38

Blockchain Technology

TABLE 3.3

Counteracting Actions on Common Security Challenges and Their Effect on Layers and Security Principles

Challenges

Description

Layer Affected

Security

Principle Affected

Security Counteract Actions

P

NT

AM

C

I

A

Physical Damage by

Unauthorized

Access

Active attackers may have unauthorized connections

to physical sensing instruments, their control

systems or their IoT network activities, and owing

to lack of technological expertise, attackers can

only impact IoT resources by tampering with the

physical devices that relate to the network.

√

×

×

√

√

√

Self-destruction, physical design security, tamper

proofing (Mosenia & Jha, 2016), hardware-based

Trusted Platform Module (TPM) modules,

firmware access to USB prevention

(OWASP, 2016)

Physical Node

Capture

Instead of causing physical harm, an aggressive

intruder could seek to access information that the

device may add to the network. Instead of directly

influencing items, the individual may also target

data storage or processing units that ultimately

affect the network.

√

×

×

√

√

√

Minimizing leakage by shielding, adding noise,

random delays, hamming weights, improving

cache architecture (Nia et al., 2015), integration of

PUF (physically unclonable function) into objects

(Wachsmann & Sadeghi, 2014)

Tag Cloning

Tags are usually mounted on many items and are

distributed in open access environments, which

presents issues like replication of data, sniffing,

authentication and authorization.

√

×

×

√

√

√

Tag seclusion, aloofness approximation, tag

hindering, instigating authentication procedures,

hash-based arrangements, encryption techniques

(Khedr, 2013), One Time Password (OTP)

harmonization between tag and back end

Privacy Leak

Data privacy is one of the main concerns, since a

broad variety of IoT devices are engaged in data

harnessing and transferring it to other network

nodes, thus collecting, processing and disposing of

data that is no longer required.

√

×

×

√

√

×

Homomorphic encryption, digital signatures,

fragmentation redundancy scattering (Smart &

Vercauteren, 2010)

(Continued)