Blockchain based Internet of Things (Debashis De, Siddhartha Bhattacharyya etc.)

210

M. Polychronaki et al.

are, most of the time, sensitive and, therefore, must remain private identiﬁcation and

access management of the devices or services that request to read or process them

is crucial to support the trust on the system and enhance its security and privacy

characteristics.

In fact, there is a signiﬁcant amount of research, backed up with real-world exper-

iments, which agree on the importance of a robust identiﬁcation system for IoT envi-

ronments. For example, in [1–3], the authors come to the conclusion that applying

a set of rules and using certain techniques for creating such a system strengthens

the defense of the overall environment from threats like a phishing attack, snifﬁng

attack, injections, data tampering, all kinds of unauthorized access from applica-

tions or users, Sybil Attacks and others. Because of these, the adaptation of the term

identity and access management (IAM) was created, which led to various efforts to

build IAM models to provide security and defense mechanisms for IoT over the last

decade.

At the same time, blockchain technology has established itself beginning with the

creation of Bitcoin [4], and then mainly via the decentralized ﬁnance (DeFi) sector

where a signiﬁcant amount of crypto-coins have been approved as ﬁat and can be

usedinvariouseverydayeconomictransactions.Duetotherevolutionthatblockchain

has brought, both economically and technically, researchers are continuously trying

to ﬁnd different ways of combining it with other technologies. There is no doubt,

as concluded in [5–7] among others, that while blockchain may introduce certain

performance delays, the beneﬁts which are introduced in IoT’s identity management

surpass those.

In this chapter, we will study the ways in which utilizing blockchain can beneﬁt

digital identity management in IoT systems. Speciﬁcally, we will discuss about

models, architectures and algorithms for blockchain-enhanced IAM implementa-

tions for IoT, focusing on key features of blockchain which are ideal for the imple-

mentation of safe and completely private IAM systems, such as the Zero-Knowledge

Proofs and Asymmetric Cryptography. In Sect. 1, the deﬁnition and the terminology

of IAM and blockchain are presented along with the beneﬁts of the blockchain’s

role in IAM processes. In Sect. 2, the basic concepts of IAM are introduced along

with a presentation of the most known models on which modern IAM systems are

relied on. In Sect. 3, the techniques that bring decentralization of IAM are thoroughly

discussed, while in Sect. 4 the cryptographic tools of Zero-Knowledge Proofs (ZKP)

and Decentralized Public Key Infrastructure (DPKI) are introduced along with prac-

tical examples and implementations that highlight the signiﬁcant role they play in

modern decentralized IAM applications. Last but not least, in Sect. 5 the signiﬁcance,

as well as the combination of the aforementioned tools, is concluded and the topics

which need further research on decentralized IAM are brieﬂy mentioned.