Blockchains in Iot

This article has been accepted for publication in a future issue of this journal, but has not been
fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/COMST.2018.2886932, IEEE
Communications Surveys & Tutorials
IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. XX, NO. X, MONTH 2018 1
Applications of Blockchains in the

Internet of Things: A Comprehensive Survey
Muhammad Salek Ali, Massimo Vecchio, Miguel Pincheira,
Koustabh Dolui, Fabio Antonelli, and Mubashir Husain Rehmani
Abstract—The Blockchain technology has revolutionized the smaller and smarter devices are being implemented in mul-
digital currency space with the pioneering cryptocurrency plat- tiple IoT domains, including housing, precision agriculture,
form named Bitcoin. From an abstract perspective, a blockchain infrastructure monitoring, personal healthcare and autonomous
is a distributed ledger capable of maintaining an immutable log
of transactions happening in a network. In recent years, this vehicles just to name a few.
technology has attracted significant scientific interest in research However, data gathered by IoT devices may contain con-
areas beyond the financial sector, one of them being the Internet fidential and private information, and many security threats
of Things (IoT). In this context, the Blockchain is seen as the have emerged that aim to exploit the weaknesses of current
missing link towards building a truly decentralized, trustless and
secure environment for the IoT and, in this survey, we aim to IoT infrastructures [4]. Indeed, most state-of-the-art IoT infras-
shape a coherent and comprehensive picture of the current state- tructures are heavily centralized with single points of failure,
of-the-art efforts in this direction. We start with fundamental which hinder scalability and wide adoption of the IoT, while
working principles of blockchains and how blockchain-based raising severe privacy and security concerns. Other than that,
systems achieve the characteristics of decentralization, security, completely centralized network infrastructure leads to higher
and auditability. From there, we build our narrative on the
challenges posed by the current centralized IoT models, followed latency for end-to-end communications, which can hinder
by recent advances made both in industry and research to solve application verticals like smart grids, smart cities, etc. The IoT
these challenges and effectively use blockchains to provide a edge is steadily being empowered in order to alleviate issues
decentralized, secure medium for the IoT. with latency inherent to a centralized IoT [5]. To improve
Index Terms—blockchain, IoT, digital technology, trustless, privacy and security within the edge-centric fog and mist
cybersecurity, auditability, privacy, decentralization, consensus. architectures, as well as centralized network architectures, a
more decentralized approach is seen as the solution to allow
the long-term growth of the IoT, and to prevent single points
of failure.
I. I NTRODUCTION
Existing centralized methods for providing privacy, security
HE term “Internet of Things” (IoT) was first used in
T 1999 by K. Ashton [1]. In 2015, i.e., about 20 years
after the term was coined, the IEEE IoT Initiative released a
and data handling necessitate high-end servers which are under
the control of third-party entities. Users are required to trust
such entities for handling their IoT data, which can misuse
document whose main goal was to establish a baseline defini- it or in worst case scenarios, share it with mass-surveillance
tion of the IoT, in the context of applications ranging from programs. Centralized network architecture for the IoT is faced
small, localized systems constrained to a specific location, with the following challenges:
to large global systems composed of complex sub-systems
that are geographically distributed [2]. In this document, we • The entire network infrastructure risks being paralyzed
can find an overview of the IoT’s architectural requirements, in the event of a failure in the centralized servers [6].
its enabling technologies, as well as a succinct definition of A successful denial of service (DOS) attack on the
the IoT as an “application domain that integrates different centralized servers could result in a single point of failure.
technological and social fields”. At the core of it, the IoT • Data stored in centralized servers can be analyzed to
consists of networked objects that sense and gather data from reveal specific personal information pertinent to health,
their surroundings, which is then used to perform automated purchasing preferences and behaviours. Users have lim-
functions to aid human users. The IoT is still steadily growing ited control over how their data is used and by whom.
worldwide, thanks to expanding Internet and wireless access, • Data stored in centralized cloud lacks guaranteed account-
the introduction of wearable devices, the falling prices of ability and traceability. Centralized IoT infrastructure
embedded computers, the progress of storage technology and mandates trusting a third party for data handling, and
cloud computing [3]. Today, the IoT attracts a multitude data stored on centralized servers has the risk of being
of research and industrial interests. With each passing day, deleted or tampered with.
• With the exponential growth of the IoT, centralized
M. S. Ali, M. Vecchio, M. Pincheira, and F. Antonelli are with the OpenIoT servers will not be efficient enough in handling the sheer
research unit, FBK CREATE-NET, Italy. amount of end-to-end communications that facilitate IoT
K. Dolui is with the KU Leuven, Belgium.
M. H. Rehmani is with the Waterford Institute of Technology, Ireland. automation functions. Therefore, a centralized approach
Manuscript received December 12, 2018. can hamper the growth of the IoT.
1553-877X (c) 2018 IEEE. Translations and content mining are permitted for academic research only. Personal use is also permitted, but republication/redistribution requires IEEE permission. See
http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/COMST.2018.2886932, IEEE
These challenges necessitate fundamentally rethinking how authentication to enhance the security in a blockchain-
the Internet of Things is structured. Currently, “blockchain" based IoT.
represents one of the most suitable candidate technologies able • Blockchains open up opportunities for an IoT ecosys-
to support a secure and distributed ecosystem for the IoT [7]. tem where services can be monetized in a truly demo-
When compared to the IoT, the blockchain technology has a cratic fashion. The trustless network environment of
shorter, though occasionally mysterious history. The term first blockchains allow secure micro-transactions for IoT ser-
appeared in an article by S. Haber and W.S. Stornetta of 1991, vices and data.
as the abstract description of “a cryptographically secured
chain of blocks” [8]. However, the universally recognized
father of the blockchain technology is S. Nakamoto, an anony- A. Contributions of This Survey and Comparison With Related
mous person (or group of persons) that formally theorized [9]1 Survey Articles
and implemented it (in 2008 and 2009, respectively) as a core In recent research, many proposed solutions have appeared
component of the cryptocurrency Bitcoin, where it still serves that integrate blockchains with the IoT in different application
as the public ledger for all transactions on the network [10]. scenarios. Survey articles have attempted to review these
Since then, blockchain technology has gone mainstream with proposed solutions in varied degrees of depth and scopes.
uses in an array of industries, e.g., finance, insurance, logis- Conoscenti et al. [13], present a generalized survey of the
tics and agriculture. With its ability to digitize transactions different applications of the blockchain, whereas we provide
smoothly and efficiently, this technology is promising a major a comprehensive survey of the applications of blockchains
paradigm shift in making several processes leaner, faster and specifically in the IoT. Atzori et al. [14] and [15] examined
more transparent. From a high-level perspective, blockchains the pros and cons of integrating blockchains with the IoT.
employ a heavy use of cryptography to provide “trustless" Many more solutions have been proposed in the years since
networks without centralized authorities, so data transacting then, and we present an updated view of the lessons learned
nodes can reach faster reconciliation. Since the inherent fea- from them. These lessons include solutions for different areas
tures of blockchains lay down the foundations of serverless of the IoT ecosystem, and recently identified challenges for
record-keeping, several researchers are making efforts to lever- decentralizing the IoT.
age blockchains to decentralize IoT communications and to
eliminate the need for centralized trusted authorities. The idea
TABLE I
of a blockchain-based IoT has garnered substantial research C OMPARISON OF R ECENT S URVEY A RTICLES
interest, since decentralizing the IoT through blockchains has
Blockchain-Based IoT Survey Recent Survey Addressed in
the following potential benefits: Contributions Articles this Survey
• The shift from centralized to blockchain-based IoT en- Blockchain taxonomy and decentralized
[16], [17], [13], [18], X
consensus
hances fault tolerance and removes singular points of [19], [15], [20]
failures. It also prevents the bottleneck that was inherent Blockchain-based IoT architectures [16] X
Blockchains for IoT privacy and trust [17] X
in a growing IoT reliant on centralized servers [11]. A Blockchain-based security for the IoT [17], [13], [19] X
decentralized fabric for handling IoT data also prevents Blockchains for IoT ID and data
X
third-party entities to control the personal data of IoT management
users. Blockchains for monetization in the IoT [19] X
Challenges and research directions for
• A decentralized peer to peer network architecture enables blockchains in the IoT
[16], [17], [19], [18], X
[14]
IoT device autonomy, and end-to-end communications do
not have to go through a centralized server for performing
automation services. Participants in blockchain networks Reyna et al. [16] discussed the research challenges and op-
can verify the integrity of the data they are sent, as well portunities, as well as different architectures for a blockchain-
as the identity of the sending participant. The secure, based IoT. In addition to these, we present a comprehensive
tamper-proof storage in blockchains also enable deploy- review of the recent research efforts in different areas of the
ing secure software updates to IoT devices. IoT where blockchains can prove to have a substantial impact.
• Since no single entity controls the contents of a Yeow et al. [18] specifically discuss solutions for an edge-
blockchain, IoT data and event logs stored on the centric blockchain-based IoT and the challenges involved,
blockchain are immutable, therefore there is guaranteed however we present a review of the recent research in a holistic
accountability and traceability. Reliability and trustless decentralization of the IoT via blockchains.
IoT interactions are a major contribution of blockchains The areas of blockchain-based IoT privacy and security are
to the IoT. reviewed in [17]. The survey by Panarello et al. [19] presents
• Blockchains offer the functionality of programmable recent research efforts by sorting them in different applica-
logic through smart contracts [12], and can treat IoT tion areas (smart cities, smart grids, etc.). In comparison to
interactions as transactions. They can help perform se- these, we present a thorough and updated survey of areas we
curity functions like access control, confidentiality and classify as blockchain-based privacy, trust, security, identity
management, data management and monetization in the IoT.
1 Notice that in [9], the words “block” and “chain” were used separately, This survey also discusses the various integration architectures
but were eventually popularized as a single word, “blockchain”, by 2015. for blockchains in the IoT.
Most recently, Neudecker et al. [20] provided a survey blockchain-IoT integration schemes. Following up from that,
of the networking principles involved in publicly deployed Secs. V-X discuss recent research efforts towards leveraging
blockchains, including potential attacks and design trade-offs. blockchains in the IoT for providing privacy, trust, security,
They also highlight the lack of formal models for analyzing identity management, data management and data monetization
the design trade-offs in implementing public blockchains. In respectively. Sec. XI is an overview of alternate approaches to
comparison, this article does not present an in-depth survey of decentralizing the IoT. Sec. XII carries the narrative into the
the network layer techniques involved in public blockchains, issues and open research challenges in this area. Sec. XIII
however, this survey article reviews contributions that propose summarizes the lessons learned from the reviewed literature,
integrating blockchains to the IoT to reap the benefits of and finally, Sec. XIV concludes the survey.
decentralization. For readability and better insight into each of the areas
The contribution of this work is a comprehensive discussion discussed in Secs. V-X, we begin each section by discussing
on the recent advances in the IoT, blockchain technology the associated centralized implementations along with their
and decentralizing the IoT through blockchains. Contributions pertinent challenges, followed by recent decentralization ef-
of this survey include highlighting the roles of the enti- forts using blockchains.
ties involved in the IoT infrastructure when integrated with
blockchains. Tradeoffs in selecting appropriate blockchain II. B LOCKCHAIN : F EATURES AND W ORKING P RINCIPLES
consensus algorithms for different application scenarios are Blockchain-based systems are an amalgamation of cryp-
also discussed. This survey discusses recent research efforts tography, public key infrastructure, and economic modeling,
made towards solving key challenges in various areas of applied to peer-to-peer networking and decentralized consen-
research in the IoT, as well as open research directions for sus to achieve distributed database synchronization [21], [22].
future work. A summary of the contributions of this survey is Essentially, the blockchain is a distributed data structure, and
enlisted as follows: is dubbed a “distributed ledger" in its utility of recording
• A discussion on blockchain working principles. transactions occurring within a network [10]. With cryptocur-
• A discussion on blockchain consensus algorithms and the rencies being one application of the record-keeping feature
associated design trade-offs for the IoT. of blockchains, the distributed ledger has the potential to
• Motivations for integrating blockchains and IoT, and be applied in networks where any form of data exchange
blockchain-IoT integration schemes. takes place. In a peer-to-peer blockchain-based network, all
• Review of the recently proposed blockchain-based solu- participating peers maintain identical copies of the ledger. New
tions in the ares of: entries, containing information pertaining to transactions, are
added to the blockchain by means of decentralized consensus
– Privacy in the IoT
among the peers.
– Trustless Architectures for the IoT
In order to understand the potential applications of
– Security in the IoT
blockchains in the Internet of Things, it is important to gain an
– Identity Management for the IoT
understanding of the working principles of blockchains, and
– Data Management for the IoT
how blockchains achieve decentralization. In this section, we
– Monetization in the IoT
introduce the main features and working principles involved
• A review of alternative IoT decentralization approaches. in achieving immutability, security, and integrity for the stored
• A discussion of the research challenges in decentralizing contents of each block. Finally, we discuss different types of
the IoT through blockchains. blockchain implementations, as well as the programmability
This layout is aimed to enable readers to focus on any of blockchains through smart contracts.
specific challenge areas of their choosing. Ultimately, the
goal of this survey is to acquaint readers with the working A. Salient Features of Blockchains
principles of the blockchain, to allow readers to make educated The most important features that turn the blockchain tech-
decisions for integrating blockchains in their IoT projects, and nology into something with the potential of radically reshaping
to understand the key open research challenges highlighted in several industries are:
the survey. Table I highlights similarities and differences of
1) Decentralization: in centralized network infrastructures,
the research areas covered in comparison to previous survey
data exchanges (i.e., the transactions) are validated and
articles.
authorized by trusted central third-party entities. This
incurs costs in terms of centralized server maintenance,
B. Organization Of The Survey as well as performance cost bottlenecks. In blockchain-
The organization of the survey is as follows: Sec. II outlines based infrastructures, two nodes can engage in transac-
the core features and working principles of blockchains, to tions with each other without the need to place trust
help us better understand their applications in the IoT. Sec. III upon a central entity to maintain records or perform
discusses blockchain-consensus algorithms and their place in authorization.
the IoT. Sec. IV is a discussion on the current challenges 2) Immutability: since all new entries made in the
in the IoT and the rationale for decentralizing the IoT us- blockchain are agreed upon by peers via decentralized
ing blockchains; followed by a discussion on the various consensus, the blockchain is censorship-resistant and is
Block n
BlockHash
Block (n-1) Block (n+1)
PrevBlockHash
Nonce Timestamp
MerkleRoot
Header
Block 1 Block 2 Block 3
header header header Body
H(hA|hB) H(hC|hD)
Hash of previous Hash of previous Hash of previous
block header block header block header
H(A) H(B) H(C) H(D)
Block 1 Block 3 Block 3

body body body A B C D
Transactions are stored here! Transactions are stored here! Transactions are stored here! Block Transactions
(a) Logical representation of a blockchain. (b) Block header fields and Merkle tree for storing transactions in a block.
