Skip to main content

Advertisement

SpringerLink
Log in

IoT-Gov: an IoT governance framework using the blockchain

  • Regular Paper
  • Published:
Computing Aims and scope Submit manuscript

Abstract

Internet of Things (IoT) has become an essential technology in different daily life domains including health, industry and finance among many others. The implementation of IoT systems requires different underlying technologies such as applications, network infrastructures, and different needs in terms of functionality, security, etc. The success of an IoT project is therefore a challenging task requiring a good governance where different IoT standards and tools can be synchronized and will coordinate with each other in a way every” thing” agrees upon. In this paper, we demonstrate that existing governance frameworks are not sufficient in the IoT context. Therefore, and after identifying the IoT governance requirements, we suggest a new IoT governance framework, IoT-Gov, with its proposed architecture for IoT systems and its methodological approach allowing, through a set of defined processes and algorithms, to progressively build the desired IoT system. IoT-Gov, is a new framework for modeling governance process in IoT through three layers that are: strategic objectives, Design and modeling, and Implementation. A technical conception of the proposed framework is provided using the blockchain, a technology allowing decentralization, transparence and enhancing security. To prove the feasibility of our framework, we investigate a smart parking system using constrained devices, as an example of an IoT ecosystem, and justify the suggested governance model applied to it. This model is enforced with the attribute based access control model and deployed on the Ethereum blockchain. Tests of the proposed governance model are provided. Performance results show the efficiency of this framework as well as its applicability in an IoT context.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12

Similar content being viewed by others

Notes

  1. All the algorithms have been coded using solidity language and the code source is available at Github: (https://github.com/bellaj/ParkingGovernance/blob/master/accessControlContract.sol).

  2. (http://mijin.io/en/about-mijin).

References

  1. IDC: IoT growth demands rethink of long-term storage strategies (2020). [Online]. Available: https://www.eetasia.com/iot-growth-demands-rethink-of-long-term-storage-strategies/. Accessed 15 May 2022

  2. Peterson R (2004) Crafting information technology governance. Inf Syst Manag 7–22 (2004)

  3. Boubaker KB, Nyrhinen M (2008) Explaining organizations’ IT governance modes choice from the institutional perspective: a theoretical framework development. In: European Conference on Information Systems (ECIS)

  4. Sicari S, Rizzardi A, Cappiello C, Miorandi D, Coen-Porisini A (2018) Toward data governance in the internet of things. In: New advances in the internet of things, pp 59–74

  5. Weber RH (2016) Governance of the Internet of things—from infancy to first attempts of implementation? Laws 5:3–28

    Article  Google Scholar 

  6. Almeida VA, Doneda D, Moneiro M (2015) Governance challenges for the Internet of Things. IEEE Internet Comput 19(4):56–59

    Article  Google Scholar 

  7. Copie A, Fortis TF, Munteanu VI, Negru V (2013) From cloud governance to IoT governance. In: 2013 27th international conference on advanced information networking and applications workshops, pp 1229–1234

  8. Almeida VA, Goh B, Doneda D (2017) A principles-based approach to govern the IoT ecosystem. IEEE Internet Comput 21(4):78–81

    Article  Google Scholar 

  9. Theodoridis E, Mylonas G, Chatzigiannakis I (2013) Developing an IoT smart city framework. IISA 2013:1–6

    Google Scholar 

  10. Webb J, Hume D (2018) Campus IoT collaboration and governance using the NIST cybersecurity framework. In: Living in the Internet of Things: Cyber security of the IoT-2018. IET, pp 1–7. https://doi.org/10.1049/cp.2018.0025

  11. Gantait A, Patra J, Mukherjee A (2018). Defining your IoT governance practices [Online]. IBM. Available: https://www.ibm.com/developerworks/library/iotgovernance-01. Accessed 1 May 2018

  12. Singh S, Azzaoui A, Kim T, Pan Y, H-CCI (2021) u: DeepBlockScheme: a deep learning-based blockchain driven scheme for secure smart city. hcisj.com 11:12. https://doi.org/10.22967/HCIS.2021.11.012

