A Blockchain-based Secure Data Storage Scheme For The Internet Of Things

With the vigorous development of next-generation information technology such as the Internet of Things(IoT),5G,and artificial intelligence,massive sensors throughout the network can accumulate a large amount of data about device operation and user behaviors.Using mature artificial intelligence technologies to analyze the real-time data from IoT-based applications can effectively improve the service quality and user experience.While using all kinds of data in IoT to improve service efficiency,how to ensure the security of data storage is a critical issue that needs to be solved.First,hardware devices are vulnerable to various malicious attacks and cannot effectively protect the stored data for the limited storage and computing capabilities.Second,the generated data in IoT are usually faced with the risk of malicious tampering and privacy disclosure.Also,the current centralized data storage model has disadvantages,such as lack of security guarantee,vulnerability to attacks,and poor automation.As we know,the protection for the stored data is an important basis to ensure the data security in IoT.The promising blockchain technology provides a new perspective for the secure storage of data.Blockchain technology is characterized by decentralization,non-tampering,traceability,and programmability,which is easy to realize data confirmation and secure sharing.Aiming at the security requirements of data storage in IoT.this paper proposes to utilize the storage and computing capabilities of blockchain to build an efficient and secure storage scheme for IoT data.The main contributions of this work can be summarized as the following aspects:(1)In view of many challenges faced by realizing the secure storage of IoT data,such as unclear ownership,easy to be tampered with,disclosure of personal privacy.This paper proposes a verifiable storage model based on blockchain and smart contracts.First of all,this model puts forward an implementation approach to build a reliable blockchain system using edge devices with limited resources in IoT.Second,this model ensures the security of data communication by using symmetric encryption and digital signature,and protects the personal privacy through the segmented storage mode.Finally,the secure storage of IoT data is realized through the cooperation between the blockchain and cloud servers,and a data audit service is provided by the deployed smart contracts.Additionally,this work analyzes the security of the proposed storage scheme and compares it with the existing mature schemes to analyze its advantages and characteristics.(2)To improve the efficiency of the proposed storage system,this work proposes a group-based PoW.consensus to overcome the shortcomings of traditional PoW consensus in resources consumption and work efficiency.Also,a consensus protocol(Proof of Duration,PoD)based on the proof of the continuous online duration of IoT devices is further proposed.The basic idea of PoD is to use the continuous online duration to measure the stability of devices and select the device with the highest stability as the consensus node.Finally,several simulation experiments are designed,and the efficiency of the proposed consensus algorithms is verified by comparing them with other mature consensus algorithms.(3)Due to the lack of secure and reliable data access mechanisms,malicious attackers usually exploit the vulnerabilities of existing data access mechanisms to attack the storage system for IoT data.Thus,how to realize compliance access to IoT data,while protecting privacy is the focus of this work.This paper proposes a distributed access control scheme based on smart contracts,which mainly includes access policy management contract(APMC),data attribute contract(DAMC),subject attribute management contract(SAMC),and data access control contract(DACC).Through the cooperation among the above smart contracts,the fine-grained data access control is realized.Finally,this work implements a prototype system of this scheme and compares it with other access control systems to evaluate its performance in terms of computational costs and communication overhead.(4)To improve the efficiency and reliability of the identity authentication mechanism,this paper proposes an anonymous authentication scheme based on blockchain.First,this scheme utilizes blockchain transactions to record the authorization and revocation activities of the certificate authority(CA).Each member node can supervise the behaviors of CA by verifying the digital signature contained in transactions.Second,with the assistance of consortium blockchain,two distributed queryable ledgers of certificate information are constructed.Each node can locally access the issuance and revocation records of certificates to realize rapid identity authentication.Combined with the cryptography technology,the association between the certificate and the entity’s real identity is hidden to ensure the security of privacy in the authentication process.Finally,this paper analyzes and evaluates the security and performance of this authentication scheme through theoretical analysis and comparative experiments.(5)Based on the comprehensive analysis of the existing data storage systems in IoT,this work designs and implements a data storage system(LogisticsChain)for logistics scenarios,which integrates the key technologies proposed in this paper to realize the secure storage for logistics data.The performance of LogisticsChain is tested by several experiments,and the results show that the LogisticsChain is available and effective.