Fig. 1. Graphical representation of the blockchain: each block of the chain is composed by a header and a body. The header of each block contains (among
the other fields) the identifier of the previous block, thus forming a chain of blocks (i.e., a blockchain). Transactions are stored within the body of each block,
in a data structure called Merkle tree.
nearly impossible to tamper. Similarly, all previously block, its identifier would no longer be valid, and a domino
held records in the blockchain are also immutable and, effect would render the parent block hashes in the subsequent
in order to alter any previous records, an attacker would blocks invalid as well. Therefore, to successfully alter the
need to compromise a majority of the nodes involved in contents of a single block, an attacker would have to alter
the blockchain network. Otherwise, any changes in the the headers in all successive blocks and have this alteration
blockchain contents are easily detected. take place in the majority of the nodes in the network, so as
3) Auditability: all peers hold a copy of the blockchain, to have the peers reach consensus on this altered blockchain.
and can thus access all timestamped transaction records.
This transparency allows peers to look up and ver-
ify transactions involving specific blockchain addresses. Other than the block’s own identifier and the identifier of
Blockchain addresses are not associated with identi- the previous block, the header also contains a timestamp of
ties in real life, so the blockchain provides a manner when the block was published and the Merkle tree root for
of pseudo-anonymity. While records of a blockchain all the transactions stored within the body of the block [24].
address cannot be traced back to the owner, specific The Merkle tree root significantly reduces the effort required
blockchain addresses can indeed be held accountable, to verify transactions within a block. More in detail, the
and inferences can be made on the transactions a specific blockchain is a linearly growing data structure with higher
blockchain address engages in. transaction activity inflating the sizes of newer blocks. As
4) Fault tolerance: All blockchain peers contain identi- part of all consensus algorithms, peers verify transactions
cal replicas of the ledger records. Any faults or data recorded in a newly published block. The transactions within a
leakages that occur in the blockchain network can be block all have a transaction ID, whereby each transaction ID
identified through decentralized consensus, and data is the cryptographic hash of the corresponding transaction’s
leakages can be mitigated using the replicas stored in information stored in the block. The transaction IDs are hashed
blockchain peers. together in pairs and a hash tree is built within the block, as
shown in Fig. 1(b). As said, the root of this tree is stored
in the block header. Hence, to verify a transaction, a local
B. Blockchain Structure
copy of all the transactions is not required, and verification
A blockchain is made up of blocks containing details of can be carried out by simply using the Merkle tree branch
transactions that have occurred within the network. The trans- containing the transaction in question. A tampered transaction
action information can be regarding token transfers occurring would produce altered hashes within its branch and would be
in a network, or any manner of data exchange. Each block is detected without much computational effort.
logically divided into two parts, namely, the header and the
body. Transactions are stored within the body of the block,
while the header of each block contains, among other fields, In the event of multiple nodes in the blockchain network
the identifier of the previous block. Therefore, the blocks are producing valid blocks at the same time, the blockchain
connected in a chain similar to a linked list, as shown in can fork, and maintaining a single canonical version of the
Fig. 1(a). The first block in the chain is called “genesis" block blockchain becomes an issue. Mainstream blockchain net-
[23]. works resolve this issue by only considering the longest fork
The identifier of each block is obtained by taking its as canon, while all blocks published in the other forks are
cryptographic hash, which is why having each block linked to discarded, or orphaned [9], [25]. Other fields included in the
the previous block helps the blockchain achieve immutability block header contain information specific to the consensus
of its contents. If a hacker were to alter the contents of a past algorithm used within the blockchain network.
TABLE II
C OMPARISON OF PUBLIC , PRIVATE AND CONSORTIUM BLOCKCHAINS .
Public Blockchain Private Blockchain Consortium Blockchain

Participation in Consensus All nodes Single organization Selected nodes in multiple organizations
Access Public read/write Can be restricted Can be restricted
Identity Pseudo-anonymous Approved participants Approved participants
Immutability Yes Partial Partial
Transaction Processing Speed Slow Fast Fast
Permissionless Yes No No
C. Transactions and Digital Signatures D. Types of Blockchains

Based on how blockchains are used in different application
To make transactions, either in cryptocurrency, or simple scenarios, they can be classified into multiple types with
data exchange, the peers of a blockchain network require a some distinct attributes. Table II shows a detailed comparison
public-private key pair. Peers use their private keys to sign between these implementation types.
transactions and use the recipient peer’s blockchain address to 1) Public Blockchains: Public blockchains are truly de-
deliver it to them. These addresses are obtained by calculating centralized, where all members can participate in pub-
a cryptographic hash of a user’s public key. For example, in lishing new blocks and accessing blockchain contents.
Bitcoin, SHA-256 encryption is used to derive user addresses Public blockchains are termed permissionless in that it
[9]. Essentially, encryption and encoding obfuscate blockchain allows anyone to maintain a copy of the blockchain
peers’ public keys. In cryptocurrency implementations, serial- and engage in validating new blocks. Examples of
ized tokens do not exist, instead, an initial amount of tokens is public blockchain implementation are cryptocurrency
associated with the addresses involved in the initial stages of networks, such as Bitcoin, Ethereum and so on. Devices
the blockchain. Following the genesis block, the transactions in public blockchain networks can choose to actively
maintain ownership tracking of tokens, by adding or subtract- validate new blocks or simply issue transactions within
ing the tokens associated with each participating address. In it. Public blockchains are designed to accommodate a
implementations outside cryptocurrency, transactions do not large number of anonymous nodes, so it is necessary to
assign ownership of tokens, and only involve the exchange of mitigate potential malicious behaviour. Publishing new
data secured with digital signatures. blocks in a public blockchain involves either computa-
tionally expensive puzzle solving, or staking one’s own
To understand how blockchain transactions play out in im-
cryptocurrency. Each transaction has a processing fee
plementations outside cryptocurrency, assume Alice addresses
attached to it, which serves as an incentive to the peers
some transaction data to Bob. After encrypting the transaction
attempting to publish new blocks onto the blockchain.
data using Bob’s public key, Alice creates a digital signature
This prevents the public blockchain from being hacked
by taking a hash of the data she is sending, and encrypting
since it would be too costly to tamper its contents.
it using her private key. The entire transaction is made up of
Since thousands of other peers are involved in the
the encrypted data itself, and the digital signature included in
decentralized consensus, every transaction includes a
the transaction header. The transaction is broadcast over the
transaction fee, as an incentive to the peer that validates
blockchain network, and since it is addressed to Bob, Bob
the transaction into a new block.
begins verifying the transaction contents. Bob decrypts the
2) Private Blockchains: In contrast to public blockchains,
digital signature using Alice’s public key and decrypts the
private blockchains are permissioned, and every node
transaction data using his private key. The transaction data
joining the network is a known member of a single
is easily verified when Bob compares a hash of the data
organization. Private blockchains are suited for single
to the hash in the digital signature [26]. In cryptocurrency
enterprise solutions and are utilized as a synchronized
implementations, transactions are verifiable, however, they
distributed database meant to keep track of data ex-
primarily account for a change in token ownership.
changes occurring between different departments or in-
Transactions can also take place in between two separate dividuals. Private blockchains do not require currency or
blockchains via sidechaining [27]. Sidechains are blockchains tokens to function, and there are no processing fees in-
synchronized with and running in parallel to an existing cluded in its transactions. Since blocks are published by
blockchain, referred to as the “main chain". Tokens can be delegated nodes within the network, a private blockchain
transferred from the main chain to the sidechain and back, is not as tamper-resistant as a public blockchain, and the
whereby the sidechain uses the tokens it has in an isolated use- organization may choose to roll back their blockchain to
case scenario. Therefore, sidechains enhance the functionality any point in the past.
of the main chain and provide a testing ground for blockchain 3) Consortium Blockchains: Consortium blockchains, or
application development. federated blockchains, are similar to private blockchains
in the sense that it is a permissioned network. Con- triggered when a message is sent to the smart contract’s
sortium networks span multiple organizations and help address [31].
maintain transparency among the involved parties. A 3) Providing utility to other smart contracts. For example,
consortium blockchain is used as an auditable and reli- in Ethereum, inheritance can be written into smart con-
ably synchronized distributed database, that keeps track tracts, where one contract can invoke functions written
of data exchanges taking place between the participating in another contract.
consortium members. Similar to private blockchains, 4) Allowing storage space for application-specific informa-
a consortium blockchain does not involve processing tion, such as membership records, lists or boolean states.
fees, and it is not computationally expensive to publish While Bitcoin had very limited scripting capabilities [10],
new blocks. While it does provide auditability and newer blockchain platforms like Ethereum [25] and Hyper-
lower latency in transaction processing, it is not entirely ledger Fabric [28] use more flexible and Turing-complete
decentralized or censorship-resistant [26]. smart contract scripting languages. The smart scripting lan-
guages Serpent and Solidity are used in writing smart con-
E. Smart Contracts tracts for Ethereum, however Solidity has seen a much more
widespread use [31]. The publicly available Remix IDE 2
Smart contracts are programmable applications stored in the for scripting Ethereum smart contracts provides a simulated
blockchain, that manage transactions under specific terms and environment for testing the functions written in Solidity smart
conditions. Therefore, smart contracts are the digital equivalent contracts. Hyperledger Fabric uses smart contract written in
of traditional economic contracts between various engaging Go [28] for permissioned blockchains.
entities. Unlike traditional contracts that are enforced by Deployed smart contracts are stored within the blockchain,
centralized authorizing entities, a blockchain network does not so they are visible to all participants in the network. Security
require authorizing intermediaries to ensure that the conditions lapses can occur if a participant exploits any bugs or loopholes
in a smart contract are met. in a deployed contract, therefore it becomes critical to practice
The term “smart contract” was coined by N. Szabo with stringency in the design process. Most notably, in June 2016,
the objective of “securing relationships on public networks" the DAO attack in the Ethereum network resulted in the
[12]. In blockchain networks, smart contracts perform the attacker unlawfully siphoning off Ether worth 60 Million USD,
function of carrying out transactions in a predetermined fash- with transactions that were valid according to the exploited
ion, agreed upon by parties participating in the contract. smart contract [32].
While Bitcoin, the first cryptocurrency implementation of the With secure and well-written smart contracts, many applica-
blockchain, does not deploy and execute smart contracts, it tions provide various functionalities, utilities and algorithmic
does offer limited programmability via a scripting language, processing in blockchain networks. For example, Hawk is a
which was not user-friendly or Turing-complete [10]. Newer smart contract-based platform designed to anonymize transac-
platforms like Ethereum [25] and Hyperledger [28] have smart tions [33], while RootStock (RSK) uses smart contracts within
contract programmability built into them. When deployed, sidechains connected to the main Bitcoin blockchain [34].
smart contract code is stored in the blockchain, and the
functions written in the smart contract can be invoked by any F. Consensus Algorithms
participant at any time. A smart contract is sometimes termed
an “autonomous agent", owing to the fact that smart contracts Consensus algorithms have been an active topic of research
have their own accounts on the blockchain, with their own for the last three decades, much longer since the advent
blockchain addresses [29]. Therefore, the contract can hold of the blockchain itself. The authors of [35] provide an
custody or ownership of tokenized assets while the engaging overview of some of the earlier work done in consensus for
parties work to meet the agreed-upon conditions. Invoking distributed systems. Consensus algorithms aim to securely
functions in smart contracts incurs an execution fee since an update replicated shared states and are the essential piece of
invocation itself is considered a transaction that is logged in the puzzle in the working principles of the blockchain. In the
the blockchain. Execution fees incentivize peers publishing blockchain, a system based on “state machine replication",
new blocks and mitigate flooding attacks on the network. consensus protocols ensure all replicas of the shared state are
Smart contracts can be utilized to perform a variety of synchronized and in agreement at any given point in time.
functions within a blockchain network, such as: According to [36] and [37], deterministic consensus in
fully asynchronous communication models cannot tolerate any
1) Allowing ‘multi-signature’ transactions, whereby a faults, thus assumptions for partial synchrony are required,
transaction is only carried out when a majority or a with maximum thresholds for the latency of propagating
required percentage of participants agree to sign it [30]. transactions. Earlier works on consensus protocols [38] in-
2) Enabling automated transactions triggered by specific volved cryptography and partial synchrony [39], and precursor
events. This functionality can manifest itself in multiple designs and proposals of digital currency [40], [41] were
ways, for example, transactions automatically sent over the building blocks that went into developing “decentralized"
fixed time intervals or transactions sent in response consensus algorithms used in blockchain networks. The fol-
to other transactions. This facilitates request-response lowing section is a discussion about the different types of
type transactions, for decentralized data access within a
blockchain-based system. A smart contract can also be 2 http://remix.ethereum.org/
decentralized blockchain consensus algorithms in existence, “expensive" so that the resources of one entity are insufficient
and their suitability in IoT networks. to bias the consensus decisions in its favour.
1) Proof of Work: The first public blockchain consensus
III. D ECENTRALIZED C ONSENSUS A LGORITHMS protocol was the Proof-of-Work (PoW) consensus, as seen in
Core principles applied in designing consensus algorithms Bitcoin [9]. In the Bitcoin network, any node can participate
are safety, liveness and fault tolerance. Safety is the extent in publishing new blocks to the blockchain, by showing that it
to which a system can tolerate failures, say in an (n, f ) has performed a computationally expensive amount of work,
fault tolerant system, where n represents the total number of the proof of which forms the basis of the PoW consensus
processes, the system should be able to tolerate at most f algorithm. Publishing new blocks under the proof of work
faults. Safety is the ability to mitigate corrupted or out-of- algorithm is called “mining”, and miners engage in a race
order messages so that all non-faulty nodes reach consensus to find a nonce that, when hashed with the hash of a block,
on results that are valid to the rules of the state machine. produces a resultant smaller than a predefined threshold. The
Liveness of a fault tolerant system means that in despite the proportional inverse of this threshold is called the “difficulty
presence of f faults, all correctly participating nodes should level”, which is stored in the block header, and gets adjusted
be able to move forward with their distributed processes. with increasing number of participants, to maintain an average
Maintaining fault tolerance in a consensus protocol becomes block processing time [10][46]. Here, the calculated nonce is
difficult in scenarios where it is possible for nodes to stop the proof of work a miner does, which the miner adds to the
participating at any moment, or by nodes acting maliciously. block header, and broadcasts their block to the network. This
This fault is termed the “Byzantine Generals Problem" [42], enables all participating nodes to verify the block published
using the example of generals taking command of different by the miner. Subsequently, the miner claims the processing
parts of the Byzantine army. The generals rely on messengers fees associated with the transactions stored within the block
to maintain a synchronized battle plan. The messengers can be as a reward for mining. In PoW consensus, the computation-
caught by the enemy, causing the messages to be lost. More ally expensive block creation and transaction fees secure the
importantly, the messengers or even some of the generals may network against DDoS attacks and false block creation.
be corrupted and may cause to maliciously sabotage the battle In a fully synchronized system, it would be easier to
plan. Therefore, the problem is, how do the generals maintain a maintain the correct block sequence in the case of two nodes
synchronized battle plan without traitorous participants getting publishing a block almost concurrently [41]. Such a system is
the upper hand? Similarly, in a distributed system running a not feasible in geographically spread-out networks since total
consensus protocol, a node can fall under a Byzantine fault as synchrony cannot be assumed or guaranteed. Consider the case
a result of software bugs, or by being compromised. Byzantine where after a block n, a node in Australia mines a valid block
faults occur when a node sends false messages and misleads n + 1, and at the same time, a node in Sweden mines another
the other nodes participating in the consensus protocol. A valid block n + 10. This creates a temporary fork, where one
number of algorithms are proposed in literature [43], and in fork has n+1 after n, and the other has (n+1)0 after n. Beyond
use today, that address Byzantine faults, by making varying this point, more blocks are added to these forks, and the fork
assumptions on specific use-cases, network performance and with the most work committed to it is hence considered canon,
maliciousness of compromised nodes. and the other fork is orphaned.
