390/app11041772

    Article  MathSciNet  Google Scholar 

  2. Gubbi, J., Buyya, R., Marusic, S., Palaniswami, M.: Internet of Things (IoT): a vision, architectural elements, and future directions. Futur. Gener. Comput. Syst. 29(7), 1645–1660 (2013). https://doi.org/10.1016/j.future.2013.01.010

    Article  Google Scholar 

  3. Arshad, H., Jantan, bin, A., Abiodun, O.I.: Digital forensics: review of issues in scientific validation of digital evidence. J. Inf. Process. Syst. 14(2), 346–376 (2018). https://doi.org/10.3745/JIPS.03.0095

    Article  Google Scholar 

  4. Shah, M., Saleem, S., Zulqarnain, R.: Protecting digital evidence integrity and preserving chain of custody. J. Digit. Forensics Secur. Law (2017). https://doi.org/10.15394/jdfsl.2017.1478

  5. Sporny, M., Longley, D., Allen, C., Sabadello, M., Reed, D.: Decentralized identifiers (DIDs) v1.0. W3C, W3C Working Draft (2019). https://www.w3.org/TR/did-core/. Accessed 29 Sept 2023

  6. Sporny, M., Noble, G., Burnett, D., Zundel, B., Longley, D.: Verifiable credentials data model 1.0. W3C, W3C Recommendation. https://www.w3.org/TR/vc-data-model. Accessed 29 Sept 2023

  7. Hyperledger Indy. Hyperledger Foundation Projects INDY. https://www.hyperledger.org/projects/hyperledger-indy. Accessed 26 Sept 2023

  8. Indy SDK. Hyperledger Foundation Projects INDY. https://github.com/hyperledger/indy-sdk. Accessed 20 Sept 2023

  9. Hyperledger Aries. Hyperledger Aries Cloud Agent Python. https://github.com/hyperledger/aries-cloudagent-python. Accessed 29 July 2023

  10. Verifiable Organizations Network (VON). https://github.com/bcgov/von-network. Accessed 02 Oct 2023

  11. Allen, C.: The Path to Self-Sovereign Identity. [S.l.] (2016). http://www.lifewithalacrity.com/2016/04/the-path-to-self-soverereign-identity.html. Accessed 29 June 2023

  12. Brunner, C., Gallersdörfer, U., Knirsch, F., Engel, D., Matthes, F.: DID and VC: Untangling Decentralized Identifiers and Verifiable Credentials for the Web of Trust (2021). https://doi.org/10.1145/3446983.3446992

  13. Peer Did Method Specification. W3C. https://identity.foundation/peer-did-method-spec/index.html. Accessed 26 Sept 2023

  14. Curran, S., Howard, C.: Becoming a Hyperledger Aries Developer. [S.l.] (2021). https://learning.edx.org/course/course-v1:LinuxFoundationX+LFS173x+3T2021/. Accessed 4 Dec 2022

  15. Curran, S., Howard, C.: Introduction to Hyperledger Sovereign Identity Blockchain Solutions: Indy, Aries and Ursa. [S.l.] (2021). https://learning.edx.org/course/course-v1:LinuxFoundationX+LFS172x+2T2021. Accessed 1 Nov 2022

  16. SOVRIN Foundation. Self-Sovereign Identity and IoT. [S.l.] (2020). https://sovrin.org/wp-content/uploads/SSI-and-IoT-whitepaper.pdf. Accessed 1 Oct 2022

  17. Hyperledger Aries Explainer. Hyperledger Aries. https://github.com/hyperledger/aries. Accessed 29 Sept 2023

  18. Hyperledger Ursa Explainer. Hyperledger Ursa. https://github.com/hyperledger/ursa. Accessed 23 July 2023

  19. Fedrecheski, G., Rabaey, J.M., Costa, L.C.P., Calcina Ccori, P.C., Pereira, W.T., Zuffo, M.K.: Self-sovereign identity for iot environments: a perspective. In: Proceedings of the Global Internet of Things Summit, GIoTS 2020 (2020). https://doi.org/10.1109/GIOTS49054.2020.9119664

  20. Luecking, M., Fries, C., Lamberti, R., Stork, W.: Decentralized identity and trust management framework for Internet of Things. In: IEEE International Conference on Blockchain and Cryptocurrency, ICBC 2020 (2020). https://doi.org/10.1109/ICBC48266.2020.9169411

  21. Regueiro, C., Gutierrez-Agüero, I., Agüero, A., Anguita, S., de Diego, S., Lage, O.: Protocol for identity management in industrial IoT based on hyperledger Indy. Int. J. Comput. Digit. Syst. 12(1), 2210142 (2022). https://doi.org/10.12785/ijcds/120153

    Article  Google Scholar 

  22. Dixit, A., Smith-Creasey, M., Rajarajan, M.: A decentralized IIoT identity framework based on self-sovereign identity using blockchain. In: Proceedings of Conference on Local Computer Networks, LCN, pp. 335–338 (2022). https://doi.org/10.1109/LCN53696.2022.9843700

  23. De Diego, S., Regueiro, C., Macia-Fernandez, G.: Enabling identity for the IoT-as-a-service business model. IEEE Access 9, 159965–159975 (2021). https://doi.org/10.1109/ACCESS.2021.3131012

    Article  Google Scholar 

  24. Kortesniemi, Y., Lagutin, D., Elo, T., Fotiou, N.: Improving the privacy of IoT with decentralised identifiers (DIDs). J. Comput. Netw. Commun. 2019 (2019). https://doi.org/10.1155/2019/8706760

