Blockchain-based Zero Trust on the Edge (2311.16744v1)
Abstract: Internet of Things (IoT) devices pose significant security challenges due to their heterogeneity (i.e., hardware and software) and vulnerability to extensive attack surfaces. Today's conventional perimeter-based systems use credential-based authentication (e.g., username/password, certificates, etc.) to decide whether an actor can access a network. However, the verification process occurs only at the system's perimeter because most IoT devices lack robust security measures due to their limited hardware and software capabilities, making them highly vulnerable. Therefore, this paper proposes a novel approach based on Zero Trust Architecture (ZTA) extended with blockchain to further enhance security. The blockchain component serves as an immutable database for storing users' requests and is used to verify trustworthiness by analyzing and identifying potentially malicious user activities. We discuss the framework, processes of the approach, and the experiments carried out on a testbed to validate its feasibility and applicability in the smart city context. Lastly, the evaluation focuses on non-functional properties such as performance, scalability, and complexity.
- N. F. Syed, S. W. Shah, A. Shaghaghi, A. Anwar, Z. Baig, and R. Doss, “Zero trust architecture (zta): A comprehensive survey,” IEEE Access, 2022.
- B. Sedlak, I. Murturi, P. K. Donta, and S. Dustdar, “A privacy enforcing framework for data streams on the edge,” IEEE Transactions on Emerging Topics in Computing, 2023.
- P. K. Donta, I. Murturi, V. Casamayor Pujol, B. Sedlak, and S. Dustdar, “Exploring the potential of distributed computing continuum systems,” Computers, vol. 12, no. 10, 2023.
- S. Rose, O. Borchert, S. Mitchell, and S. Connelly, “Zero trust architecture,” National Institute of Standards and Technology, Tech. Rep., 2020.
- A. Gharaibeh, M. A. Salahuddin, S. J. Hussini, A. Khreishah, I. Khalil, M. Guizani, and A. Al-Fuqaha, “Smart cities: A survey on data management, security, and enabling technologies,” IEEE Communications Surveys & Tutorials, vol. 19, no. 4, pp. 2456–2501, 2017.
- T. Salman, M. Zolanvari, A. Erbad, R. Jain, and M. Samaka, “Security services using blockchains: A state of the art survey,” IEEE communications surveys & tutorials, vol. 21, no. 1, pp. 858–880, 2018.
- Z. Xiaojian, C. Liandong, F. Jie, W. Xiangqun, and W. Qi, “Power iot security protection architecture based on zero trust framework,” in 2021 IEEE 5th International Conference on Cryptography, Security and Privacy (CSP). IEEE, 2021, pp. 166–170.
- C. DeCusatis, P. Liengtiraphan, A. Sager, and M. Pinelli, “Implementing zero trust cloud networks with transport access control and first packet authentication,” in 2016 IEEE International Conference on Smart Cloud (SmartCloud). IEEE, 2016, pp. 5–10.
- M. Samaniego and R. Deters, “Zero-trust hierarchical management in iot,” in 2018 IEEE international congress on Internet of Things (ICIOT). IEEE, 2018, pp. 88–95.
- B. Chen, S. Qiao, J. Zhao, D. Liu, X. Shi, M. Lyu, H. Chen, H. Lu, and Y. Zhai, “A security awareness and protection system for 5g smart healthcare based on zero-trust architecture,” IEEE Internet of Things Journal, vol. 8, no. 13, pp. 10 248–10 263, 2020.
- M. Sultana, A. Hossain, F. Laila, K. A. Taher, and M. N. Islam, “Towards developing a secure medical image sharing system based on zero trust principles and blockchain technology,” BMC Medical Informatics and Decision Making, vol. 20, no. 1, pp. 1–10, 2020.
- A. Dorri, S. S. Kanhere, R. Jurdak, and P. Gauravaram, “Blockchain for iot security and privacy: The case study of a smart home,” in 2017 IEEE international conference on pervasive computing and communications workshops (PerCom workshops). IEEE, 2017, pp. 618–623.
- M. Castro, B. Liskov et al., “Practical byzantine fault tolerance,” in OsDI, vol. 99, no. 1999, 1999, pp. 173–186.