UK University collaboration explores IOT security solution
View(s):A consortium of network security engineers from the UK and India drawn from academia and industry are exploiting the possibilities within blockchain architecture to provide security in Internet of Things (IOT) applications for healthcare data sharing.
A media release issued by City, University of London Communications Department, quoted Professor of Network Engineering at City, University of London, Prof. Muttukrishnan Rajarajan, a UK-based member of the consortium as saying:
“Our consortium will be exploring the use of a privacy-preserving blockchain architecture for IoT applications in healthcare data sharing, using attribute-based (ABE) encryption to provide greater security for the devices. Due to low voltage powering many devices drawn together by the IoT, the use of these devices are frequently compromised by their lack of sophisticated security measures.”
The research comes against the backdrop of the recent WannaCry ransomeware attack of May 12, 2017, which severely crippled operations of the UK’s National Health Service causing it to run some of its services on an emergency-only basis during the attack.
The IoT refers to a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers and the ability to transfer data over a network without requiring human-to-human and human-to-computer interaction, the release said.
Blockchain is a distributed ledger technology (DTL), which keeps a permanent, tamper-proof listing of records. The blockchain maintains the records, or blocks of information, through a peer-to-peer network; there is no central control and everyone in the network shares control of the data.
Prof. Rajarajan was quoted as saying that the use of blockchain technology in the IoT has three main security advantages:
- The sensor data generated by IoT devices will be rigorously verified by a number of data miners in the blockchain network for legitimacy before being accepted which will mitigate several security attacks including data manipulation;
- Once the data is accepted and appended to the blockchain the data will not be intercepted; There is no central authority or storage sever and therefore the trust of each node will be built by reputation:
- If there is a malicious node propagating false data it can be identified by data miners and the reputation of the node will be damaged.
Prof. Sudip Misra of the Indian Institute of Technology Kharagpur is also a member of the collaborative research project.