Within the context of this survey, we will discuss decentral- Proof of work based consensus is, however, vulnerable in
ized consensus algorithms as they are applied in permissioned scenarios where a user takes control of 51% of processing
and permissionless blockchains. Our goal with this discussion power in the network [47][48]. Therefore, proof of work
is to understand the suitability of private or public blockchain consensus provides fault tolerance as long as the total com-
consensus when applied to various IoT scenarios. [44] and putational power is n ≥ 2 f + 1 where f is the computational
[26] contain exhaustive details on all variations of private and power occupied by a single malicious user.
public blockchain consensus algorithms. PoW blockchains like Bitcoin and Ethereum delay the
‘finality’ of a block decision, so the blockchain can be rolled
A. Permissionless Blockchains back to a past block height in the event of a 51% attack.
After a block is ‘finalized’ it is considered irreversible. In both
Publicly deployed blockchains that accommodate anony-
Ethereum and Bitcoin blockchains, a transaction is finalized
mous participants are termed “permissionless", and reaching
after 6 confirmations. 6 confirmations take 60 minutes in
consensus using votes in a permissionless blockchain is prob-
Bitcoin [10], and 2 minutes in Ethereum [46].
lematic. If a permissionless blockchain were to use voting
to achieve consensus, participants can use multiple accounts 2) Proof of Stake: The Proof-of-Stake (PoS) algorithm aims
on the blockchain to launch a Sybil attack [45], and can to cut back on the ever-increasing electricity consumption of
drive decisions in their favour. Therefore, in permissionless PoW blockchain networks [49]. As an alternative to computa-
blockchain implementations, the consensus algorithms are tionally expensive puzzle solving, proof of stake aims to stake
based on a lottery-based selection of a single node that pub- peers’ economic share in the network [50]. Here, the term
lishes a new block onto the blockchain. To ensure security in “miners" is replaced with “validators," and similar to the proof
public blockchains where anonymous participants are required of work algorithm, one of the validators is chosen to publish
to transact in a trustless manner, block creation needs to be a block onto the blockchain. The difference lies in how the
validator is chosen. In proof of stake, a validator is selected in B. Permissioned Blockchains

a pseudorandom fashion, with the probability of being selected
proportional to the validator’s share in the network [51] [52]. In “permissioned" blockchain deployments such as pri-
Naive Proof of Stake consensus mechanisms are prone to vate and consortium blockchains, only a limited number of
attacks like the “nothing at stake" attack, and require further known participants carry a copy of the entire blockchain [59].
considerations for it to be consensus-safe [53]. Block finality Maintaining consensus therefore is much straightforward and
in PoS blockchains is faster compared to PoW blockchains, doesn’t require costly proofs for publishing a new block. Since
since there is no computational puzzle solving involved in participants are known, there is no risk of a Sybil attack,
choosing the validator. therefore voting mechanisms are used to achieve consensus.
By this virtue, permissioned blockchains have a much higher
performance than permissionless blockchains.
3) Proof of X: Further alternative consensus algorithms for
1) Practical Byzantine Fault Tolerance: The Practical
public blockchain deployments came about, and are classified
Byzantine Fault Tolerance (PBFT) algorithm, as described
as “Proof of X". In [54], the author present an exhaustive study
in [60] involves multiple rounds of voting by all nodes of
of these algorithms.
the network, in order to commit state changes. The PBFT
Proof of activity [55] was proposed as an alternative to algorithm includes an optimized, encrypted message exchange
Bitcoin mining, designed to deliver consensus by combin- for making global voting more practical. To solve the Byzan-
ing aspects of the proof of work and proof of stake. The tine Generals problem via multiple rounds of voting, this
objective is to reward stakeholders that actively participate algorithm requires n ≥ 3 f + 1 nodes to tolerate f failing
in the network. Peers start off with mining potential blocks, nodes. Hyperledger Fabric [61] is a permissioned blockchain
similar to proof of work. Decred [56] uses proof of activity to application platform being developed under the Linux Foun-
achieve distributed consensus. Computational puzzle solving dation’s Hyperledger project. Hyperledger Fabric is designed
in proof of activity only involves finding a proof of work for private or consortium blockchains, and supports smart
against the block header, without the transactions in the block. contracts written in multiple programming languages, called
Beyond this point, a random group of validators are chosen chaincode. In PBFT consensus, one node is chosen to be the
to vote on the validity of the mined block header. Similar “leader," who assembles a set of ordered transactions into a
to proof of stake, the probability of the validators of being block and broadcasts it to the network. The validating peers
chosen is proportional to their share in the network. The in the network calculate a hash of the block and broadcast
block is considered valid if all the validators vouch for its it. Validating peers observe the hashes they receive from the
validity. If some of the validators are offline, the next mined rest of the network, which can be seen as “votes," over
block is chosen, along with a new set of validators, till a multiple rounds. If 2/3 votes are in favour of the candidate
block is voted as valid. Transaction fees in this case are split block, the peers add it to their copy of the blockchain.
between the miner and validators. Criticism of proof of activity PBFT consensus provides high throughput and low latency
includes concerns pertinent to both proof of work and proof in validating transactions, however, the overhead incurred by
of stake. It requires higher computational power, and a naive broadcasting blocks and votes in PBFT consensus makes it
implementation can be prone to nothing at stake attacks. unable to scale beyond a network with tens of validators.
Hyperledger Fabric also uses a variation of PBFT called
Sieve [62], which is designed to perform consensus while
Hyperledger Sawtooth [57] is an open-source project with executing non-deterministic chaincode. In scenarios involving
its own consensus algorithm called proof of elapsed time. non-deterministic chaincode, Sieve runs the chaincode first
Proof of elapsed time runs in a Trusted Execution Environment and speculates the outputs. Sieve then gets rid of minor
(TEE), like Intel’s Software Guard Extensions (SGX) [58]. A divergences in the chaincode’s output, or gets rid of entire
trusted voting model built on the SGX helps elect a validator processes resulting in greatly diverging outputs. Subsequently,
for publishing a new block. Proof of elapsed time is another Sieve maintains consensus in state-changes to the blockchain
lottery based consensus algorithm, however it foregoes the as was the case in PBFT.
need for expensive computational puzzle solving. Nodes in
the Sawtooth blockchain network request for a wait time 2) Tendermint: Tendermint [63] is a Byzantine Fault Tol-
from a trusted function within the SGX. The validator with erant consensus algorithm, which, similar to PBFT, provides
the shortest wait time is selected the leader as soon as its an n ≥ 3 f + 1 fault tolerance. Tendermint uses proof of
waiting time runs out. Another trusted function attests to the stake in combination with principles of PBFT to provide
fact that the validator did indeed wait an allotted amount of security, high throughput and low block processing times of
time before publishing a new block. This second function 1-3 seconds. While in PBFT, a leader node used to get chosen
thus provides a proof of the validator being chosen after its pseudorandomly, Tendermint uses the lottery based properties
allotted time had elapsed. The probability of being elected here of proof of stake, and chooses the leader node with proba-
is proportional to the resources (general-purpose processors bility proportional to the stakeholders’ share in the network.
running TEE) contributed to the network. The algorithm meets After leader selection, Tendermint performs multiple rounds
the prerequisites of a viable lottery based consensus algorithm, of voting to reach consensus on a new block. Tendermint
however, its limitation is in its use of specialized hardware. requires a supermajority, or 2/3 of its validators to maintain
100% uptime, and if more than 1/3 go offline, the network may to industry-wide IoT applications. Permissioned blockchains
stop progressing and lose liveness. Transactions are ordered, are more suited to enterprise solutions due to their higher
and assuming if less than a third of all validators are faulty, degree of control and permission granting capabilities. Shard-
Tendermint provides a safety guarantee that no conflicting ing mechanisms in Ethereum and Tendermint can lead to
blocks are created and no forks appear in the blockchain. leveraging the benefits of higher performance and scalability
Tendermint is compatible for public or private chains, however, for IoT applications [67].
it does not enjoy the same level of scalability as proof of
work or proof of stake blockchains. Transaction finality in IV. I NTEGRATION OF B LOCKCHAINS AND THE I OT
Tendermint is approximately 1 second [63].
The term “Internet of Things” was coined in 1999 by K.
3) Federated BFT: Blockchain implementations in Ripple Ashton as a bridge to link supply chain RFID’s to the Internet.
[64] and Stellar [65] extended the traditional Byzantine Fault However, according to another authoritative source, the first
Tolerance and made it open-ended for participation in scenar- proof-of-concept for the IoT came to life in 1982, when a
ios involving a consortium or federation of nodes. group of students turned a Coke machine installed at the
Ripple consensus begins with a unique node list (UNL), Carnegie Mellon University into what may be considered the
which is a list of active validator nodes in the network. Each first smart, connected appliance [68].
node has a UNL with 100+ nodes in it, and each UNL has to Today, the term is used as an umbrella keyword for covering
overlap by at least 40% with the UNLs stored by other nodes. various aspects related to the extension of the Internet and
Ripple carries out multiple rounds of voting, where nodes the Web into the physical realm, by means of the widespread
assemble transactions into candidate blocks and broadcast deployment of spatially distributed devices with embedded
them to the nodes in their UNL. Nodes then broadcast votes identification, sensing and/or actuation capabilities [69]. How-
on each candidate block. Each round of voting helps nodes ever, the IoT is far more than a marketable label, rather it can
refine their candidate block, and a new block is added to the be seen as a technology that is, sometimes drastically, trans-
ledger once it receives a supermajority vote of 80%. Thus, forming all industries and markets, enhancing and extending
even though Ripple carries out multiple rounds of votes, it the digitalization enabled by information and communication
provides a fault tolerance of n ≥ 5 f +1. Consensus in the entire technology (ICT) towards the broader impact offered by the
network is based on consensus within subnetworks, so Ripple capability to sense, communicate and actuate on the whole
allows open-ended participation of users, market entities and physical environment where such IoT devices and applications
gateways to other subnetworks. are deployed.
Stellar introduces the idea of quorums in blockchain net-
works, where a quorum is a set of nodes used to reach
A. Issues and Challenges In the IoT
consensus. A node in such a network can be part of multiple
quorum slices, where each quorum slice securely reaches During the last two years, IoT platforms themselves are
consensus through voting. Since the quorums and quorum proliferating: a recent analysis by Research and Markets3
slices are allowed to intersect, stellar allows open participation enumerated more than 450 of such platforms [70]. These span
of nodes in different subnetworks within the main Stellar from horizontal platforms able to accommodate quite generic
network. Stellar opts for a safety over liveness property, in the use cases within different domains to vertical approaches able
event of malicious behaviour in the network, the blockchain to address very specific market needs (e.g., cities, spaces,
does not progress till the malicious behaviour is resolved. manufacturing, etc.). Clearly, the combinations of functional
Stellar provides flexible trust, and low latency, since it is specializations offered by such platforms are also variegated:
computationally inexpensive, and quorums contain limited device management, enabling applications, data analytics,
number of nodes that share vote messages. cloud storage, connectivity, only to mention a few examples.
Last but not least, they come with different licensing models,
either proprietary or open source. The result of this Babylon
C. Performance and Scalability in Consensus Algorithms
is an over-crowded and fragmented market. Moreover, while
Permissionless blockchains are forced to have slower block there is a common understanding on the fact that the IoT
creation speeds, in order to take into account the propagation technology could play the role of enabler for several business
speeds of nodes within the network. On the other hand, permis- opportunities, there exists a set of technical challenges that,
sioned blockchains have much lower latency, but suffer from despite being already identified, are slowing down a truly
a severe scalability issue. The networking overhead incurred global IoT adoption. The following are brief introductions to
from voting mechanisms limits permissioned blockchains to these challenges:
scale to only hundreds of nodes. The worst case complexity a) Cybersecurity: it is considered the most critical and
for permissioned blockchains is O(N 2 ) compared to the O(N) challenging barrier for the IoT. With respect to typical Web
worst case complexity of permissionless blockchains. This security, IoT security is subject to several new factors and con-
limits the usability of permissioned blockchains for the IoT. ditions that amplify potential threats. First of all, IoT devices
Therefore, there is a steep trade-off between performance and are commonly isolated hardware solutions that, depending
scalability from PoW consensus to PBFT consensus [66]. on their deployment conditions, are subject to tampering in
Through the virtues of publicly anonymous accessibility and
decentralization, permissionless blockchains are better suited 3 https://www.researchandmarkets.com/
ways that may be unpredictable by manufacturers. IoT devices B. Decentralizing the IoT through Blockchains
are then typically interconnected with other devices making
Simplifying the concept as much as possible, the aim of
it complex to manage device-to-device interactions and to
the IoT is to have smart objects communicate over the In-
protect them from malicious data manipulation. Moreover,
ternet to collect comprehensive data and provide personalized
IoT devices have typically limited computational power: this
automation services, with little deliberate human interaction
limitation hinders the adoption of highly sophisticated secu-
[75]. Towards this aim, current IoT platforms are built on a
rity frameworks. Once IoT devices are connected with each
centralized model where a central server or broker provides
other and with the Internet, they become an interconnected
services like data handling, device coordination, and authoriza-
and complex system which is difficult to immunize against
tion. This approach necessitates high-end servers and proves
modern security threats. For this reason, such systems be-
to be unsuitable for scenarios where objects are required to
come exponentially exposed to several web attacks (password
autonomously exchange data. In a centralized model, central-
security attacks, message spoofing/alteration, traffic analysis,
ized servers authorize objects to communicate with each other,
Distributed Denial of Service, Sybil attack, eavesdropping,
so the increasing number of devices communicating with each
etc.). On the other hand, a generic “one-size-fits-all” security
other over the Internet steadily increase set requirements for
model is difficult to implement. To properly address security
the servers. Other issues associated with a centralized model
in IoT there is a need for novel security models foreseeing the
are of security [76], [77], data privacy [78] and the trust
development of specific policies and best practices capable of
inherently required in using centralized servers [79].
combining security-by-design approaches with specific techni-
cal countermeasures designed at different technological stacks, Following the recognition of the opportunities blockchains
as well as novel organizational processes capable of addressing offer and their potential impact, researchers and developers
information security for IoT in a more holistic way [71]. have taken to create decentralized applications for the IoT. The
inherent features of blockchains as discussed previously, make
b) Privacy: the huge amount of data generated by IoT them a natural fit to developing a secure distributed fabric
devices may offer detailed information about the context where for the Internet of Things and distributed cloud computing
device owners/users live, and about their habits. This data may in general. Based on these features, the following are the
be collected without any explicit user consent and exposed potential benefits and motivations for developing a blockchain-
to third parties when shared by supporting IoT platforms, based decentralized IoT framework:
depriving users about control on which data and to whom
his personal data is given access [72]. While administrative • Resilience: IoT applications require integrity in the data
policies exist for providing privacy to IoT users, the challenge being transferred and analyzed, therefore IoT frame-
is to develop solutions that ensure privacy by design. works need to be resilient to data leaks and breakage.
