According to a recent report by digital security firm Gemalto, only 48 percent of Internet of Things (IoT) companies can accurately check whether their devices experienced security problems. The report stated that 59 percent of respondents in the study as being unclear on who is responsible for IoT security, seeking clarification from governments. This problem about IoT device security is at alarming rate. The inability to accurately discern whether a device has been compromised leads to several problems. Researchers at Cisco Talos revealed that nearly 500k routing devices were compromised for an extended period, leading to file collection and remote device management of the devices.
IoTeX is one of the companies leading the way on innovation in the field of IoT security and data privacy, a blockchain-based platform that integrates robust cryptographic primitives with a scalable and secure infrastructure. IoTex has proposed a platform to reduce the security problems for IoT devices by blockchains.
Blockchains inherently confer decentralization and transparency to networks, and when used within a crypto-economic model, can provide elasticity to a system, meaning that it can adapt in real-time for efficiently allocating resources. Moreover, blockchains are immutable data ledgers that integrate well with recent cryptography innovations for public communication and data transfers.
IoTeX solved IoT problems by using a ‘blockchains in a blockchain’ architecture where different IoT devices connect to various subchains or hubs, on the main blockchain depending upon their format and operating requirements. By doing so, IoTeX’s network can scale effectively for heterogeneous devices, which is necessary in the IoT sector.
With a scalable infrastructure in place, IoTeX focuses on integrating advanced cryptography for secure data transfers and uses their in-house trusted execution environments (TEEs) for mitigating physical or remote access control of devices.
The platform uses ring signatures, payment codes, and bulletproofs to provide both the authenticity of data transfers, and the anonymity of transfer details, including sensitive personal data of users. The security and privacy guarantees of cryptography are based on complicated math and can’t be hacked because they are designed to be one-way functions that cannot be re-engineered.
Similarity, IoTeX seems to prevent remote and physical tampering of devices by TEE design, which enables edge device authentication, ID and device management, and role-based access control. With the help of TEE’s, IoTeX and systems connecting to the network will be able to accurately discern whether a device has been compromised, alleviating many of the concerns outlined in the Gemalto report.
Overcoming the security problems facing IoT devices will be an arduous task. As the number of Internet-connected devices continues to proliferate, blockchains and their associated technologies provide some clear advantages, and enterprises are taking notice.
Gemalto (2019, Jan 15), Almost half of companies still can’t detect IoT device breaches, reveals Gemalto study
General Fenech (2019, Jan 22), Leading blockchain integration with IoT devices for Enhanced security