  25. Berzin, O., Ansay, R., Kempf, J., Sheikh, I., Hendel, D.: A troca de IoT. arXiv:2103.12131 (2021)

  26. Terzi, S., Savvaidis, C., Votis, K., Tzovaras, D., Stamelos, I.: Securing emission data of smart vehicles with blockchain and self-sovereign identities. In: Proceedings of 2020 IEEE International Conference on Blockchain, Blockchain 2020, pp. 462–469 (2020). https://doi.org/10.1109/BLOCKCHAIN50366.2020.00067

  27. Theodouli, A., Moschou, K., Votis, K., Tzovaras, D., Lauinger, J., Steinhorst, S.: Towards a blockchain-based identity and trust management framework for the IoV ecosystem. In: Proceedings of the Global Internet of Things Summit, GIoTS 2020 (2020). https://doi.org/10.1109/GIOTS49054.2020.9119623

  28. Fotopoulos, F., Malamas, V., Dasaklis, T.K., Kotzanikolaou, P., Douligeris, C.: A blockchain-enabled architecture for IoMT device authentication. In: 2nd IEEE Eurasia Conference on IOT, Communication and Engineering 2020, ECICE 2020, pp. 89–92 (2020). https://doi.org/10.1109/ECICE50847.2020.9301913

  29. Sovrin DID Method Specification. https://sovrin-foundation.github.io/sovrin/spec/did-method-spec-template.html. Accessed 27 Sept 2023

  30. AnonCreds Specification. https://hyperledger.github.io/anoncreds-spec/. Accessed 29 Sept 2023

  31. Official Documentation for the Indy SDK. Hyperledger Foundation Projects INDY. https://hyperledger-indy.readthedocs.io/projects/sdk/en/latest/docs/. Accessed 01 Oct 2023

  32. Masood, F., Faridi, A.R.: Distributed ledger technology for closed environment. In: 2019 6th International Conference on Computing for Sustainable Global Development (INDIACom), New Delhi, India, pp. 1151–1156 (2019)

    Google Scholar 

  33. Lux, Z.A., Beierle, F., Zickau, S., Göndör, S.: Full-text search for verifiable credential metadata on distributed ledgers. In: 2019 Sixth International Conference on Internet of Things: Systems, Management and Security (IOTSMS), Granada, Spain, pp. 519–528 (2019). https://doi.org/10.1109/IOTSMS48152.2019.8939249

  34. Light, R.A.: Mosquitto: server and client implementation of the MQTT protocol. J. Open Source Softw. 2(13), 265 (2017). https://doi.org/10.21105/joss.00265

    Article  Google Scholar 

  35. Aries RFC 0050: Wallets. https://github.com/hyperledger/aries-rfcs/blob/main/concepts/0050-wallets/README.md. Accessed 25 Sept 2023

  36. Docker Community. https://www.docker.com/community/. Accessed 25 July 2023

  37. ACA-Py Java Client Library. https://github.com/hyperledger-labs/acapy-java-client. Accessed 20 Sept 2023

  38. The Bouncy Castle Crypto APIs. The Legion of the Bouncy Castle. https://www.bouncycastle.org/. Accessed 15 Sept 2023

  39. Java Paho MQTT Client. Eclipse Paho Project. https://www.eclipse.org/paho/. Accessed 02 June 2023

  40. PostgreSQL. PostgreSQL Global Development Group. https://www.postgresql.org/. Accessed 2 Ago 2023

  41. MongoDB. https://www.mongodb.com/. Accessed 4 Ago 2023

  42. Eclipse Mosquitto. https://mosquitto.org/. Accessed 2 June 2023

  43. Self-Sovereign Identity Gateway for the Internet of Things. https://github.com/cristiandossantos/iot-ssi-gateway. Accessed 03 Oct 2023

  44. Apache Software Foundation. Apache NetBeans. https://netbeans.org/. Accessed 02 July 2023

  45. Apache Software Foundation. JMeter. https://jmeter.apache.org/. Accessed 06 July 2023

Download references

Author information

Authors and Affiliations

  1. Computer Science, Federal University of Santa Catarina (UFSC), PO Box 476, Florianopolis, SC, 88040-970, Brazil

    Cristian Alves dos Santos, Leandro Loffi & Carla Merkle Westphall

Authors
  1. Cristian Alves dos Santos
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Leandro Loffi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Carla Merkle Westphall
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Cristian Alves dos Santos .

Editor information

Editors and Affiliations

  1. Griffith University, Gold Coast, QLD, Australia

    Vallipuram Muthukkumarasamy

  2. Centre for Development of Advanced Computing (C-DAC), Bangalore, India

    Sithu D. Sudarsan

  3. Indian Institute of Technology Bombay, Mumbai, India

    Rudrapatna K. Shyamasundar

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

dos Santos, C.A., Loffi, L., Westphall, C.M. (2023). Ensuring Data Security in the Context of IoT Forensics Evidence Preservation with Blockchain and Self-Sovereign Identities. In: Muthukkumarasamy, V., Sudarsan, S.D., Shyamasundar, R.K. (eds) Information Systems Security. ICISS 2023. Lecture Notes in Computer Science, vol 14424. Springer, Cham. https://doi.org/10.1007/978-3-031-49099-6_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-49099-6_20

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-49098-9

  • Online ISBN: 978-3-031-49099-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation