Blockchain based IoT systems
Abstract— IoT being used not just for smart homes but for many other industries such as healthcare, finance and agriculture. We have achieved a point where the attacks on IoT devices are increasing every day, it is necessary to improve the security and liability of these technologies. Over past few years blockchain technology has been proving to be a great solution for addressing the IoT vulnerabilities, by providing trust and sustainability when joint to IoT solutions.
In this paper, we are going to describe and critically appraise these blockchain solutions that are currently on the market and how they integrate with IoT applications, including application scenarios, transaction procedure, and the functional component of the architecture and system components.
Keywords— #Blockchain based #IoTsystems, #IoTtechnology, #blockchaintechnologies, #IoTsecurity
I. INTRODUCTION
As the IoT market keeps growing and more IoT devices are given the ability to autonomously engage in transactions, —such as devices negotiating for and purchasing, electric power, and other resources using digital tokens. This attracts potential attackers because the devices are connected to wallets where funds are stored, therefore attackers will try to gain access and steal the funds. This is why the need for the security around IoT devices increases. Normally the IoT devices are located outside of the firewalls and do not have encryption or any security software running on the device due to hosting and resources constraints. On several occasions IoT devices had been hacked and used to assist denial of services attacks. These attacks effect regular users, businesses and even governments [1].
In the current environment with Covid-19 pandemic, many people work and study remotely which has caused high uptake of IoT devices which will remain in place for some time. This is driving the rise of the attacks on IoT devices. In 2020, some hackers targeted a CFO MacBook as he was working from home, the goal was to eaves drop on financial valuable information via gaining control of the microphone. The hackers faced some difficulty and instead they located a smart speaker on the CFO’s network and managed to connect to it via Bluetooth and reached their objective and eves dropped on the private financial conversations of the CFO [1].
II. METHODOLOGY
This paper discusses the three IoT security solutions; Atonomi, IoTChain and RIOT. The research was based on the search references in IEEE Explore, Google Scholar, Elsevier and webpages. Firstly we discuss the overview of each of the solutions and the benefits as seen in Section III-V, then we propose blockchain IoT system architecture and apply it to the Postal Service scenario in Section IV. Then in section VII we provide a classification of blockchains available and in section VIII make a comparison of IoT solutions discussed. In the final Section IX we conclude on the research.
III. ATONOMI
A. Overview of Atonomi
Due to the rise of the attacks on the IoT devices, there are precautions a user can take such us changing default passwords, separating the devices from the network and not input too much personal data. However there is a solution in place in the market that provides universal trust environment called Atonomi – IoT device security platform that solves the fundamental concerns in security of IoT. It uses latest cybersecurity technology and Ethereum blockchain technology to enable manufacturers to register devices, enabling users to activate registered devices as well as enable device interoperability and reputation for a connected world. The core of the Atonomi is the compact code of the Atonomi Device SDK which lets registered devices to validate the IoT device’s reputation, stored on the blockchain, to establish trust before exchanging data or engaging in commerce transactions [2].
The components of Atonomi architecture:
a) Registration: The identity registration number (IRN) is used to add manufactures on to the blockchain. Once the manufacturer registered as trusted party they can add their devices, which also get stored on the blockchain. There are four parts to the registration process:
When the IoT device is being created the unique identity is created. The developer or manufacturer of the device registers the unique ID onto the Atonomi whitelist, which will be liked to IRN when user activates the device. The IRN uses device unique ID with public and private key pair to activate the device.
The Atonomi registration service communicates with the IRN to register new devices on to the blockchain. The device must be registered and recorded on the blockchain in order for the user to activate it.
Manufacturers hold an interface into IRN where they register devices before they go to market. Atonomi provides manufacturers that join, with credentials that provide access to the interface.
