| Summary: | 碩士 === 國立臺灣科技大學 === 資訊管理系 === 106 === With the rapid advancements in Internet of Things (IoT), there are more and more IoT applications fit into people’s lives, and the same as the IoT devices with those IoT applications. Also, IoT applications could provide people kinds of convenient services by the data collected through those IoT devices. However, these IoT devices have functionality to connect the Internet and usually being massively deployed into open area, and they will become the target of malicious hacker easily. Therefore, it must be identified and controlled by an identity management system, and build other security mechanisms based on the system.
Nevertheless, the traditional identity management system is not suitable for IoT environment due to the kinds of its characteristic. So the identity management system for IoT is needed. The system must identify each device by an unique identity which also can indicate the owner of the device, so it can identify which device has problems and who should be notified. Besides, the system must also make sure the integrity and reliability of identity. Otherwise, once the system failure of the integrity, no one will trust the identity provided by it.
To sum up, this thesis designs a device identity management system in blockchain-based IoT environment. The proposed system is using blockchain to protect the integrity of identity and solve the problem of trust between nodes. Moreover, it generates a lot of key pairs as the unique identity of device using Hierarchical Deterministic Wallets that is defined in Bitcoin Improved Protocol. When the identity was assigned to a device, it will be store into blockchain. Therefore, the device can use its identity to interact with other devices, and those devices can check the validation of the received identity by comparing the identity stored in blockchain. Finally, this thesis adopts a security analysis for the proposed system, and confirms that the proposed system can defend common attacks such as Eavesdropping Attack, Replay Attack, and Man-in-the-middle Attack. Also, this thesis discusses several situations which should be concerned in practice for the proposed system.
|
|---|