Blockchain networks store redundant replicas of records
c) Massive Data Management: the volume of data gen-
over blockchain peers, which help maintain data integrity
erated by IoT devices can be enormous and difficult to manage
and can provide resilience to IoT frameworks.
in terms of elaboration, communication/transmission, and stor-
• Adaptability: Currently, the heterogeneity of IoT de-
age. Scalable infrastructures are necessary to efficiently handle
vices and protocols limit their interoperability, and
this massive growing volume of data [73].
since blockchains are semantics-independent distributed
d) Lack of Standardization and Interoperability: the databases, using blockchains as the network control
landscape of standards for the IoT is full of open solutions, mechanism for the IoT will add a greater degree of
supported by independent and multinational governance bod- adaptability to it. Blockchains are proven to work over
ies, alliances or organizations (e.g., IEEE, ETSI, IETF, W3C, heterogeneous hardware platforms, and a blockchain-
OMG, OneM2M, ITU-T, OASIS IEC, etc.). These standards based IoT framework holds the promise to adapt to
cover different aspects of IoT products, services, systems, varying environments and use cases to meet the growing
from communication technologies to architectures. Some of needs and demands of IoT users.
them follow a neutral, cross-domain approach, while others • Fault tolerance: The Internet of Things represents a
are applicable only to specific vertical domains. Unfortunately, proliferation of always-available smart devices that col-
the uncontrolled proliferation of standards, further exacerbated lect data and provide automated functionality. Network
by the lack of commonly accepted standards, only leads to control mechanisms for the IoT require high availability,
fragmentation and can even become a real barrier for the IoT which may not always be the case in architectures involv-
adoption and for the possibility of performing real integration ing centralized servers. Blockchains are Byzantine fault
in multiple application domains [74]. tolerant record-keeping mechanisms that can identify
e) Lack of Skills: the complexity and the heterogeneity failures through distributed consensus protocols.
of the technologies involved in an IoT domain require spe- • Security and privacy: One of the most important chal-
cific skills for the design, implementation, but also for the lenges faced by the IoT, as discussed before is network
operations of the deployed solutions. Such skills are typically security. To ensure confidentiality and data protection,
difficult to build or acquire by organizations. In this case, blockchains have pseudonymity in its addressing and
the IoT ecosystem plays a critical role, as it could guarantee distributed consensus for record immutability. Data mod-
that the right skills are offered and acquired in a proper and ification attacks cannot be mounted in public blockchains
effective way [75]. since the blockchain does not exist in a singular location.
Furthermore, the cost added to making new transactions TABLE III

(either monetary or computational) protect the network N ODE T YPES IN B LOCKCHAIN N ETWORKS
against flooding attacks and DDoS attacks.
Node Type Storage Validator
• Trust: Blockchains enable trust between transacting par-
Full Node Full Blockchain Yes
ties. The “trustless" features of blockchains remove the
need for users to trust centralized entities to handle their Light Node Block headers No
IoT data, thus preventing malicious third party entities Transaction Issuer None No
from accumulating users’ private data. Blockchains allow
faster settlements for automated contracts without the
need for trusted intermediaries. without relying on a third-party service provider, thus bridg-
• Reduced maintenance costs: An important step towards ing transacting entities in a democratic fashion. Blockchain-
the global pervasion of the IoT is to find efficient and based records and cryptocurrency can be used for negotiating,
economical methods to handle the massive volume of effectuating trade and maintaining records, as proposed in
data generated by sensors throughout the IoT. A cloud [80], [81], [82], [83], [84]. Further details on these proposed
based IoT framework faces a significant disadvantage in solutions are discussed in X-B.
its high server maintenance costs, which not only add Another use case for integrating blockchains with IoT is
monetary cost, but also adds to the communication costs in smart-insurance. In the insurance sector, many companies
in device-to-device communications. Centralized cloud have taken up IoT applications to collect data for aiding
storage services use geographically spaced data centers them in calculating insurance premiums and processing insur-
which are large central points of failure. Centralized ance claims. Several management processes within insurance
cloud services introduced much lower prices for storage can be automated using smart contracts, while maintaining
and computing, which led to their widespread adoption. compliance to legal requirements. Considering the benefits
However, blockchains have the potential to significantly of the combination of the IoT and blockchains, eventually
reduce costs incurred by maintaining dedicated servers. insurance use cases will migrate from telematics to real-time
Public blockchains applications do not require dedicated IoT cryptocurrency applications 6 .
servers, and utilize the computational and storage capa- Other industry verticals where blockchains and IoT can
bilities of its participants. Since the participants receive bring potential benefits include healthcare, supply chains, en-
incentives for their contributions, blockchains stand to be ergy trading smart-grids, smart home applications, connected
the next step in democratizing the IoT. Blockchain-based vehicle fleet management and robot swarm coordination. Peer-
data storage platforms like Sia4 demonstrate the reduced to-peer decentralized applications in these areas can bring
costs in storing data using blockchains. In Sia, instead about a revolution in ubiquitous service provision and dis-
of using dedicated servers, users rent out any available tributed oversight of all IoT data transactions.
storage space they have, which others utilize to store
data. While the cost for storing 1 Terabyte per month
on Amazon S35 is $25, the cost of blockchain-based data C. Integration Schemes for Blockchains and IoT
storage in Sia is $2 per Terabyte per month. Centralized cloud services have made major contributions in
• IoT e-business models: In current IoT service provision, the growth of IoT, but in data transparency, there is an inherent
users surrender their data to centralized service providers need of trust and a lack of absolute confidence. Centralized
in exchange for IoT services, however, data being ex- cloud services act much like a black box for IoT services,
changed over public blockchains can have the added ben- and IoT users do not have control and total confidence in
efit of enabling users to engage in a new data marketplace how the data they share will be used. Furthermore, centralized
and monetize their IoT data. Blockchain-based solutions cloud services are vulnerable to faults and lethal security
also incentivize users to make IoT resources available for attacks. In the evolution of IoT, the network edge is getting
others to use on demand, in exchange for cryptocurrency. more functionality as compared to the cloud, as seen in fog
and mist architectures [85]. The IoT can benefit from the
Blockchains show promise in several industry verticals, and decentralized network paradigms offered by blockchains, so
startups are locked in a race to develop blockchain-based further developments to the IoT can continue while eliminating
distributed applications for different use case scenarios. As the need for trust in centralized services. However, blockchains
discussed before, a significant part of these applications have are still in their early stages of research and development, and
direct link to the IoT. An example of these applications can there are still multiple research challenges towards integrating
be seen in the insurance industry. IoT and blockchains in a seamless manner.
An example of the numerous industry verticals for a
Achieving absolute decentralisation in the IoT using
blockchain-based IoT are smart grids. Blockchains have the
blockchains is problematic, considering the vastly varying
potential to facilitate trade of energy between producers and
devices involved in the IoT. Most devices on the IoT edge have
consumers. In a blockchain-based smart-grid system, each
resource constraints, and cannot host a copy of the blockchain
participant has a unique identifier which can be authenticated
or engage in validating new blocks for the blockchain. There-
4 https://sia.tech/technology
5 https://aws.amazon.com/s3/ 6 https://www.ibm.com/blockchain/industries/insurance
fore, it is important to decide upon what roles the different without the need to host an entire copy of the blockchain.
entities in the IoT edge (devices, gateways, etc) will take. Therefore, such edge devices are more manageable within
Table III indicates the possible roles the participants of blockchain networks and can continue making contributions
a blockchain network can assume. Full nodes are partici- to the blockchain, while other full nodes in the blockchain
pants in the blockchain network that host the entire copy network can carry out decentralized consensus and block
of the blockchain. Full nodes can issue transactions to the validation.
blockchain, and can choose to act as a validator for adding In recent literature, we have surveyed a variety of integration
new blocks onto the blockchain. Light nodes running a “light- schemes that aim to account for IoT edge device constraints
client" application can issue transactions to the blockchain, in a blockchain-based IoT, with varying requirements of cryp-
and can host a copy of the block headers from the blockchain. tographic capabilities for the IoT edge devices. The following
Light nodes can verify the validity of transactions through is a discussion of the alternate paradigms as seen in recent
the block headers, however they do not publish new blocks literature for integrating blockchains and IoT:
to the blockchain. Light nodes are used as an easier entry • Gateway devices as end-points to the blockchain: in
point to the blockchain, using limited computational resources. this integration scheme, all communications go through
A transaction-issuer running a “light wallet" application is a the blockchain, while the IoT gateways act as end-points
participant that does not maintain a copy of the blockchain to the blockchain network. In this case, the IoT devices
or engage in block validation, however it simply issues trans- will be registered to the gateway device, and the gate-
actions to the blockchain. In some blockchain platforms, the way issues transactions to the blockchain. This approach
potential downside of having a light wallet transaction-issuer is enables traceability of all communications involving a
that it performs transactions through a light or full node. This specific IoT gateway and IoT service. This integration
can be a node in the same local network as the transaction- scheme can also be used to authenticate communica-
issuer, or in the case of the Ethereum platform, a third party tions between devices connected to separate blockchain-
service like Infura 7 and Metamask8 . The former is a more enabled gateways [87]. In this approach, not all of the
suitable choice since using third party services nullifies the data transferred needs to be stored on the blockchain.
point of decentralization. The blockchain itself can be used as a control mechanism,
Choosing the right consensus algorithm can prove to be with smart contracts acting as programmable logic, while
detrimental in integrating blockchains with the IoT. Proof-of- data transfer can occur over peer-to-peer technologies like
Work based mining remains unfeasible in context of the IoT BitTorrent and IPFS 9 . However, recording all IoT inter-
due to its high computational requirements and high block action events on the blockchain will increase bandwidth
processing time. In some cases, researchers have attempted and storage requirements, and currently scalability is a
to relax the validation requirements of PoW based consensus well known research challenge towards the integration
[86], however, this can lead to compromises in the security of blockchains and IoT. Fig. 2(a) is an illustration of
afforded to IoT networks by blockchains. PoW consensus this approach. The degree of decentralization achieved
with relaxed requirements can be securely implemented in through this approach is not as fine-grained as in the
consortium blockchain deployments, since all members of the case where devices issue transactions directly to the
blockchain are known. In single-enterprise solutions, or use- blockchain.
cases where the blockchain-connected nodes or gateways are • Devices as transaction-issuers to the blockchain: this
known and in the order of hundreds, voting-based consensus integration scheme is seen in [16], however, in our
like PBFT can be used, to maintain security and low block discussion we are assuming that the IoT devices are
processing times. For public blockchain deployments, alter- not in fact carrying a copy of the blockchain, but are
nate consensus algorithms including Proof-of-Stake and other simply issuing transactions to the blockchain, as shown
Proof-of-X algorithms are seen as more suitable for blockchain in Fig. 2(b). Similar to the previous approach, all IoT
deployments within the context of the IoT. interaction events are logged onto the blockchain for
Keeping in mind the resource constraints faced by IoT secure accountability. In this approach, IoT devices can
devices, it becomes necessary to employ some design consid- be provided with cryptographic functionality. The trade-
erations about the extent of their involvement in a blockchain off here is higher degree of autonomy of IoT devices and
network. Most IoT devices do not have cryptographic ca- applications, versus increased computational complexity
pabilities, and do not meet the computational and storage of IoT hardware.
requirements for engaging in blockchain consensus algorithms. • Interconnected edge devices as end-points to the
To account for these limitations, IoT edge devices only take blockchain: in this approach [16], IoT gateways and
on the role of simple transaction issuers. Even in the case devices issue transactions to the blockchain and can com-
of light-nodes, most IoT edge devices do not carry sufficient municate with eachother off-chain, as seen in Fig. 2(c).
storage capabilities to host the "headers only" version of While introducing the need for routing and discovery
the blockchain. IoT edge devices or gateways running as protocols, this approach ensures low latency between the
simple transaction-issuers have verifiable blockchain-identities IoT devices and the choice to log specific interactions on
the blockchain. This integration scheme would be more
7 www.infura.io
8 www.metamask.io 9 www.ipfs.io
(a) Gatway devices as end-points to the blockchain. (b) IoT edge devices as transaction issuers to the blockchain.
Adapted from [16]
(c) Interconnected edge devices as end-points to the (d) A hybrid cloud/blockchain approach. Adapted from [16]
blockchain. Adapted from [16]
Fig. 2. Blockchain integration schemes for the IoT. All arrows indicate interactions.
suited to scenarios where interactions are much more Which integration scheme to implement depends upon the
frequent and high throughput, low latency, reliable IoT requirements of the IoT application. For instance, when there
data is required. is a need for immutable record-keeping and relatively lower
• Cloud-blockchain hybrid with the IoT edge: this ap- number of interactions are taking place, the first two interac-
proach is an extension to the previous integration scheme, tion schemes make more sense. In applications that require
whereby IoT users have a choice to use the blockchain higher performance, using a blockchain alone may not be
for certain IoT interaction events, and the remaining adequate, and it would make sense to use a hybrid integration
events occur directly between IoT devices [16]. This scheme. In IoT use-cases neither IoT devices or gateways
approach leverages the benefits of decentralized record- should ever be used as full-nodes, since the storage and com-
keeping through blockchains as well as real time IoT putational overheads will not be able to justify the potential
communication. Fig. 2(d) is an illustration of this hybrid benefits. Furthermore, in the case of some applications, an
integration scheme.The challenge posed by this approach integration with blockchains may not be necessary. In order
is to optimize the split between the interactions that occur to ascertain which application scenarios justify a blockchain
in real-time and the ones that go through the blockchain. integration, the methodology presented in [88] can be used.