A smart contract is a form of distributed computation. It manages the records of manufacturer registration details and Ethereum address on to the blockchain. It also manages the new device IDs when they are added to the Atonomi whitelist via interface with manufacturer. The payment for registering the devices is also managed by a smart contract.
b) Activiation: When Atonomi enabled device is purchased/received by end user. The end user enters the device ID and the portal takes device ID sends request to user’s wallet to transfer the Atonomi tokens for the activation fee. The activation of the device in Atonomi trust environment occurs when the IRN finds the device in the whitelist database, verifies the signatures and clears the payment for the activation. The smart contract manages the writing the device ID onto the blockchain and also the transaction of Atonomi tokens for the activation service [2].
c) Validation: figures and tables at the top and bottom of columns. Avoid placing them in the middle of columns. Large figures and tables may span across both columns. Figure captions should be below the figures; table heads should appear above the tables. The validation service is a cloud-based that is resilient to high volume of requests. It provides a device interface that allows devices to communicate with other devices by exchanging their device IDs. Then it reads the device identity from the blockchain as validation that it has been registered/activated on the Atonomi trust environment [2].
d) Reputation: The reputation functionality is utilised after the Atonomi enabled device is activated by end user and starts communicating with other devices. The reputation service is cloud based and robust. Devices are able to submit a reputation report concerning other devices they have transacted with. . Once submitted, the reputation service receives the report, validates it against the validation database and logs it into the reputation database for additional processing. The reports are periodically audited by reputation auditors using Atonomi reputation model to produce updated reputation scores for devices. The smart contract manages the writing of the updated reputation scores to the blockchain once the auditors have processed the report. The smart contract also facilitates payment for the report updates and auditor fees.[2].
e) Atonomi Token: The Atonomi Token, is used a value during device registration, device activation, and to pay the fee to reputation auditors. The Atonomi Token can also be used to pay processing fees for secure device-to-device digital payments between devices registered onto the Atonomi trust environment. However Atonomi does not charge any fees for data exchanges, the security component protects the data during transport between devices through cryptography, including Elliptic Curve Diffie-Hellman Cryptography (ECDH) 25519, Salsa20 Symmetric key cipher data encryption, and SHA-512 cryptographic hash function for key derivation. For example, a smart meter on a home may negotiate with the power company by exchanging data which does not incur any fees, when the best deal is found to acquire electricity and payment for services would be carried out using the Atonomi Token currency [2].
Atonomi is great solution to prevent attacks such as for example when attacker puts a fake device to mimic the existing device so your other devices would automatically connect and communicate with the fake device, allowing the attacker to steal your information.
B. Benefits
Atonomi begins at the bottom of the IoT device value chain, which differs from other IoT device security platforms. Where the chip manufacturers embed Atonomi code into the IoT chips. Then the manufacturers of the IoT devices register the devices on the portal. Once the device reaches the end users, they activate the device on the portal.
The challenge is that only small number of chip manufacturers create the Atonomi foundation that could be widely used by smart device manufacturers and enable developers community to build next generation of IoT applications and platforms [2].
C. Examples
Self-driving vehicles are capable of wireless communication with other devices, cars and external network to provide services such as best route with less traffic available. Since the cars communicate with each other’s autonomously, this may solve many current every day challenges such as traffic, reducing carbon footprint and allowing more people with disability to drive. However the connected vehicles is also a threat landscape. This is where Atonomi helps to secure the autonomous vehicles, by giving manufacturers to register the device identity on the blockchain and provide reputation tracking [3].
Smart homes now days have autonomous connected heaters, lights, CCTV, speakers, voice assistants, washing machines, video door bells etc. All these devices connected to each other are a potential threat open to hackers to exploit. One of these devices weak link will allow attackers to gain access and infect the rest of the devices on the network. Atonomi helps secure smart homes IoT by allowing homeowners register their devices with Atonomi to validate their home devices and reduce exposure of personal information on their home network (e.g. online banking) therefore providing protection from vulnerabilities [4].
IV. IOTCHAIN
A. Overview of IoTChain
IoTChain is a secure IoT light operating system based on blockchain for the smart device that was designed to solve the ongoing concerns of security problems in IoT [5]. IoT Chain can protect IoT devices from being attacked by hackers and ensure privacy of that data and ensure the device will not be compromised by botnet attacks [6]. Even if one server was attacked, the data is not stored just on one server therefore the data will be safe. It is also encrypted by the network so no one can use the data gathered by the device without your consent [5].
