Incentivized Delivery Network of IoT Software Updates Based on Trustless Proof-of-Distribution

05/11/2018
by   Oded Leiba, et al.
0

The prevalence of IoT devices makes them an ideal target for attackers. To reduce the risk of attacks vendors routinely deliver security updates (patches) for their devices. The delivery of security updates becomes challenging due to the issue of scalability as the number of devices may grow much quicker than vendors' distribution systems. Previous studies have suggested a permissionless and decentralized blockchain-based network in which nodes can host and deliver security updates, thus the addition of new nodes scales out the network. However, these studies do not provide an incentive for nodes to join the network, making it unlikely for nodes to freely contribute their hosting space, bandwidth, and computation resources. In this paper, we propose a novel decentralized IoT software update delivery network in which participating nodes referred to as distributors) are compensated by vendors with digital currency for delivering updates to devices. Upon the release of a new security update, a vendor will make a commitment to provide digital currency to distributors that deliver the update; the commitment will be made with the use of smart contracts, and hence will be public, binding, and irreversible. The smart contract promises compensation to any distributor that provides proof-of-distribution, which is unforgeable proof that a single update was delivered to a single device. A distributor acquires the proof-of-distribution by exchanging a security update for a device signature using the Zero-Knowledge Contingent Payment (ZKCP) trustless data exchange protocol. Eliminating the need for trust between the security update distributor and the security consumer (IoT device) by providing fair compensation, can significantly increase the number of distributors, thus facilitating rapid scale out.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
02/11/2019

Blockchain based Privacy-Preserving Software Updates with Proof-of-Delivery for Internet of Things

A large number of IoT devices are connected via the Internet. However, m...
research
10/23/2020

Towards Decentralized IoT Updates Delivery Leveraging Blockchain and Zero-Knowledge Proofs

We propose CrowdPatching, a blockchain-based decentralized protocol, all...
research
03/05/2020

SERENIoT: Collaborative Network Security Policy Management and Enforcement for Smart Homes

Network traffic whitelisting has emerged as a dominant approach for secu...
research
11/14/2018

Blockchain-based Firmware Update Scheme Tailored for Autonomous Vehicles

Recently, Autonomous Vehicles (AVs) have gained extensive attention from...
research
01/21/2021

TAOS-CI: Lightweight Modular Continuous Integration System for Edge Computing

With the proliferation of IoT and edge devices, we are observing a lot o...
research
05/11/2018

Quantifying Users' Beliefs about Software Updates

Software updates are critical to the performance, compatibility, and sec...
research
06/26/2019

Security Update Labels: Establishing Economic Incentives for Security Patching of IoT Consumer Products

With the expansion of the Internet of Things (IoT), the number of securi...

Please sign up or login with your details

Forgot password? Click here to reset