Hybrid approaches can utilize fog computing to overcome
the limitations of blockchain-based IoT networks. Current centralized IoT models are linked to specific draw-
backs and limitations that can be canceled or mitigated
by the decentralization properties of the blockchains [15]. heavily centralized intermeiaries that are vulnerable to security
Blockchains lay the groundwork for developing decentralized threats. The concept in both group and ring signatures is the
IoT platforms that enable secure data exchanges, and trustless same: the user transfers data through a broker as part of a
record keeping of the messages exchanged between devices group, so as to mask the user’s identity. Another proposed
without the need for maintaining high-end servers. In the solution for privacy and anonymity in IoT is k-anonymity [98],
following sections, we will see how the blockchain technology which is an approach meant to prevent identity disclosure by
can play a relevant role in addressing and overcoming some anonymizing data transmitted. The basic working principle of
of the aforementioned challenges in different areas of the IoT. k-anonymity is to suppress attributes of transmitted database
entries such that they are similar to k − 1 other entries.
V. I OT P RIVACY T HROUGH B LOCKCHAINS However, k-anonymity and its variations have been met with
critique and are not adequate in guaranteeing privacy for IoT
A. Privacy Concerns in Centralized IoT Models data [99]. The main criticism is that common attributes within
The IoT provides new capabilities and convenience at the a k-anonymized data set can be used to infer personal infor-
consumer level. In an example consumer IoT smart home, mation within a single entry. For example, in k-anonymized
children watch programs on a smart television. A thermostat hospital records, common attributes of the patients of a specific
maintains 22 Celsius degrees and diverts energy from rooms disease can be used to disclose the medical information of a
that are empty. Their parents issue voice commands to the specific person with matching common attributes. Considering
home computer, to turn off the lights. In the background, a the significant paradigm shift decentralized ledger technology
smart fridge sends out an order for the next day’s groceries. promises for the IoT, research efforts are underway to de-
All these convenient services come from a centralized service termine if private-by-design systems can be developed using
provider that processes and handles sensor data collected in blockchain techniques.
the smart home. Within this centralized and hyperconnected
nature of homes and cities, we see concerns related to user data
privacy. The privacy issues in IoT are immense, considering B. Blockchain-Based Decentralization for IoT Privacy
the sheer amount of data being collected, transferred, stored, In the last few years, decentralization is being explored for
and undoubtedly sold. issues related to privacy. Alcaide et al. [119] presented one of
Data collection in IoT has diverse purposes, for example, an the earlier pre-blockchain solutions for decentralized anony-
organization may lease equipment and collect usage data for mous authentication, based on cryptographic Zero-Knowledge
billing purposes. The organization can draw inferences about Proof of Knowledge (ZKPK). However, this solution has
user’s preferences and habits from the data itself as well as received criticism: the protocol is susceptible to attack when
the associated metadata [89]. Customers in this position place an adversary impersonates an actual user in the data collection
their trust in the organizations providing the Internet-based aspect of the protocol [120]. More recently, blockchains have
applications and have little knowledge of what data is being become the primary candidate technology to decentralize the
transmitted, or if their data is being shared or sold to third- IoT. Blockchains lay down the foundations of decentralizing
party entities [90]. The worst-case scenario here would be networks, and carrying out data transfers securely, without the
mass-surveillance programs [91], whereby entities collecting need of any authorizing and authenticating intermediaries. The
user data can collaborate with ‘Big Brother’ entities and collect immutable record-keeping attributes of blockchains provide
data not relevant to the provided service. Apart from having a viable solution for governing IoT micropayments and data
to place trust on the centralized service providers to not sharing, so privacy-preserving network design for IoT using
breach their privacy, users also have to trust that data is being blockchain and smart contracts is a fertile and active area of
transferred with confidentiality and integrity. Any unsecured research.
data transfers can allow malicious parties to eavesdrop and All interactions that take place over the blockchain are
collect data without authorization [92]. publicly available and verifiable, therefore, IoT data stored
Apart from authentication and secure cloud computing, in on-chain as well as off-chain is typically kept encrypted, and
order to prevent violations of privacy, the challenges involved policies for authorized access are enforced on the blockchain.
are implementing policies that ensure data confidentiality, The first step to developing private-by-design solutions is
integrity, ownership and governance [93]. [94] advocates for to ensure data ownership for IoT users, so that they can
“privacy-by-design," and emphasizes the need for empowering exercise control over how their data is accessed and when.
users, and giving them the ability to control the data that is Users can also choose to keep their data private and encrypted
collected and shared. Such a design aims to implement access over a decentralized data storage medium. Towards IoT data
control policies to evaluate requests and decide whether to ownership, Zhang et al. [100] propose a tokenized access
allow access to data or not. To combat the privacy violation model where people can issue transactions to IoT data owners
by a rogue sensor network, current solutions in privacy involve for access privileges to their encrypted data. IoT users in this
users going through a privacy broker [95], which itself if an case can exercise complete control over what data they want
intermediary entity between the user and the sensor network to share in exchange for services or monetary incentives, and
that can be subject to threats. Similarly, other techniques to can perform selective expression of their IoT data. Another
provide privacy to traditionally centralized IoT infrastructures, proposed solution for allowing private ownership of IoT data,
namely group signatures [96] and ring signatures [97] also use FairAccess [101][102] provides another solution whereby IoT
TABLE IV
B LOCKCHAIN -BASED P RIVACY M ECHANISMS FOR THE I OT IN R ECENT R ESEARCH
General Subcategories in
Proposed Solutions Privacy-Preservation Implemented By
Blockchain-Based IoT Privacy
Zhang et al. [100] Tokens for access privileges to IoT data
Tokenized Approach for
FairAccess [101][102] Smart contract transactions for role-based access privileges
IoT Data Access
Enigma [103],
Tokens for access privileges to data stored in DHT
Shafagh et al. [104]
PISCES framework [105] Privacy validation chain (PVC) for verifying data ownership
PlaTIBART [106] Private blockchains for logging off-chain communications
Privacy-Preserving Ayoade et al. [107] Private blockchain and Trusted Execution Environment (TEE) for data storage
Frameworks Cha et al. [87] Blockchain-connected gateways for managing devices and issuing transactions
Hawk [33] Programmable access control policies in smart contracts
Conoscenti et al. [108] Permissioned blockchains for validating data store in peer-to-peer storage medium
Sharma et al. [109] Software-defined cloud computing and blockchains for managing virtual resources
Zyskind et al. [110] Governing IoT data on the cloud using fine-grained access policies in blockchain
IoT-Cloud Ecosystem Rahulamathavan et al. [111] Attribute-based encryption for sensor data on the blockchain
JointCloud [112] Blockchain-based collaborative environment for private clouds
Hardjono et al. [113] Commissioning IoT devices over the cloud through permissioned blockchains
Tiered Blockchain Dorri et al. [86] Private blockchains and an overlay blockchain for managing cloud-data
Architecture Ali et al. [114] Private blockchains and a public blockchain for transferring IPFS file hashes
Aitzhan et al. [80] Group signatures and off-chain messaging for energy transacting systems
Smart Grid and Laszka et al. [81] Autonomous broker for maintaining anonymity of energy producers.
Smart City Applications Knirsch et al. [82],
Smart contracts for privately negotiating tariffs for energy transactions.
Lombardi et al. [115]
Wang et al. [116] K-anonymous incentive mechanism for crowdsensing applications
Kang et al. [117] Pseudonymous address updating for vehicular data exchange
Pseudonymous Address
Kang et al. [84], [83] Pseudonymous address updating for energy trading in IIoT and connected-vehicles.
Updating and Management
Gao et al. [118] Registration with multiple addresses for vehicle-to-grid energy trading.
owners have full control over whom they choose to grant authors use a private blockchain to log hashes of data chunks
access to their IoT data. FairAccess uses smart contracts which stored in a storage platform based on a trusted execution
IoT users can use to selectively associate role-based privileges environment (TEE). Additionally, they consider Intel SGX as
to people requesting access to their data, in exchange for part of the TEE to ensure privacy of the IoT data as well as
monetary or service incentives. Additionally, [103] and [104] the blockchain application code.
have similar tokenized approaches for granting access to Cha et al. [87] propose using blockchain-connected gate-
requesters upon the IoT data owner’s discretion, while the IoT ways to manage legacy IoT devices and issue data transac-
data in these approaches is store off-chain on Decentralized tions over the blockchain. The blockchain gateway maintains
Hash Tables (DHT). privacy-awareness, while the blockchain stores immutable
The PISCES framework [105] aims to provide privacy-by- encrypted records of user preferences. The gateway therefore
design through enforcing data ownership and data governance. enhances privacy on the IoT edge with BLE devices.
They define roles of data providers and data controllers, and For cloud computing, the proposed solution outlined
use a Privacy Validation Chain (PVC) to maintain auditable in [109] introduce software-defined cloud computing with
track of data usage events. The added PVC blockchain ensures blockchain based access control for a distributed solution for
that the rights IoT users have over their data are respected. privacy. Another privacy-preserving access model is described
PlaTIBART [106], is a proposed blockchain-based platform in [110] where blockchains and fine-grained access-control
for IoT applications that involve data interactions. It provides policies allow users to govern their own data. Rahulamathavan
the tooling and techniques for deploying and managing IoT et al. [111] use attribite-based encryption for sensor data to
blockchain applications in private blockchains. They use pri- enable privacy in IoT-cloud ecosystems.
vate blockchains for its privacy features and fast transaction Chen et al. [112] propose JointCloud, a cloud-blockchain
finality times, as well as implement off-chain communications hybrid approach to ensuring privacy for the IoT. More specifi-
for private data transfer events. Another off-chain data storage cally, they use a private cloud for IoT data storage, and an
and sharing solution is proposed in [107]. In this case, the overlay blockchain for recording all data transfer and IoT
non-sensitive information separately, thus providing varying

degrees of privacy-preservation. Conoscenti et al. [108] uses
peer-to-peer storage to alleviate storage inflation issues within
the blockchain. Using a peer-to-peer storage for off-chain data
enhances privacy for the IoT user’s data. The blockchain stores
encrypted hash of the data, and transactional information. Ali
et al. [114] proposed a multi-layered blockchain architecure,
which uses the concepts of smart contract based access control,
as well as peer-to-peer storage. This solution uses IPFS as a
distributed storage medium for IoT data.
While power grids are experiencing changes due to a boom
in renewable energy solutions, decentralized IoT applications
that help to manage transactive microgrids are emerging. Here,
blockchains are being researched for use in smart grid ap-
plications, where energy sharing applications require privacy,
decentralized control, and monetization mechanisms. Aitzhan
et al. [80] use group signatures and off-chain encrypted anony-
mous message streams to provide privacy in energy trading
applications. More recently, Laszka et al. [81] proposed a
solution towards enabling energy producers to tokenize and
Fig. 3. A tiered architecture with private blockchains connected to a public trade units of energy with consumers while protecting the
blockchain. Private blockchain owners can choose to selectively communicate energy producers’ personal information. The energy producers
with requester nodes or other private blockchains.
achieve total anonymity by using new public-private key
pairs for every transaction generated and maintained by an
autonomous broker. [82] and [115] use smart contracts to
interaction events. The JointCloud Collaboration Environment enable privacy and decide tariffs for energy sharing within
(JCCE) serves as a collaborative medium between private smart grids in a cost-effective way.
clouds, and consists of the JointCloud Blockchain (JCB) which Wang et al. [116] propose a privacy-preserving incentive
manages transactions, community and supervision functions mechanism for crowd sensing applications. The technique
through smart contracts. The use of a private blockchain to used to make crowd sensing streams private is k-anonymity.
form a collaborative medium over private cloud storages does The authors achieve k-anonymity through node cooperation
add private server maintenance costs, but it does maintain an verification, where k nodes form a group that cooperates
immutable record of IoT transactions while preserving IoT to meet the k-anonymity requirements. Despite the inherent
data privacy. shortcomings of k-anonymity techniques, the proposed solu-
Hardjono et al. [113] propose privacy preservation in com- tion is demonstrated to resist impersonation attacks, however
missioning IoT devices over the cloud, using permissioned there is no analysis for its protection against collusion attacks.
blockchains. The authors grant provenance of a resource- Recently, a trend to enable privacy in blockchain-based
constrained IoT device without revealing its identity. This IoT applications is to use pseudonym management solutions.
solution is based on the ChainAnchor [121] system that aims Using fixed singular pseudonymous addressing does not offer
to provide pseudonymity within permissioned blockchains adequate privacy, even if the transactions occurring in a net-
using zero-knowledge proof scheme and Enhanced Privacy ID work involve transferring off-chain data. Singular blockchain
(EPID) [122]. addresses can be traced back publicly and can reveal user
The most promising solution for private-by-design IoT identities [123]. Previously, multiple algorithms for updating
data transfer is using a tiered architecture for blockchains, and changing pseudonymous addresses have been presented,
whereby either multiple private blockchains connect to a especially for vehicular networks [124]. Recent research ef-
public blockchains, or interoperable blockchains are connected forts have involved developing pseudonymous address man-
together to form a network of blockchains, as shown in agement for connected-vehicle privacy using fog-computing
Fig. 3. Here, users in separate blockchains can choose to [125]. Using a vast number of pseudonyms to mask the
selectively express data to other blockchains. Dorri et al. identity of a singular vehicle within the Internet of Vehicles
[86] introduce a privacy-preserving architecture where smart (IoV) is proven to boost privacy by a significant margin
home owners can log IoT events in a private sidechain and [126]. Pseudonymous address management in blockchains is
use cloud storage for IoT data. Users can then choose to being researched to ensure privacy on a transactional level
share any amount of their encrypted data with others over a without the need for third party intermediaries. Kang et al.
public overlay blockchain, according to access-control policies [117] propose a privacy preserving solution for secure data
written into the block headers. Smart contracts for access- sharing in vehicular networks, with privacy preserving fea-
control was an idea introduced in Hawk [33], which im- tures. They use a pseudonymous address updating mechanism
plements programmatic access-control mechanisms via smart which prevents a single vehicle being tied to a singular
contracts. Hawk accounts for sensitive private information and blockchain address. Further work by Kang et al. [84], [83]
outlines a solution for peer-to-peer energy trading in IIoT general subcategories of research for privacy in blockchain-
and between connected hybrid vehicles, using pseudonymous based IoT frameworks. From this discussion, we can see that
address updating in a consortium blockchain. They implement in order to maintain privacy, a public blockchain in itself is
a modified version of the proof-of-work consensus mechanism not sufficient, since all contents of the public blockchain are
with relaxed constraints, where local aggregators perform visible to the blockchain network participants for the sake
block validation and can be held accountable in case of false of auditability. Therefore, we can infer open challenges like
block creation. Block validation times take up to one minute, finding an effective balance between auditability and privacy
and the consortium blockchain acts as a secure medium for in public blockchains (discussed further in Sec. XII-A), as
conducting energy transactions. Lu et al. [127] propose using well as maintaining data integrity within private blockchains
pseudonymous address updating for privacy in VANETs, while for tiered blockchain architecture.