  13. Rathore S, Park J, Access HC-I (2021) u.: Deep learning and blockchain-empowered security framework for intelligent 5G-enabled IoT. ieeexplore.ieee.org

  14. Pan J, Wang J, Hester A, IA-IIoT (2018) u EdgeChain: An edge-IoT framework and prototype based on blockchain and smart contracts. ieeexplore.ieee.org

  15. Zeydin P, Inanc N (2007) Smart Parking Applications Using RFID Technology. In: 1st Annual RFID Eurasia, IEEE

  16. Simonsson M, Johnson P (2006) Defining IT governance—a consolidation of literature. In: The 18th conference on advanced information systems engineering

  17. Coetzee M (2012) Towards a holistic information security governance framework for SOA. In: Seventh international conference on availability. Reliability and security. IEEE

  18. Dasgupta A, Gill A, Hussain FK (2019) A conceptual framework for data governance in IoT-enabled digital IS ecosystems. In: 8th International conference on data science, technology and applications. SCITEPRESS–Science and Technology Publications

  19. Ammirato S, Sofo F, Felicetti AM, Raso C (2019) A methodology to support the adoption of IoT innovation and its application to the Italian bank branch security context. Eur J Innov Manag

  20. Chopra K, Gupta K, Lambora A (2019) Future internet: the internet of things-a literature review. In: 2019 international conference on machine learning, Big data, cloud and parallel computing (COMITCon). IEEE

  21. Suo H, Wan J, Zou C, Liu J (2012) Security in the internet of things: a review. In: 2012 international conference on computer science and electronics engineering, vol 3, pp 648–651. IEEE. https://doi.org/10.1109/ICCSEE.2012.373

  22. Gao L, Bai X (2014) A unified perspective on the factors influencing consumer acceptance of internet of things technology. Asia Pac J Mark Logist

  23. Hsu CL, Lin JC (2016) An empirical examination of consumer adoption of Internet of Things services: Network externalities and concern for information privacy perspectives. Comput Hum Behav 62:516–527

    Article  Google Scholar 

  24. Weber K, Otto B, Osterle H (2009) One size does not fit all-a contingency approach to data governance. J Data Inf Qual (JDIQ) 1(1):1–27

    Article  Google Scholar 

  25. Merkus JR (2015) Data governance maturity model (Master’s Thesis). Open Universiteit Nederland

  26. Seydoux N, Drira K, Hernandez N, Monteil T (2016) IoT-O, a core-domain IoT ontology to represent connected devices networks. In: European knowledge acquisition workshop, pp 561–576

  27. Ghallab M, Nau D, Traverso P (2016) Automated planning and acting. Cambridge University Press, Cambridge

    Book  Google Scholar 

  28. Braten AE, Tamkittikhun N, Kraemer FA, Ammar D (2017) Towards cognitive device management: a testbed to explore autonomy for constrained IoT devices. In: Proceedings of the seventh international conference on the internet of things, pp 1–2

  29. Stavroulaki V, Koutsouris N, Petromanolakis D, Demestichas P (2010) Cognitive management system for intelligent devices in the future Internet. In: eChallenges conference 2010, pp 1–8

  30. Stavroulaki V, Kritikou Y, Darra E (2009) Acquiring and learning user information in the context of cognitive device management. In: Proceedings of joint workshop on “cognitive wireless networks and systems - cognitive radio networking, held in conjunction with IEEE international conference on communications (ICC 2009). Dresden, Germany

  31. Force EUIT (2012) Final report of the EU IOT task force on IOT governance. Brussels

  32. Al-Ruithe M, Mthunzi S, Benkhelifa E (2016) Data governance for security in IoT & cloud converged environments. In: IEEE/ACS 13th international conference of computer systems and applications (AICCSA), 2016, pp 1–8

  33. Jacobs N, Edwards P, Cottrill CD, Salt K (2020) Governance and Accountability in Internet of Things (IoT) Networks. Handbook of Digital Technology and Society, Oxford

    Google Scholar 

  34. Weber RH (2013) Internet of things-governance quo vadis? Comput Law Secur Rev 29(4):341–347

    Article  Google Scholar 

  35. Osborn S, Sandhu R, Munawer Q (2000) Configuring role-based access control to enforce mandatory and discretionary access control policies. ACM Trans Inf Syst Secur (TISSEC) 3(2):85–106