The IoT operating system uses blockchain technology like Directed Acyclic Graph (DAG) and Practical Byzantine Fault Tolerance (PBFT) to store user data in a decentralised network:
Before going into the components of the architecture, it’s important to understand that IoTChain combines other existing technologies:
The details of the protocol flow shown in the Figure 5.
a) The client requests authorisation from the device owner directly or via the authorisation server.
b) The client receives an authorisation grant, which shows the device owner authorisation ( there are four different types)
c) The client authenticates via the authorisation server and request access token.
d) The Authorisation server authenticates the client and validates the authorisation grant that was issued, if it is valid the access token is issued.
e) The client uses the access token to authenticate and request the protected resource from the resource server.
f) The resource server validates the access token, if the access token is valid, the server completes the request.
ACE-OAuth framework for authentication and authorization in IoT [8]. The framework is based on a set of building blocks including OAuth 2.0 and the Constrained Application Protocol (CoAP), therefore converting a existing authorization solution into a suitable solution for IoT devices [9].
a) Client request a token via authorisation server
b) If the request is successful the authorisation server issues the token
c) The client submit the request for protected resource using the access token
d) The resource server introspect the access token by including it in the request to the authorisation server
e) The authorisation server validates the token and provides the resource server the parameters, for example, what is the scope of the data the client is able to see for what period of time etc.
OSCAR is object security architecture for the IoT. It relies on secure and authenticated channels. It allows the keys to be sent over a DTLS (Datagram Transport Layer Security is a communications protocol that provides security designed to prevent eavesdropping, tampering, or message forgery) channel between the key server and the resource server. In a later stage, authorized clients obtain the group keys through the key server using DTLS. It is under assumptions that the y key and resource server have valid certificates from Certification Authority. Host decides if they will trust the source for the provided content [10].
Now that we discussed the components that make up IoTChain lets discuss the architecture. The servers and the clients act as nodes, not all are required to participate in the consensus. The authorisation and key servers are full nodes they store a copy of the blockchain in their local copy. The authorisation server also performs miners role by verifying transactions on the blockchain and storing them on the block. Each individual client (third party) and device owner is identifying by a blockchain address. The interactions with smart contract, and between device owners and clients are carried out through transactions. The token of the IoTChain is used for the fees of devices ownership transfer and other value transfers [5].
In Figure 7 we can see the overall architecture of the IoTChain and how the authorisation process works:
1) The device owner creates a smart contract and publishes it to the blockchain.
2) A client (third party), activates the corresponding smart contract by sending a transaction to the contract address in order to request access
3) The block containing the contract transaction has been added to the blockchain and the token has been added to the contract internal storage.
4) The client then requests the encryption keys necessary to decrypt the resources from the key server.
5) The key server has a copy of the blockchain. The key server queries the internal storage of the responsible smart contract for the access token.
6) The client can download the encrypted resources either from directly from the resource server or a proxy server (stores resource in an encrypted way when the resource servers are highly constrained).
B. Benefits
The main benefits of IoTChain to provide secure and scalable public chain for IoT by ensuring the privacy of data, which is achieved by asymmetrical encryption and ensuring that private keys are kept safe, this protects the data, even if the attacker collected the data they would not be able to decrypt and see the content of the data. The data documented on the blockchain is immutable, therefore service providers will not be able to interfere with the user data collected from IoT devices. IoTChain can run on low-performance IoT device at the Raspberry Pi level. All IoT physical devices can be integrated into ESP8266 Wi-Fi module and use the IoTChain operating system [5]. Another advantage of IoTChain is the stability and speed of data transfer. See the comparison with a traditional blockchain [11].
C. Examples
Supply Chain Finance: In traditional model businesses cannot show their credit capabilities due to the lack of appropriate collateral. They are therefore unable to take advantage of traditional financial services. IoTChain enables asset digitalisation and creditization. All entities in the hierarchy can contribute to data sharing of assets, inventory, invoices and cash flow. The data is synchronized to a blockchain which is transparent, traceable, and immutable. The data stored can be used to provide a reliable credit rating by validating the repayment ability of the entity. Due to the make up of IoTChain data classification, the financial institutions cannot gain data about the resource without the permission from the data provider. Using the smart contracts the financial institutions and users/businesses can come to an online credit agreement allowing financial institutions perform real time reconciliations , tracks movement of assets and strengthen post-lending management [12].
Industry shared economy: The current shared economy market is centralised and the market tools used cause non-transparent distribution of benefits and price discrimination. Even from personal experience when you access a website and select your location the price you will change based on your demographics. Another disadvantage of current sharing economy models is that the smart devices are often owned by third parties while the data is generated by its users, making users lose control of their data and privacy.