maintaining authorization and messaging records in separate
blockchains for added auditability. Gao et al. [118] use Hy- VI. T RUSTLESS A RCHITECTURES FOR I OT
perledger blockchain to implement a payment mechanism in
Vehicle-to-Grid networks, with a registration mechanism and A. Issues of Trust in Centralized IoT Architectures
pseudonymous address updating. Their use of Hyperledger The services offered by the IoT ecosystem are often cen-
PBFT consensus does limit the scalability of the network, tered around the cloud computing paradigm where the data
but affords higher efficiency and transaction speeds. Separate from the IoT devices are processed and stored in a cloud
registration records are maintained, which are only visible to infrastructure. However, the IoT ecosystem is affected by the
authorized entities for auditability. pervasiveness and ubiquity of smart devices, i.e. the devices
being closely interactive with the users, collect data which is
sensitive and intimate to the user. Even though cloud com-
C. Blockchain-based IoT Privacy Solutions in Industry
puting in the IoT ecosystem makes the data widely available
In industry, an interesting approach to tackle one of the and accessible to the users in almost real-time, the data is still
many privacy issues faced by the Internet of Things, is done by mediated and stored by a centralized entity. Given the nature
the company Lola Cloud10 , a home intelligence system where of the data, the assumption of trust the third party requires may
users accounts and storage are protected by blockchain smart lead to breaches of privacy and security in the IoT ecosystem.
contracts. COSMOS11 is a blockchain project in the industry Recent research in this area has prompted two research
that aims to horizontally interconnect blockchains, so that paths: one being strengthening of trustful architecture where
the contents of one blockchain remain private from the other more secure algorithms are used to disseminate and store IoT
blockchains it interacts with. Supply chain solutions based on data; and the other being a proposal of “trustless" architectures
private blockchains aim to maintain immutable private records [139], which relies on a peer-to-peer approach for validation
within the supply chain, inaccessible to external entities. For of transactions among participating entities. The first research
example, Provenance12 relies on the auditability of blockchain path aims to add encryption to enhance the trustability of
records to guarantee traceability and transparency of the centralized solutions. This can prove to be cumbersome for
products in food markets. The supply chain sector is taking IoT devices given their resource-constrained nature, which
advantage of smart embedded devices able to autonomously often leads to unencrypted communications or use of simple
push data into a blockchain software infrastructure, therefore encryption algorithms. Moreover, the use of more secure
creating tamper-proof, decentralized records, as is the case of algorithms like AES-256 affects the latency of the system and
Skuchain13 and BriefTrace14 . thus dents applications with near real-time requirements. On
the other hand, decentralized consensus among a set of peers
D. Summary and Insights eliminates the need for trusting any third party services, hence
the term “trustless" architecture. A peer-to-peer configuration
In this section, we learned that since blockchains provide favors the IoT ecosystem, considering the large number of
auditability by making all of its contents publicly accessible, devices available in a network.
achieving privacy becomes a challenge. We discussed recent
research contributions towards enabling privacy in blockchain-
based IoT frameworks, ranging from proposed solutions that B. Trustless IoT Architectures with Blockchains
leverage smart contracts in enforcing access policies, to The term synchronous with trustless architectures is that of
more advanced techniques like tiered blockchain architectures the blockchain. Blockchains maintain an immutable ledger of
and privacy mechanisms for energy transacting networks. transactions identically shared among peers in the blockchain
Additionally, pseudonymous address updating is also being as discussed in Sec. II, thus making them a suitable solution
researched to boost privacy in blockchain-based IoT on a for the centralization problem in cloud computing. Authors
transactional level. Table IV organizes these contributions in of [140] study the use of secure multi-party computations
(MPC) while leveraging blockchains. The aim of the proposed
10 https://lola.cloud/
11 https://cosmos.network/
solution is to create a trustless environment for hyper-localized
12 https://www.provenance.org edge computations in the IoT fog. The blockchain ensures that
13 https://www.skuchain.com the participating entities perform computations on a set of data
14 https://www.brieftrace.com/ contributed by the entities without trusting a central authority.
TABLE V
T RUSTLESS B LOCKCHAIN A RCHITECTURES FOR THE I OT
Proposed Architectures Main Feature Trustlessness Ensured By

Permissioned blockchain for local data storage tasks,
Enigma [103] Decentralized data storage and tokenized access control
permissionless blockchain for public tasks
Liu et al. [128] Verifiable data integrity for application owners and consumers Permissionless blockchain for recording hash of data
Cryptocurrency smart cards (CCSC) based on javacard secure
Urien et al. [129] Permissioned blockchain and JC3.04 smart cards
elements
Bahga et. al [130] Automated maintenance and diagnosis for IIoT machines Permissioned blockchain for recording IIoT interactions
Boudguiga et al. [131] Secure software update propagation to IoT devices Immutability of blockchain records
DiPietro et al. [132] Credit-based blockchain with reputation system Permissioned blockchains with low latency transactions
IoTChain [133] Device-to-device communications over blockchains Blockchain addressing + blockchain immutability
Establishing distributed trust through blockchain connected
Psaras et al. [134] Blockchain addressing + blockchain immutability
gateways
Trustchain [135] Scalable blockchain-IoT platform using multiple blockchains Parallel blockchains for every participant
Tian et al. [136] Traceable record keeping for food supply chains Private blockchain + BigchainDB immutability
Bocek et al. [137] Traceable record keeping for pharmaceutical IoT use cases Blockchain addressing + blockchain immutability
Permissioned blockchain for local data storage tasks,
Dorri et. al [86] Multi-layered blockchain architecture for IoT
permissionless blockchain for public tasks
Samaniego et al. [138] Blockchain-as-a-Service for the IoT fog Blockchain addressing + blockchain immutability
Enigma [103] is a peer-to-peer network which lever- model for the IoT through a credit-based blockchain they
ages blockchain technology to allow multiple users of the call obligation chain, which has a built-in reputation system.
blockchain to store and perform analytics on data while In order to circumvent the transaction delays in traditional
maintaining the privacy of the data. Enigma also leverages blockchains, IoT devices are able to perform transactions
the service of a permissionless blockchain to perform public on credit, and their ability to pay back their credit adds
tasks while performing the private computations on its own to their reputation. The obligation chain is a step towards
chain to handle computationally intensive tasks. The authors scalable blockchain transactions while enabling end-to-end
of [128] propose a decentralized data integrity verification trust between IoT devices.
framework based on the blockchain by the use of smart IoTChain [133] proposes an trustless IoT architecture where
contracts. The framework allows Data Owner Applications IoT devices register themselves onto a blockchain for securely
(DOAs) and Data Consumer Applications (DCAs) to verify storing, organizing and sharing streams of data without the
the integrity of data stored in a cloud infrastructure provider, need for a trusted intermediary. The authors of IoTChain do
in a trustless environment. In [129], the proposed solution for not sufficiently address the scalability of blockchains in the
improving trust in blockchain transactions is by using javacard use-case where IoT transactions are highly frequent, however
secure elements. Instead of using 32 byte secret keys, the they demonstrate trustlessness in end-to-end communication
authors implement a cryptocurrency smart card designed over for IoT devices as transaction issuers to a blockchain. In
the JC3.04 standard platform. the same vein, Psaras et al. [134] propose a edge-centric
Bahga et. al [130] realize the trustless verification of trans- solution to establish a trustless architecture for the IoT, in-
actions leveraging blockchains in the Industrial IoT context. volving gateways and IoT devices as transaction issuers to
Their proposed framework models tasks to be performed on the blockchain, while communications between edge devices
the IoT nodes as decentralized applications on the blockchain. can take place in a trustless way. In Trustchain [135], the
This not only allows logging and storage of the actions authors propose a scalable, Sybil-resistant solution for trust-
performed by the devices (in the form of transactions), but less IoT architecture, while replacing PoW consensus with
also allows automated maintenance and diagnosis of issues on an alternative mechanism for determining trustworthiness of
the nodes themselves. The authors of [131] propose a decen- peers called NetFlow. Trustchain is built on parallel chains
tralized mechanism to push updates on to IoT devices using that record transactions specific to each participant. Netflow
blockchain. The blockchain is used to record transactions of determines whether each peer is actively contributing in
software updates pushed onto the devices to prevent malicious maintaining integrity of Trustchain. Trustchain identifies faults
software updates on the devices. In this case, there is no when the transactions stored in one chain do not match the
need for a trusted broker for delivering updates since updates corresponding transactions of the other parties involved, and
propagated to the devices via the blockchain have guaranteed Trustchain refuses further service to the peer responsible for
integrity. this discrepancy.
DiPietro et al. [132] aim develop a decentralized trust Much can be said about how blockchains are used in
transparent record-keeping for supply chain IoT use cases. VII. B LOCKCHAIN -BASED I OT S ECURITY
In recent research contributions, [136] outlines a traceable The IoT as it exists today consists of 5 billion devices,
record-keeping architecture for food supply chains. This so- and it is projected to grow up to 29 billion by 2022 [142].
lution uses BigchainDB [141], a scalable distributed database As the physical world joins the Internet, the attack surface
with blockchain characteristics for publicly available records from known and new threats expands exponentially, resulting
pertaining to food safety. [137] uses Ethereum smart contracts in complex security implications [143]. The goal of the IoT is
for trustless and transparent record-keeping for pharmaceuti- to automate functions while maintaining protection against the
cal IoT supply chain use cases. A trustless environment is threat of a varying range of security attacks. In this section,
particularly beneficial in supply chain use-cases, since data we will discuss the security threats faced by centralized IoT
related to enterprise solution carries real business value, and infrastructures, and how recent research towards decentralizing
a compromised central service provider can lead to business the IoT has shown potential security benefits of a blockchain-
losses. based IoT.
There have been concerns about the suitability of
blockchains to consider IoT devices as nodes participating in
the blockchains. This has led to lightweight solutions being A. Security Issues in Centralized IoT Models
proposed for IoT devices and also a move towards edge An essential security challenge of the IoT comes from its
device based blockchain nodes. Dorri et. al [86] propose a ever expanding edge. In an IoT network, nodes at the edge are
lightweight and scalable multi-tier blockchain framework for potential points of failure where attacks such as Distributed
IoT which allows distributed trust mechanisms among the Denial-of-Service (DDoS) can be launched [144]. Within the
nodes managing the overlay blockchains as well as distributed IoT edge, a set of corrupted nodes and devices can act together
throughput management to ensure the allocated throughput for to collapse the IoT service provision, as seen recently in
the participating nodes is in coalition with the total available botnet attacks [145]. Identified in August 2016, the Mirai
throughput. The authors of [138] propose the use of fog layer botnet mounted the most potent attack against IoT security,
devices as blockchain nodes instead of the constrained IoT by compromising IoT devices and generating malicious traffic
end-devices. Since IoT devices are resource-constrained, the in the degree of Tbps [146]. After the source code of the
proposed architecture aims to enable trust at the fog layer Mirai botnet was publicly released, more attacks followed,
where more capable nodes are present. most notably the attack in October 2016, which took many
mainstream websites for several hours [145].
C. Blockchains for Enabling IoT Trust in Industry Another threat to the availability of IoT service provisioning
Startups are also exploring this issue as a business model, as comes from its heavily centralized configuration [147]. A
is the case of Xage Security15 , with a decentralized approach central point of failure not only is a threat to availability,
to provide trust among devices in industrial IoT networks. but also to confidentiality and authorization [148]. A cen-
Their aim is to decentralize industrial control systems to tralized IoT does not provide built-in guarantees that the
eliminate reliance upon a trusted third party. Ubirch GmbH16 is service provider will not misuse or tamper with users’ IoT
currently offering a solution similar to a notary services for the data. Furthermore, confidentiality attacks arise from identity
IoT devices and their data, in order to provide trustworthiness spoofing and analyzing routing and traffic information. In
on the data, from IoT devices. Multichain17 is a private a data-driven economy, guarantees are necessary to prevent
blockchain based protocol which offers decentralized access misappropriation of IoT data.
control to devices registered on the blockchain. The protocol IoT faces confidentiality attacks that arise from identity
runs a decentralized consensus algorithm following a round- spoofing and analyzing routing and traffic information, as well
robin approval of transactions. as integrity attacks such as modification attacks and Byzantine
routing information attacks [149]. Data integrity in the cen-
tralized IoT configuration is challenged by injection attacks in
D. Summary and Insights
applications where decision making is based on incoming data
In this section, we discussed how the “trustless" nature streams. IoT data alteration, data theft and downtime can result
of blockchain record-keeping can be leveraged to create in varying degrees of loss. Ensuring security is paramount
distributed trustless network environments for the IoT. Our in a system where smart devices are expected to interact
discussion covered how blockchains eliminate the need for autonomously and engage in monetary transactions. Current
trusting singular centralized entities in IoT services, including security solutions in the IoT are centralized, involving third
IoT supply chain use cases. Table V lists various proposed party security services, as seen in Fig. 4. Using blockchains for
mechanisms in recent research for developing trustless archi- security policy enforcement and maintaining publicly auditable
tectures for the IoT. This discussion illustrates the potential record of IoT interactions, without depending on a third party,
benefits of decentralizing IoT frameworks using blockchains can prove to be highly benefitial to the IoT.
for improving fault tolerance and guaranteeing trust in IoT
interactions.
B. Blockchains for Providing IoT Security
15 https://xage.com/
16 https://ubirch.com With virtues of decentralized public-key infrastructure,
17 https://www.multichain.com/ fault-tolerant design, auditability and inbuilt protection against
DDoS attacks, blockchains have demonstrated their capabili- contract policies for allowing and revoking access to stored
ties in delivering security to transactive networks like Bitcoin. IoT data. Another similar access control model is propose
A blockchain-based IoT solution is resistant to false authen- in [154], whereby IoT users can grant and revoke access to
tication since all devices issuing transactions have dedicated stored chunks of IoT data by means of functions written in
blockchain addresses. The consensus protocols used in public smart contracts. Hamza et al. [155] use an overlay blockchain
blockchains prevent malicious actors from launching denial to provide an access control mechanism for big data. They
of service attacks since making multiple empty transactions use programmable smart contracts to inform authorization
incurs transaction fees [150]. Thus blockchains have the poten- decisions for big data access requests.
tial to disrupt IoT security mechanisms and provide improved In approaches that aim to reduce transaction fees or design
security solutions to the IoT stack. applications without tokenization, access-control policies can
be written into the blockchain to manage access privileges
1) Providing Access Control Through Blockchains: Re- and detect malicious activity. This is the solution proposed
cent research has seen several proposed solutions for enforcing in [86], where the authors use local blockchains connected
access control policies in the IoT without relying on a third to a public overlay blockchain. Access privilege decisions
party service. Blockchains have the potential to improve the are stored within the blockchain which makes them publicly
availability of security infrastructure for the IoT. Solutions verifiable, and thus it becomes easy to detect unauthorized
like [151] provide a secure public key infrastructure that is access attempts. Ali et al. [114] further that idea by dropping
more fault tolerant than centralized solutions. The authors of any transactions being issued from an anauthorized adversary,
[152] propose a multi-layer blockchain framework, where data or by removing the adversary from the blockchain network
storage and access control are performed in separate layers. altogether. The challenge in developing public blockchains
The three layers in this framework are: (i) a blockchain- without tokenization is the fact that the network becomes open
based decentralized data storage where users with specific to Sybil attacks, where users can launch a DOS attack by
blockchain address can store their IoT data; (ii) a messaging issuing smaller amounts of empty transactions with multiple
stream to enable access negotiations between two parties; (iii) blockchain addresses. To avoid Sybil attacks, the authors
access control mechanism for participants of varying roles. propose enforcing global policies for participation in the
Data stored on the blockchain is encrypted which only the blockchain.
participants with access privileges can decrypt.