    Article  Google Scholar 

  36. Cugini J, Kuhn R, Ferraiolo D (1995) Role-based access control: features and motivations. In: Computer security applications conference, Los Alamitos, CA

  37. Yuan E, Tong J (2005) Attributed based access control (ABAC) for Web services. In: IEEE international conference on web services (ICWS’05). IEEE. https://doi.org/10.1109/ICWS.2005.25

  38. Kalam AAE, Baida RE, Balbiani P, Benferhat S, Cuppens F, Deswarte Y, Miege A, Saurel C, Trouessin G (2003) Organization based access control. In: Proceedings POLICY 2003. IEEE 4th international workshop on policies for distributed systems and networks. IEEE Computer Society, pp 120–131. https://doi.org/10.1109/POLICY.2003.1206966.

  39. Zhang X, Parisi-Presicce F, Sandhu R, Park J (2005) Formal model and policy specification of usage control. ACM Trans Inf Syst Secur 8(4):351–387. https://doi.org/10.1145/1108906.1108908

    Article  Google Scholar 

  40. Park J, Sandhu R (2002). Towards usage control models: beyond traditional access control. In: Proceedings of the seventh ACM symposium on Access control models and technologies, pp 57–64. https://doi.org/10.1145/507711.507722

  41. Park J (2003) Usage control: a unified framework for by usage control

  42. Ouaddah A, Mousannif H, Abou Elkalam A, Ait Ouahman A (2017) Access control in the Internet of Things: big challenges and new opportunities. Comput Netw 112:237–262. https://doi.org/10.1016/j.comnet.2016.11.007

    Article  Google Scholar 

  43. Nakamoto S (2008) Bitcoin: a peer-to-peer electronic cash system, pp 1–9

  44. Sedrati A, Abdelraheem MA, Raza S (2017) Blockchain and IoT: mind the gap. In: Cham (ed) Interoperability, safety and and security in IoT. Springer, pp. 113–122

  45. Sciancalepore S, Pilc M, Schroder S, Bianchi G, Boggia G, Pawłowski M, Piro G, Płociennik M, Weisgrab H (2016) Attribute-based access control scheme in federated IoT platforms. In: Cham (ed)International workshop on interoperability and open-source solutions. Springer, pp 123–138

  46. Ouaddah A, Mousannif H, Abou Elkalam A, Ait Ouahman A (2017) Access control in the Internet of Things: big challenges and new opportunities. Comput Netw. https://doi.org/10.1016/j.comnet.2016.11.007

  47. Rouhani S, Deters R (2019) Blockchain based access control systems: state of the art and challenges. In: IEEE/WIC/ACM international conference on web intelligence

  48. Maesa DD, Mori P, Ricci L (2019) A blockchain based approach for the definition of auditable access control systems. Comput Secur 84:93–119

    Article  Google Scholar 

  49. Ouaddah A, Abou Elkalam A, Ait Ouahman A (2017) FairAccess: a new Blockchain-based access control framework for the Internet of Things. Secur Commun Netw. https://doi.org/10.1002/sec.1748

    Article  Google Scholar 

  50. Ouaddah A, Elkalam AA, Ouahman AA (2017) Towards a novel privacy-preserving access control model based on blockchain technology in IoT. In: Europe and MENA cooperation advances in information and communication technologies, pp 523–533. Springer, Cham

  51. Zhang Y, Kasahara S, Shen Y, Jiang X, Wan J (2018) Smart contract-based access control for the internet of things, pp 1–11

  52. Shi N, Tan L, Yang C, He C, Xu J, Lu Y, Xu H (2020) BacS: a blockchain-based access control scheme in distributed internet of things. In: Peer-to-peer networking and applications 2020, vol 14, no. 5, pp 2585–2599. https://doi.org/10.1007/S12083-020-00930-5

  53. Sedrati A, Stoyanova N, Mezrioui A, Hilali A, Benomar A (2020) Decentralisation and governance in IoT: bitcoin and Wikipedia case. Int J Electron Gov 12(2):166–189