领英推荐
The main goal of sharing economies should be to share and utilize idle resources publicly. By not using these idle resources, we are producing more to increase the supply which leads to an enormous waste of resources.
IoT Chain solution allows users to conduct free peer-to-peer transactions for their resources without a third party. It could be sharing of physical and virtual assets such as cars, data, and idle computing resources. The users utilise the IoTChain smart contract system to record their agreements. Which makes the data recorded immutable [12].
V. RIOT
A. Overview of RIOT
In this paper we selected RIOT as another IoT system to discuss. It is open source operating system developed by a community of developers around the world. The architecture is modular built around a simplistic kernel. In theory Linux could be used as an operating system, but due to requirements of larger ROM and RAM, it is not suitable for small IoT devices. RIOT inherits Linux approach in terms of code license, vendor independence and transparency. RIOT requires less memory, is is lightweight operating system suitable for low power IoT devices that adapts to many different architectures (8 to 32 bits). Another distinguisher is the cross platform hardware support, RIOT can run on any device, there is no necessity to purchase particular vendor device in order to operate [13]. Unlike Amazon IoT Core has partners for IoT devices where their solutions is only compatible with [14].
Below is the structure elements of RIOT’s code base:
The minimal configuration required for RIOT is the core, CPU and board module, the other modules are optional. RIOT complies with relevant system standards which allows third party collaborations. It focuses on Network standard protocols such as IETF and ensures consistency across hardware’s by having unified APIs [15].
B. Benefits
Apart from RIOT being free and open source it constantly being tested by the community. Due to modular architecture, RIOT is very adaptable to the application needs. The code is portable across the hardware. It aims to support all the common internet standards and network technologies. RIOT enables security by supporting DTLS transport layer security, IEEE 802.15.4 encryption, Secure Firmware Updates (SUIT), multiple cryptographic packages, and crypto secure elements. Even though RIOT provides security, it does not support communication of the devices, this is where existing blockchain technologies could be linked in such as Hyperledger Sawtooth, Ethereum or Blockchain as a Service [15] .
C. Examples
Continental company used RIOT to enable keyless car sharing and Locha Mesh company uses RIOT to chat and send Bitcoin without internet using the mesh network topology AODVv2 to enable direct P2P connections between nodes. The Locha Mesh has full IPv6 support so most of the current applications can run on it [16] [17].
VI. PROPOSED BLOCKCHAIN BASED IOT SYSTEM ARCHITECTURE
Blockchain and IoT go hand in hand, Blockchain compliments IoT by solving the security issues associated with the traditional IoT systems by incorporating distributed and secure environment. Blockchains that have smart contracts build in, such as Ethereum and Hyperledger that can improve security and trust, and can automate entire processes between parties. These are the most common open source platforms. There is also IOTA that is based on distributed ledger technology the infrastructure was designed for Internet of Things it uses peer to peer network happening between digital devices, because it does not have smart contract capability it is not possible to transfer data [18].
There are many advantages with using blockchain based IoT systems.
Blockchain requires a lot of computational power and storage, which is a limitation in many small IoT devices. However there is market solution for this is to have a local cloud computing model. This is the approach that was considered when proposing the blockchain IoT solution. The proposed generic blockchain IoT solution is displayed in the Figure 11.
Let’s begin from the device layer, this is where the data is gathered via different type of hardware and sensors as an example. Instead of using third party chips to ensure security to the device, we went with the solution of RIOT, placing the RIOT OS onto the devices to provide security of the IoT devices and the communication channels.
The network layer enables the IoT devices to connect and communicate over the internet. This layer utilises various communication technologies and protocols such as Broadband, 3G/4G/5G, to transfer the data between the device and other layers.
The blockchain level contains a number of components that enable different features such as P2P communication, consensus manager, distributed ledger, smart contracts, manage transaction, cryptography, application programming interface (API), and identity management. It is also possible to have an Off-chain storage which would reduce the storage costs. It allows data to be stored separately on a cloud for example and use a pointer to index to Blockchain. For IoT objects to communicate in decentralized way P2P protocols are required. The type of ledger will be reliant on the IoT framework and the size of IoT network. The consensus management acts as the central server that maintains the trust between communicating nodes in the network. Identity management is used to control and identify various nodes in the IoT network. In addition, the API interface enables IoT applications to access the different blockchain services.