Shafagh et al. [104] propose an blockchain-based access
Zhang et al. [100] introduce a tokenized approach to per-
control solution for data stored in off-chain Decentralized Hash
forming access control in the IoT through blockchains and
Tables (DHT). The blockchain in this solution stores access
smart contracts. The main idea in the paper is to develop
privileges for different users for any stored data in the DHT.
a blockchain-based e-business model where users can use
DHT nodes lookup the blockchain records to make access
custom cryptocurrency to buy temporary access privileges for
control decisions.
physical or digital assets. In the case of accessing Alice’s IoT
data, Bob can buy the custom IoTCoin cryptocurrency, pay 2) Maintaining Data Integrity Through Blockchains:
Alice with an agreed upon amount, and receive the key to To launch a modification attack in a blockchain-enabled IoT
decrypt and access Alice’s data for a limited period of time. architecture, an adversary would attempt to alter the records
Another tokenized approach to access control is outlined in in the blockchain, or create false blocks in the blockchain,
[102], where users are assigned different roles, and access either containing false transactions, or censoring transactions
control policies written into smart contracts can be used to that have occurred. This is near impossible in public imple-
grant or revoke access privileges for an IoT user’s data. mentations of the blockchain, where canonical records of the
Similarly, [153] and Enigma [103] store chunks of encrypted blockchain are maintained by means of distributed consensus.
data in the blockchain and uses a tokenized approach and smart This further makes the case for decentralizing the IoT using
blockchains, since properties inherent to the blockchain pre-
vent attacks that compromise data integrity [162].
všŒ or µšZ}Œ]Ì]vP vš]šÇ Biswas et al. [156] propose a blockchain-based smart city
‰‰o] š]}v solution whereby the integrity of the stored data is guaranteed
dŒ v•‰}Œš ^ µŒ]šÇ through the blockchain’s inherent immutability features. The
E šÁ}Œl ^ ŒÀ] solution proposed uses an Ethereum blockchain with smart
š >]vl contracts to define programmability on top of the decentralized
blockchain records.
Dorri et al. [86] use a multi-tiered blockchain framework to
o] } maintain a record of chunks of IoT data stored in the cloud.
‰‰o] š]}v ‰‰o] š]}v The public overlay blockchain in this solution uses hashing
dŒ v•‰}Œš dŒ v•‰}Œš to maintain an immutable record of the stored data chunks in
E šÁ}Œl E šÁ}Œl the cloud. Similarly, [114] use the blockchain to store hashes
š >]vl š >]vl of IPFS files that contain IoT data. Since files in IPFS are
content-addressed with their hash, the contents stored in IPFS
Fig. 4. Security Mechanism Architecture in IoT. are tamper-proof.
TABLE VI
B LOCKCHAIN - BASED M ECHANISMS FOR I OT S ECURITY IN R ECENT R ESEARCH
General Areas for IoT Security

Proposed Solutions Main Feature Used
Through Blockchains
Axon et al. [151] Blockchain-based PKI
Hashemi et al. [152] Separate blockchains for data storage and access control
Zhang et al. [100],
Tokenized access privilege for off-chain data
FairAccess [102]
Access Control Novo et al. [153],
Tokenized access privileges for on-chain data
Enigma [103]
Capchain [154] Smart contract functions for access control
Hamza et al. [155] Overlay blockchain for access control in big data
Dorri et al. [86] Access control policies written in block headers
Ali et al. [114] Access control policies for IPFS files written in smart contracts
Shafagh et al. [104] Smart contracts for access control for data stored in DHT
Biswas et al. [156] Tamper-proof blockchain records
Dorri et al. [86] Multi-layered blockchain maintaining records of cloud-based data
Ali et al. [114] Sharing keys in blockchain transactions for IPFS content addressing
Enigma [103],
Tamper-proof blockchain records of data stored in DHT
Data Integrity Shafagh et al. [104]
Liu et al. [128] Blockchain-based querying for verifying integrity of cloud-based data
Yang et al. [157] Blockchain-based reputation system for credibility of incoming messages
Lee et al. [158] Blockchain transactions for propagating updates to embedded devices
Steger et al. [159] Making software updates available to smart cars using overlay blockchain
Boudguiga et al. [131] Storing software updates in the blockchain for IoT devices
Axon et al. [151] Blockchain-based PKI
Aitzan et al. [80] Distribution System Operators (DSOs) to maintain blockchain addressing
Alphand et al. [160] Smart contract security policies, with OSCAR security model
Cha et al. [87] Gateways for enabling interactions between blockchain-connected BLE devices
Confidentiality
Dorri et al. [86] Encrypted data shared with participants over multi-layered blockchain architecture
Ali et al. [114] Encrypted IPFS file hash shared with participants over public blockchain
FairAccess [102] Access privileges granted with signed cryptocurrency transactions
Hardjono et al. [113] Permissioned blockchains for commissioning IoT resources
Alphand et al. [160] Blockchain-based fault tolerance for authorization model
Chakraborty et al. [161] Connecting IoT devices via nodes of a fault-tolerant blockchain network
Availability
Ali et al. [114] Transactions for IPFS file access over public Ethernet blockchain
Bahga et al. [130] Smart-manufacturing devices connected to a blockchain network
Enigma [103] and Shafagh et al. [104] propose data storage system which decides the credibility of the messages received
solutions based on Decentralized Hash Tables (DHT) and based on the reputation of the sender.
immutable blockchain records. Data requests go to DHT Secure software updates for the IoT by applying blockchains
nodes while the blockchain ensures integrity of access control in IoT is receiving research attention. In [158], embedded
policies and the stored data itself. IoT devices receive secure firmware updates in a blockchain
A blockchain-based data integrity service is outlined in network. The proposed scheme uses peer-to-peer technology
[128], where query-based integrity checks can be performed for delivering firmware updates and ensures the integrity of
without third-party verification. Here, the blockchain is used the firmware installed in embedded devices. Steger et al. [159]
as an added layer for providing security and integrity to data is a proof of concept for secure software update distribution
objects stored on the cloud. Issuing queries and verifying the in smart vehicles, using a tiered blockchain architecture for
blockchain records are used to detect any loss of data integrity. scalability. The authors use the multi-layered architecture from
Yang et al. [157] proposed a blockchain-based credibil- [86] and propagate software updates securely to the vehicles
ity assessment mechanism for the Internet of Vehicles. The without compromising integrity. Similarly, Boudguiga et al.
proposed solution consists of a blockchain-based reputation [131] use permissioned blockchains to store software updates
within transactions, so IoT devices can receive updates in a based PKI.

secure, peer-to-peer fashion.
4) Improving IoT Availability With Blockchains: The
3) Ensuring Confidentiality Through Blockchains: The proposed blockchain-based security solutions discussed above
blockchain has inherent addressing involving public/private provide improved availability in the IoT by decentralization
key pairs, therefore, blockchain-based applications have built properties inherent in blockchains. Solutions that provide
in authorization and confidentiality features since each trans- on-chain data storage have built-in features for availability,
action is signed by the issuer’s private key. Axon et al. since there are no central points of failure. Off-chain storage
[151] leverage a blockchain-based PKI to manage IoT devices. solutions have improved availability its interaction records,
They used smart contracts that issued commands to the IoT however the availability of the stored data is dependent upon
devices using their blockchain addresses. These commands the off-chain storage mechanisms used. Here, we will discuss
range from changing working policies, to recording energy some of the proposed solutions that have unique design
usage information onto the blockchain. elements that add to the availability of the IoT. Alphand
Aitzan et al. [80] propose a confidentiality solution for et al. [160] demonstrate a blockchain-based authorization
energy transacting smart grids. The aim is to not only keep mechanism for the IoT with a higher degree of liveness
the information shared between two parties confidential, but due to the inherent features of the blockchain, paired with
to also hide the identity of the energy producers. In this the OSCAR (Object Security Architecture for the IoT) [163]
regard, the authors suggest a mechanism for generating and security model.
altering blockchain addresses for the energy producers, so as Chakraborty et al. [161] proposed a multi-layered
to hide the producer’s identity altogether. The solution does not blockchain solution to handle security issues with resource-
aim for absolute decentralization because it uses Distribution constrained IoT devices. The nodes in the lower layers are
System Operators (DSOs) to manage security among the resource-constrained IoT devices that are incapable of enforc-
producers and consumers as an automated intermediary. ing security policies, while the higher layer nodes are devices
Alphand et al. [160] proposed a solution which is a platform with higher computational and storage capabilities. The lower
for IoT security management. It is built on a blockchain layer devices communicate with eachother via the higher layer
that enforces authorization policies and maintains interaction nodes. Since the higher layer nodes are in a blockchain net-
records, and the OSCAR (Object Security Architecture for work which has inherent decentralization and fault-tolerance
the IoT) [163] security model, using a group key scheme. properties that guarantee liveness of the solution. Ali et al.
The authors use OSCAR to set up authorized multi-signature [114] also use a multi-layered blockchain approach, as well as
groups, and the blockchain for flexibly setting authorization smart contracts to provide access control functionality. For IoT
rules and maintaining an immutable records of all access data storage, they use IPFS as an off-chain storage platform.
events. At the upper tier they use a public Ethereum blockchain, which
Cha et al. [87] use an Ethereum blockchain to maintain con- has ensured availability considering the thousands of Ethereum
fidentiality between IoT gateways. The gateways are designed nodes that are live at any given moment of time. At the same
to manage BLE devices like wearables and smart factory time, the off-chain storage IPFS provides further availability
devices. The gateway manages the connected BLE devices since IPFS itself is a decentralized storage medium and has
and interacts with them using smart contracts, on behalf of multiple peers live in perpetuity.
the user. The gateway maintains information pertinent to the Bahga et al. [130] has IoT devices with blockchain ad-
devices and all interactions with the IoT remain confidential dresses in a blockchain network. The aim is to develop a
under blockchain-based signatures. blockchain-based manufacturing and smart factory system.
Multi-tier solutions like [86] maintain access control poli- Since each device is on the blockchain, users can issue man-
cies within the blockchain header, while all users with access ufacturing commands directly to the devices as transactions.
privileges receive encrypted chunks of data from the off-chain These transactions can range from on-demand manufacturing,
data storage mechanism. [114] is a similar multi-tier solution to machine diagnostics, to supply chain tracking. The authors
that uses IPFS as the off-chain storage mechanism. Whenever present a machine maintenance and diagnostics use case. The
a data requester is granted access to IoT data stored in an decentralized nature of connected devices help the network
IPFS file, they are given the key to accessing the file. The key stay live in the event of multiple faults in machines, and in
is encrypted using the requesters public key, which only the the event of a fault, the remaining live devices can report it.
requester can decrypt, thus confidentiality is guaranteed using
blockchain-based PKI. C. Industry Solutions for Blockchain-Based IoT Security
FairAccess [102] uses a tokenized approach where issuing Security in the Internet of Things is already being addressed
transactions with a custom cryptocurrency allows access priv- by startups using blockchain. SmartAxiom18 , for example,
ileges to a user’s IoT data. These access granting transactions proposes an edge-oriented software based on blockchain tech-
are signed with the requester’s private key, therefore granted nology, for the identification and authentication of devices, as
and revoked access privileges remain confidential. [113] is an well as data integrity and privacy. In logistics and supply chain
approach for commissioning cloud-based IoT resources. It uses use cases, blockchains can be used to provide secure logistics
a permissioned blockchain, and all data transferred to and from
a commissioning party are kept confidential under blockchain- 18 http://www.smartaxiom.com
information to clients [164]. For example, BlockVerify19 is a where users are not involved, devices authenticate themselves
company focused on providing anti-counterfeit measures for with tokens or security certificates. Furthermore, in many
their clients. Filament20 , a blockchain startup is making strides cases, the protocols used in IoT do not necessarily fit the
towards IoT security through blockchains, and has recently TCP/IP stack. Over the course of the development of IoT,
developed a “blocklet" chip for Industrial IoT devices that certain protections have been put in place to prevent identity
connects them to blockchain networks. abuse. OAuth 2.0 [173] is an open authorization framework
that has been widely used for IoT applications. OAuth uses
D. Summary and Insights tokens to grant or revoke access to specific online applications.
Despite its merits in managing IoT device identities, the
Immutable records and distributed consensus are inherent
common issue of traditional identity management solutions
virtues of blockchains that secure cryptocurrency networks
is the lack of guaranteed trust and reliance upon third party
against an array of security threats such as DDoS attacks,
authorizing entities. In the case of OAuth, this is the Autho-
modification attacks and double spending. This section out-
rization Server, that controls the issuance and revocation of
lines recent research efforts carried out in leveraging the
tokens.
inherent features of blockchains to provide security to the IoT.
For current identity management protocols in the IoT, inter-
Table VI categorizes recent blockchain research publications
operability is an ongoing challenge. Interoperability becomes
by the areas of IoT security that they address, to illustrate
difficult in the presence of multiple protocol options, cross-
how blockchains prove to be beneficial in IoT security. These
platform architectures, and variations in semantics and confor-
areas include access control, data integrity, confidentiality,
mance. Traditional centralized naming systems like DNS do
availability and secure software update propagation.
not serve the IoT well, and IoT identity management systems
need to cope with the unique and inherent requirements of
VIII. I OT I DENTITY M ANAGEMENT T HROUGH the IoT while managing the identities of a huge number of
B LOCKCHAINS heterogeneous devices.