    Google Scholar 

  54. Gardler R, Hanganu G (2010) Benevolent dictator governance model, vol 5, p 2020

  55. Bormann, C, Ersue M, Keranen A (2016) RFC 7228-terminology for constrained-node networks. In: Internet engineering task force

  56. Jincy VJ, Sundararajan S (2015) Classification mechanism for IoT devices towards creating a security framework. Adv Intell Syst Comput 321:265–277. https://doi.org/10.1007/978-3-319-11227-5_

    Article  Google Scholar 

  57. Mayangsari L, Novani S (2015) Multi-stakeholder co-creation analysis in smart city management: an experience from Bandung, Indonesia. Procedia Manuf 4:315–321. https://doi.org/10.1016/j.promfg.2015.11.046

    Article  Google Scholar 

  58. Ruhlandt RW (2018) The governance of smart cities: a systematic literature review. Cities 1–23

  59. Falconer G, Mitchell GF (2012) Smart city framework. Cisco Internet Business Solutions Group (IBSG), pp 1–11

  60. Sant A, Garg L, PX-CCM, (2021) u A novel green IoT-based pay-as-you-go smart parking system. researchgate.net

  61. Singh S, Pan Y, Society JP-SC (2022) u Blockchain-enabled secure framework for energy-efficient smart parking in sustainable city environment. Elsevier

  62. Yang H, Ke R, Cui Z, Wang Y, Murthy K (2021) Toward a real-time smart parking data management and prediction (SPDMP) system by attributes representation learning. Int J Intell Syst. https://doi.org/10.1002/INT.22725

    Article  Google Scholar 

  63. Ben-David A, Nisan N, Pinkas B (2008) FairplayMP: a system for secure multi-party computation. In: Proceedings of the 15th ACM conference on computer and communications security, pp 257–266

  64. Shamir A (1979) Adi: how to share a secret. Commun ACM 22(11):612–613. https://doi.org/10.1145/359168.359176

    Article  MATH  Google Scholar 

  65. Ben-Sasson E, Chiesa A, Tromer E, Virza M. Succinct non-interactive zero knowledge for a von Neumann architecture. USENIX Security

  66. Gennaro R, Gentry C, Parno B, Raykova M (2013) Quadratic span programs and succinct NIZKs without PCPs. Springer, pp 626–645. https://doi.org/10.1007/978-3-642-38348-9_

  67. Parno B, Howell J, Gentry C (2013) Pinocchio: nearly practical verifiable computation. In: Security and privacy (SP)

  68. Kosba A, Miller A, Shi E, Wen Z, Papamanthou C (2016) Hawk: the blockchain model of cryptography and privacy-preserving smart contracts. In: 2016 IEEE symposium on security and privacy (SP). IEEE, pp 839–858. https://doi.org/10.1109/SP.2016.55

  69. Cachin C (2016) Architecture of the Hyperledger Blockchain Fabric *

  70. Reid F, Harrigan M (2013) An analysis of anonymity in the bitcoin system. In: Security and privacy in social networks

  71. Ron D, Shamir A (2013) Quantitative analysis of the full bitcoin transaction graph. Springer, New York, pp 6–24. https://doi.org/10.1007/978-3-642-39884-1

Download references

Author information

Author notes

  1. Anass Sedrati and Aafaf Ouaddah have contributed equally to this work.

Authors and Affiliations

  1. Laboratory of Networks, Architecture, Engineering, Services and Security, INPT, Rabat, 10 000, Morocco

    Anass Sedrati, Aafaf Ouaddah, Abdellatif Mezrioui & Badr Bellaj

Authors
  1. Anass Sedrati
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Aafaf Ouaddah
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Abdellatif Mezrioui
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Badr Bellaj
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Aafaf Ouaddah.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Sedrati, A., Ouaddah, A., Mezrioui, A. et al. IoT-Gov: an IoT governance framework using the blockchain. Computing 104, 2307–2345 (2022). https://doi.org/10.1007/s00607-022-01086-1

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00607-022-01086-1

Keywords

Mathematics Subject Classification

Search

Navigation