The top layer and the last is the application layer, it includes various IoT applications and provides dashboard view of data based on the analysis of the data collected enabling the decision-makers make accurate and precise decisions.
If we apply the proposed blockchain based IoT system architecture in Fig 11, to the Postal service as an example. IoT devices would join the Blockchain network and be part of the core functions of Blockchain such as generating transactions of raw sensory data, verifying transactions, and even mining blocks. The Device layer will contain the sensor scanners for RFID tags, the communication will be via wireless networks. The blockchain layer will contain Hyperledger Sawtooth with a Grid component on top which is an open source project and a platform/framework/library for building supply distributed ledger components for creating smart contracts and client interfaces. Grid is not an application or a blockchain, but it uses the Blockchain technology. Grid includes industry standard support and best practices, for example GS1 global standard for business communications. GS1 global standard ensures business data to be exchanged electronically in a standardised way between different companies, therefore providing efficiencies and cost effectiveness to organisations. The Application layer would provide the users to enter the tracking number and see where their package is located, the business would also be able to analyse the data collected and see the time predictions of the delivery timelines, to what countries most packages are sent to etc [19]. There is great potential to develop Blockchain applications in IoT solutions, this combination can solve the main problems that limit the adoption of IoT, such as security and scalability. Blockchain that have smart contracts built in can improve security and trust, and can automate entire processes that are made up of various business partners.
VII. CLASSIFICATION OF BLOCKCHAINS SUITABLE FOR IOT APPLICATIONS
IoT devices are capable of using blockchain services however lets discuss the technologies that are more suited for integration IoT applications. There are many technologies out there, however we made a list of top four that we believe are most suited for IoT, three blockchain based and one distributed ledger technology:
A. Hyperledger Sawtooth
The Hyperledger Sawtooth was designed to enable distributed ledger and make contracts more secure. It was built in mind to solve the challenges of the permissioned/ private networks. There is a component called Seth that allows Ethereum smart contracts to be deployed on the Sawtooth network. The developers have flexibility to write the code for the contract in any langue they wish [20]. Sawtooth also supports public and private networks including the ability to control validator and transactor permissions. Sawtooth divides permissioning into two general groups:
Sawtooth provides different consensus possibilities such as [20]:
B. Hyperledger Fabric
Hyperledger Fabric uses permissioned distributed ledger technology, it does not require costly mining and it does not use a lot of gas. The members are authorized by having a digital certificate issued by the Certificate Authority therefore any transactions that occur on the network are not anonymous or confidential. In Hyperledger fabric the communication mechanism called channel provides data privacy as the transaction and member data is not visible to all the network nodes, only specific members/nodes that have been provided access to specific channel can view the data. This is something the Ethereum blockchain as a permisionless blockchain does not have. The use of channels provide the enterprises the data privacy which is vital in the current environment [22] [23].
The fabric has introduced new transaction architecture that is called execute – order-validate. This provides resiliency, performance and confidentiality that were confronted in the order – execute. By having the execute-order-validate model it ensures that transaction is firstly executed and checked for validity, once transaction is verified the transaction is ordered via pluggable consensus protocol (ordering service) and validated against application specific endorsement policy before recording in the ledger [22] [23].
In conclusion the Hyperledger fabric is applicative for the IoT networks with immense data and low node scalability. Fabric has embedded Blockchain into its client-service model, and has achieved high performance scalability, up to ten thousands of transactions per second. However, Fabric requires a controllable network environment and cannot be as publicly accessible as the Ethereum.
C. IOTA
IOTA was designed for IoT, it is called “feeless blockchain DLT system “mainly used for micro payments. It uses peer to peer network between devices. Ultimately it be great if it was integrated with blockchain technology this would solve the processing time and make transactions process faster and by having smart contract capability, thus allowing data transfers to occur [24]. IOTA is a great way to exchange data between machines with no human interaction with no fees, due to predefines supply and IOTA token is primarily used for micro payments . It would be impactful if IOTA united with existing blockchains technologies. The biggest disadvantage of IOTA is that it cannot transfer data through smart contracts, which is one of the main components in Hyperledger Sawtooth, Ethereum and Fabric.
