الفهرس 
INTRODUCTIONOnly 14 pages are availabe for public view
 |  | from | 136 |  |  |
| | | from | 136 | | |
Abstract
Internet of Things (IoT) along with Wireless Sensor Network (WSN) integrate the physical world with the Internet to facilitate sharing data among entities. WSN is used for the perception of real-world physical parameters associated with the surrounding environment while IoT applications build on the WSN and other technologies to provide full applications. Such IoT applications and underlying WSN bring security and management challenges. Addressing security services such as data confidentiality and access control are necessary to prevent sensitive data leakage from various IoT applications. Classical approaches for access control in IoT applications usually relies on an access control authority that introduces a single point of failure and access latency. Blockchain is a distributed immutable ledger that is used recently to bring privacy and security to P2P networks in a setting similar to IoT networks. In addition, empowered by smart contracts, it is used to automate the execution of an agreement. The lack-of-trust problem is solved using a consensus protocol to arrive to an agreement on the state of the ledger. In this thesis, a survey of previous work for IoT access management using blockchain is conducted, where the work is analyzed, criticized, and compared to each other and to the proposed work. Then using blockchain technology, an end-to-end secure architecture is proposed for an auditable and tamper-proof log of sensors’ data and events while providing access control management and adequate privacy for the collected data. The proposed architecture has four layers namely, Sensing Layer, Storage Layer, Application Layer, and User Layer. The layers correspond to four isolated and independent networks. First, at the Sensing Layer, IoT devices are arranged in WSN domains. Domain coordinators only join the network to alleviate the protocol overhead from resource-constrained devices. Second, the storage layer hosts a content addressable network for sensed data. The data is stored off-the-chain while only its address and access records are stored on the blockchain. Third, the Application Layer maintains a private blockchain network along with the access control smart contracts and distributed applications. A Role Based Access Control model is adopted by smart contracts because of its simplicity and ease of management. The policy enforces access control to sensors’ data, in addition to executing commands on actuators. Moreover, the Proof-of Authority consensus protocol is adopted to allow fast response time for near real-time applications. Fourth, the user layer is where users reside. For confidentiality, the data is kept encrypted in transit and at rest and the Web-of-Trust public key management model is adopted. Compared to existing work, the proposed architecture is an end-to-end solution that is unique in its combining features and selection of technology. A system realization of the architecture can be utilized simultaneously by many applications such as smart homes, smart cities, and smart healthcare. Finally, a security analysis of the system is presented and a proof-of-concept realization of the architecture is provided in both hardware and software components.