D. Ethereum
Ethereum is also aforementioned in the list of Blockchain technologies, it is suitable for many IoT applications with large numbers of IoT devices and standardised network structures. As a public Blockchain network, Ethereum exhibits strong scalability by supporting large number of mixed devices. The major drawbacks of Ethereum for IoT applications are high computational complexity and limited capacity. Nevertheless, Ethereum is evolving with efficient PoS consensus protocols which makes Ethereum more IoT-friendly. The PoS based consensus protocols can significantly reduce the energy consumption. PoS provides a chance for IoT devices to take part in block mining [18].
VIII. COMPARISON OF IOT SOLUTIONS
Now let’s compare the IOT solutions that where discussed in this paper earlier and with additional off the shelf Amazon product included for comparison purposes:
As shown the table 2 provides an overview of the main features of the IoT platforms. It shows the blockchain technology used. We discussed the benefits and limitations of certain blockchain technology in section above. For example the Ethereum uses consensus protocol PoS which can significantly reduce the energy consumption. IoTChain does not have blockchain but it uses components such as uses DAG and PBFT, providing high capacity but low scalability. RIOT solution does not have blockchain technology, however it provides the security component to IoT devices, it can be put on any device without third party dependency, additionally blockchain solution can be integrated to support the device management capability that is currently missing in RIOT solution.It is hard to compare the solution as they provide different solutions, it all depends on the industry sector the type of the IoT devices that are involved and what is the purpose, just to make IoT devices secure or have them communicate to each other and be stored on immutable distributed ledger and be able to perform the analysis.
IX. CONCLUSION
The use of IoT devices keeps growing and more and more utilised in everyday lives such as in healthcare, finance, agriculture, smart homes and power grid infrastructure management. The IoT enabling technologies are key in building successful IoT application. Therefore understanding the characteristics and limitations of currently available technologies is important in order to understand where the gaps are to ensure IoT devices are secure.
In this paper we discussed the main challenge of IoT the data security and how blockchain technologies can resolve this. Blockchain provides the immutable device identity that is at the foundation of securing the IoT, it decentralises what is at risk and provides immutable record of the transactions that have been recorded in the blockchain.
The most common Blockchain technologies were analyzed in detail; Hyperledger Sawtooth, Hyperledger Fabric, Ethereum and IOTA. Then the three proposed IoT solutions to protect against security vulnerabilities were discussed: Atonomi, IoTChain and RIOT. This was followed by comparison of the technologies in terms of applicability to the IoT scenarios. Blockchain is a great stimulus to IoT solutions, which will lead to more advances in technology in near future.
REFERENCES
[1]AVAST, "IoT Attacks Intensified By Covid-19," AVAST, 06 11 2020. [Online]. Available: https://securityboulevard.com/2020/11/iot-attacks-intensified-by-covid-19-avast/. [Accessed 29 04 2021].
[2]V. Emery, J. Gray and D. Fragale, "Atonomi for Trusted IoT," [Online]. Available: https://assets.website-files.com/5b95e56c7572f5c98b3993d9/5bea12e1bc354be65c577c0c_Atonomi-White-Paper-v0.9.4b.pdf. [Accessed 28 04 2021].
[3]Atonomi, "Autonomous Vehicles - Atonomi brings mission-critical security to self-driving cars," Atonomi, [Online]. Available: https://atonomi.io/verticals/autonomous-vehicles. [Accessed 28 04 2021].
[4]Atonomi, "Smart Homes - Atonomi helps smart homes be secure homes," Atonomi, [Online]. Available: https://atonomi.io/verticals/smart-homes. [Accessed 28 04 2021].
[5]IoTChain, "IoTChain Whitepaper," [Online]. Available: https://iotchain.io/pdf/ITCWHITEPAPER.pdf. [Accessed 29 04 2021].
[6]S. Lee, "A Beginner’s Guide to IoT Chain, the IOTA of China," HUFFPOST, 03 01 2018. [Online]. Available: https://www.huffpost.com/entry/a-beginners-guide-to-iot-chain-the-iota-of-china_b_5a4a4edee4b06cd2bd03e183. [Accessed 29 04 2021].
[7]Internet Engineering Task Force, "The OAuth 2.0 Authorization Framework," 10 2012. [Online]. Available: https://tools.ietf.org/html/rfc6749. [Accessed 29 04 2021].
[8]L. Seitz, G. Selander, E. Wahlstroem, S. Erdtman and H. Tschofenig, "Authentication and Authorization for Constrained Environments (ACE)," ACE Working Group , 07 02 2020. [Online]. Available: https://tools.ietf.org/html/draft-ietf-ace-oauth-authz-33. [Accessed 29 04 2021].
[9]"Authentication and Authorization for Constrained Environments (ace) Internet Drafts," 08 03 2021. [Online]. Available: https://www.potaroo.net/ietf/html/ids-wg-ace.html. [Accessed 29 04 2021].
[10]M. Vu?ini?, B. Tourancheau, F. Rousseau, A. Duda, L. Damon and R. Guizzetti, ""OSCAR: Object security architecture for the Internet of Things," Proceeding of IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks , vol. 10.1109, no. WoWMoM.2014.6918975., pp. pp. 1-10, 2014.
[11]O. A. e. al, ""IoTChain: A blockchain security architecture for the Internet of Things,"," IEEE Wireless Communications and Networking Conference (WCNC), vol. 10.1109, no. WCNC.2018.8377385, pp. pp. 1-6, 2018.
[12]IoTChain, "IoT Chain Use Cases," IoTChain, 03 07 2018. [Online]. Available: https://iotchain.io/news/newsContent/201807051106.html. [Accessed 29 04 2021].
[13]Q. F. Hassan, " "Blockchain‐Based Security Solutions for IoT Systems," in Internet of Things A to Z: Technologies and Applications"," IEEE, vol. 10.1002, no. 9781119456735.ch9, pp. pp.255-274, 2018.
[14]AWS, "AWS Partner Device Catalog," AWS, [Online]. Available: https://devices.amazonaws.com/search?page=1&sv=iot. [Accessed 29 04 2021].
[15]E. e. a. Baccelli, "RIOT: an Open Source Operating System," IEEE Internet of Things Journal, vol. 10.1109, no. JIOT.2018.2815038, 2018.
[16]RIOT, "Keyless car sharing," RIOT, [Online]. Available: https://www.riot-os.org/use_cases/continental.html. [Accessed 29 04 2021].
[17]RIOT, "LOCHA MESH," RIOT, [Online]. Available: https://www.riot-os.org/use_cases/locha.html. [Accessed 29 04 2021].
[18]W. Xu, Z. Xuan, N. Wei, R. P. Liu, Y. J. Guo, N. Xinxin and Z. Kangfeng, "Survey on blockchain for Internet of things," Computer Communications, vol. 136, no. 0140-3664, pp. 10-29, 2019.
[19]GS1, "The GS1 system of standards," [Online]. Available: https://www.gs1.org/sites/default/files/docs/architecture/AG_Flyer_final.pdf. [Accessed 29 04 2021].
[20]HYPERLESGER ORG, "Hyperledger Sawtooth," [Online]. Available: https://www.hyperledger.org/use/sawtooth. [Accessed 01 05 2021].
[21]Sawtooth org, "Permissioning Design," [Online]. Available: https://sawtooth.hyperledger.org/docs/core/releases/latest/architecture/permissioning_requirement.html. [Accessed 01 05 2021].
[22]A. Davies, "Pros and Cons of Hyperledger Fabric for Blockchain Networks," DevTeam.Space, [Online]. Available: https://www.devteam.space/blog/pros-and-cons-of-hyperledger-fabric-for-blockchain-networks/. [Accessed 01 05 2021].
[23]B. Yang and D. Ynyeart, "Welcome Hyperledger Fabric 2.0: Enterprise DLT for Production," HYPERLEDGER, 30 01 2020. [Online]. Available: https://www.hyperledger.org/blog/2020/01/30/welcome-hyperledger-fabric-2-0-enterprise-dlt-for-production. [Accessed 01 05 2021].
[24]T. Mueller, "Ethereum, Hyperledger or IOTA for enterprises — where are the differences?," Medium, 15 06 2018. [Online]. Available: https://medium.com/evan-network/ethereum-hyperledger-or-iota-for-enterprises-where-are-the-differences-eebe492a4800. [Accessed 01 05 2021].
[25]RIOT org, "RIOT Documentation," RIOT, [Online]. Available: https://doc.riot-os.org/. [Accessed 29 04 2021].