Since the inception of IPv4 in the 1980’s, the serious
issue of its addressing scalability was not considered and
has recently run out of IP addresses to be assigned to IoT B. Blockchain-Based ID Management for IoT
devices. The new IPv6 provides a theoretical maximum of A blockchain-based IoT ecosystem would provide identi-
3.4 × 1013 IP addresses. This vast address space enables fication for every device, that can be used as a watermark
the IoT’s explosive growth, yet from a security perspective, over all the transactions a device makes. The IoT, and as
managing the identities of IoT devices and users remains a an extension, the Internet, can benefit greatly by blockchain
critical challenge. While IPv6 allows for every IoT device to identity management solutions. The most pronounced benefits
have a unique identifier, the widespread usage of proxies and are distributed trust and security since blockchains render
DHCP can hinder accountability and interoperability between centralized authenticating servers irrelevant.
devices. While multiple startup companies have identity manage-
In IoT, devices have relationships with real persons as well ment applications in varying stages of development, proposed
as with other devices. Devices can have a change of ownership solutions have emerged in recent research publications for
from person to person, and different people can have access managing identities of connected devices in the IoT. [151]
to a device at varying amounts of time. Identity management highlights the potential benefits of PKI without single points
involves processes related to authentication and authorization, of failure by using blockchains. This study demonstrates
that are necessary to prevent usage without access privileges. varying levels of privacy-awareness that can be achieved with
blockchain-based PKI.
A. Traditional Identity Management Mechanisms in IoT The authors of [81], [165] and [166] propose identity man-
agement systems based on blockchains for transacting energy
In the traditional Internet, identity management solutions
systems. Table VII details the technique these solutions use
such as SAML [171] and OpenID [172] incorporate authen-
for identity management. Applications like these contribute to
tication methods, to prove identities and to provide secure
the vision of an open model energy sharing system, and to the
channels. Open ID and SAML provide a decentralized method
goal of developing smart grids with renewable energy.
for authentication, but do not enable two parties to engage
In [167], the proposed solution for hosting IoT devices
without an authorizing third party. A SAML or OpenID
on the cloud calls for identity management, and the authors
identity provider is required so that users can sign up for online
detail their findings on performance analysis in blockchain
services. While there is no single central authority for OpenID
deployment over IBM Bluemix. They use blockchain-based
or SAML, third party identity providers perform authentication
addressing to host virtual IoT resources, that users can transact
and therefore, users are mandated to place their trust on third
with using their specific blockchain address. Kravitz et al.
party entities for authentication.
[168] use permissioned blockchains to propose a solution
Classical mechanisms for authentication (user ID and pass-
for distributed identity management. Since all participants in
word combinations) often do not work in the IoT. In cases
a permissioned blockchain have to be known, a participant
19 http://www.blockverify.io/ makes their identity known and linked to their blockchain
20 http://www.filament.com address, which can then be used for IoT interactions. This
TABLE VII
B LOCKCHAIN - BASED I DENTITY M ANAGEMENT M ECHANISMS
Mechanisms/Frameworks Main Identity Management Technique Anonymity

A privacy aware blockchain-based PKI [151] Blockchain-based PKI Pseudonymity
Blockchain-based multi-signature transacting system [81] Multi-signatures and anonymous message streams Anonymity
Blockchains for managing energy systems [165] Pseudonymous blockchain addressing Pseudonymity
ID management on blockchain for energy system [166] Federated identities or user-centric identities Hybrid
Blockchain for hosting IoT edge devices [167] Blockchain addressing for software-defined IoT resources Pseudonymity
Permissioned blockchains for securing identities and transactions [168] Permissioned blockchain addressing None
Blockchain-based platform for managing IoT devices [169] Ethereum smart contracts for maintaining identities Pseudonymity
Blockchain identities as a service [170] Blockchain identities for authentication Pseudonymity
Cryptocurrency smart cards (CCSC) for identity [129] Smart cards developed on the JC3.04 standard platform Anonymity
does not allow for anonymity, but for specific enterprise- independent of tokens, certificates or IP addressing and instead
level IoT applications, it is a viable decentralized identity rely on blockchain addressing that has tamper-proof logging
management mechanism. Huh et al. [169] implemented an for every interaction a specific address is involved with.
identity management system for interconnected devices using Apart from identity management specifically for the IoT,
Ethereum smart contracts. They implement smart contract companies are endeavouring to create blockchain-based iden-
programmability for managing keys in a fine-grained fashion. tity management systems in the healthcare domain. Here, the
Lee et al. [170] propose a blockchain-based identity and main use of the blockchains consists in providing decentralized
authentication management system for mobile users as well data repositories where all kind of sensitive information (e.g.,
as IoT devices. Their proposed solution involves generating personal data, Electronic Health Records (EHR), Protected
and maintaining blockchain identities as a service, without any Health Information (PHI) etc.) can be stored in a secure
considerations for interactions or communications through the and private way, with total control of the owner, following
blockchain. The blockchain-based identities in this case are strict standards, such as the Health Insurance Portability
only meant for decentralized authentication purposes. Urien et and Accountability Act (HIPAA) [177] o the European Data
al. [129] propose a unique identity management solution for Protection Directive 95/46/EC [178]. However, since these
a blockchain-based IoT. They developed cryptocurrency smart consolidated, secure and trusted user/patient records repre-
cards (CCSC) based on javacard secure elements. The smart sent also a valuable asset, companies are creating virtual
card, developed on the JC3.04 standard platform provides marketplaces engaging external stakeholders (e.g., research
improved security compared to 32 byte keys typically used institutions, pharmaceutical companies). In this way, users can
in blockchain networks. anonymously trade their personal information in exchange for
rewards. This is the case, for instance, of DocAi23 , a platform
C. Blockchains for IoT ID Management in Industry focused on collecting personal information at large scale,
in order to build predictive machine learning-based models
Identity management is a challenge being actively worked
for health analytics, with strict access control policies. Also,
upon in blockchain research and development. Early con-
GemOS24 is using blockchain to consolidate personal data
tributions like Namecoin Kalodner et al. [174] aimed to
from several sources, allowing the user/patient to securely
provide a distributed domain naming system for the Internet
store and share their information, meeting HIPAA compliance.
using blockchains. Several startups are developing solutions
for blockchain-based identity management for online entities,
including IoT devices. ShoCard [175] is an identity verification
platform built on a public blockchain, where users can verify D. Summary and Insights
their blockchain ID simply by passing their card over a sensor.
This section outlines identity management for the IoT using
Thus, ShoCard provides an identity solution for humans by
blockchain-based solutions. We discussed different proposed
leveraging IoT and blockchains. A startup that aims to provide
identity management solutions from recent research, with
identity management for IoT devices is Uniquid [176], a
varying degrees of anonymity and multiple key techniques for
platform for access and identity management for devices,
managing IoT device identities. Table VII enlists the afore-
cloud services, and humans. Furthermore, Chronicled21 is a
mentioned research outcomes against the techniques used for
company that is using the IoT and blockchain to provide digital
addressing and managing IoT identities. These techniques in-
identity to physical products, while Riddle and Code22 offers
clude simple blockchain addressing, as well as multi-signature
its own hardware and software stack to provide any physical
transactions and identity management through smart contracts.
object with a unique tamper-proof identity. These solutions are
21 https://chronicled.com/ 23 https://www.doc.ai
22 https://www.riddleandcode.com 24 https://gem.co
TABLE VIII
DATA M ANAGEMENT S OLUTIONS W ITH T RADITIONAL I OT I NFRASTRUCTURE .
Framework/Mechanism Heterogeneity Integrity Architecture Storage

Service-oriented data management framework [179] X X Centralized Local/Cloud
A data-centric framework for deploying IoT applications [180] × × Partially Decentralized Cloud
Gem: A large-scale object-based storage platform [181] × X Partially Decentralized Cloud
An architecture based on IoT to support mobility [182] × X Centralized Local/Cloud
Large data management in IoT applications [183] × × Centralized Cloud
A storage solution for massive IoT data based on NoSQL [184] X × Partially Centralized Cloud
Frequently Updated, Timestamped and Structured (FUTS) framework [185] X × Centralized Cloud
Efficient storage of multi-sensor object-tracking data [186] X × Partially Decentralized Cloud
A unified storage and query optimization framework for sensor data [187] × X Partially Decentralized Local/Cloud
IoT data management methods for publish/subscribe services [188] X X Partially Decentralized Cloud
TABLE IX
P ROPOSED B LOCKCHAIN - BASED DATA M ANAGEMENT S OLUTIONS FOR THE I OT IN R ECENT R ESEARCH
Framework/Mechanism Heterogeneity Integrity Architecture Storage

Framework for drone data management using blockchains [189] X X Partially decentralized Cloud/On-chain
Blockchain-based auditable data storage and sharing framework [104] X X Decentralized Cloud
MedRec [190] × X Decentralized Local/On-chain
FairAccess [101] X X Decentralized Off-chain
Lightweight scalable blockchain for IoT [86] X X Decentralized Cloud/off-chain
Enigma [103] X X Decentralized Off-chain
Decentralized personal IoT data protection using blockchains [110] X X Decentralized Off-chain
A blockchain-based big data access model [155] X X Decentralized Cloud/off-chain
Sapphire [191] X X Partially decentralized Cloud/off-chain
IoT data privacy through blockchains and IPFS [114] X X Decentralized Off-chain
Data integrity verification service [128] X X Partially decentralized Cloud/off-chain
Managing Oraclize data with Ethereum [192] X X Decentralized Off-chain
IX. B LOCKCHAINS FOR I OT DATA M ANAGEMENT A. Data Management Solutions for Traditional IoT
Here, we survey some of the recent data management
solutions IoT based on the current IoT infrastructure and
Research challenges in IoT remain open for storing and highlight the gaps where blockchain can be put to use to
handling data produced by smart objects which surpass the provide data management services required of the IoT. Data
human population. Recent research efforts have attempted to management solutions based on the current IoT infrastructure
develop frameworks and mechanisms to manage the sheer generally follow a design trend where IoT data is handled in
volume of data generated in the IoT. a centralized fashion. The table highlights whether the data
Data management in the IoT involves online data ag- management frameworks have in-built measures for ensuring
gregation while providing event logs, auditing, and storage, data integrity and for catering to the heterogeneity of IoT data.
for offline query-processing and data analysis. Thus, data Centralized solutions based on the current IoT infrastructure
management systems are required to have live dual operations range from service-oriented [179] to data-oriented [180] ap-
in communication as well as storage. Any data management proaches, as well as from being able to handle large amounts
system for the IoT should be able to abstract complex se- of data [181], [183] to handling mobility in IoT data [182].
mantics for high-level IoT applications since unprocessed Despite their merits, the problems seen in these centralized ap-
IoT data faces non-uniformity and weak semantics [193]. proaches is that they do not simultaneously provide guarantees
In many IoT architectures, semantic processing for data is for data integrity and trust in handling heterogenous IoT data,
done via middleware, a layer considered between network as seen in Table VIII. Data management solutions based on
and application layer [194]. In addition to this, many IoT the Frequently Updated, Timestamped and Structured (FUTS)
application domains are time-critical, therefore processing IoT framework [185] handles timestamping for data generation
data in a timely manner is important while considering the events, but are heavily centralized. The common factor among
constrained capabilities of IoT devices. these data management solutions are that they do not have
inherent features that provide a layer of security and trust that architecture for providing IoT data storage. In this solution,
is necessary in handling IoT data. private blockchains connected to an overlay public blockchain
Some data management solutions for the traditional IoT use cloud-based solutions for storing and retrieving blocks.
infrastructure suggest a partially decentralized approach by The proposed architecture in [114] uses the IPFS distributed
using clusters of distributed database services [184] [186]. storage mechanism to store IoT data, while the hashes of
In [184], the authors leverage NoSQL databases for storing stored IPFS files are recorded in the blockchain. IPFS files
heterogenous IoT data and for different types of querying for are addressed using the hash of the file itself, so data integrity
IoT data. As a similar approach in using distributed storage, is ensured.
[186] uses an HDFS cluster, which does increase the scala- FairAccess is a multi-layered framework that focuses on
bility of handling IoT data, but does not provide guarantees privacy, reliability and integrity in its design as a blockchain-
of tamper-resistance. Another partially decentralized approach enabled IoT architecture [102], [101]. Fairaccess has transac-
with similar shortcomings is to use sub-servers to enable tion definitions for granting and revoking access to users’ IoT
better scalability [187], [188]. These solutions do address the data, for decentralized access control. For storage, FairAccess
bottleneck of centralized data management systems, but they adds a separate storage layer where data is stored in off-chain,
do not guarantee liveness equivalent to a blockchain network, decentralized storage systems.
and they do not provide trustlessness in data management for Enigma [103] utilizes a network of nodes running a DHT
the IoT. for storing IoT data in off-chain storage spaces. The data
is accessible via the blockchain, with access-control policies
written into the blockchain. The difference between Enigma
B. Proposed Blockchain-based IoT Data Management Solu-
and the solution proposed in [104] is that the latter uses key-
tions in Research
value pairs, where the key is the user ID and the value is the
While latency and scalability remain an open challenge encrypted chunk of data.
for data storage within blockchains, using blockchains to In [191], the authors propose a blockchain-based storage
design data management frameworks for IoT has the benefits system called Sapphire, built on smart contracts for IoT ana-
of globally enforced data integrity and a non-dependence lytics. In Sapphire, data from IoT devices is stored as objects
on semantics for logging IoT data creation events. With with attributes that can be queried for analyzing specific
distributed storage mechanisms like IPFS working alongside application data. Sapphire parallelizes smart contract execution
blockchains, the bulk of IoT data can be stored off-chain, while over the computational power available to it through varying
maintaining immutable logs and links to the data within the IoT devices. The benefit of this is more readily available
blockchain. Blockchain-based solutions are envisioned to be at analytics on IoT data without extensive IoT data transfer.
least partially distributed, where the IoT data of users is kept Sapphire has multiple roles for different IoT devices (super,
private and secure, without third-party handling for service regular and light) that classify nodes based on their capabilities
provision. and constraints. Light nodes have low computational and
Multiple works in recent research leverage on the main storage capabilities and do not host a complete copy of
blockchains features to improve data management for the IoT. the blockchain, and instead simply issue transactions to the
[189] leverage the immutability and auditability of blockchain blockchain maintained by the super and regular nodes.
records, while storing collected data from drones using tradi- Missier et al. [192] propose using the Ethereum blockchain
tional cloud service. While the storage of data itself can be for securely transferring IoT data stored in Oraclize25 . Retriev-
made decentralized using distributed databases, the main ben- ing IoT data from Oraclize through broker accounts on the
efit the blockchain brings here is guaranteed tamper-proofing Ethereum blockchain carries with it extra transaction costs.
and data integrity. Researchers at CSIRO Australia propose a data integrity
Similarly, [104] leverage auditability of blockchain records service powered by blockchain [128]. The service provides
to facilitate sharing of stored data without authorizing interme- querying to verify the integrity of IoT data stored in the cloud,
diaries. Their proposed solution is built on three layers, which without the need for a third party to perform any verification.
are: (i) a cloud data storage based on off-chain Decentralized
Hash Tables (DHT); (ii) an access control blockchain-based
mechanism for the IoT data stored in the DHT, and (iii) the C. Blockchains for IoT Data Management in Industry
IoT-edge devices. DHT nodes query the blockchain for access
The startup Datum26 , offers a platform based on a NoSQL
privileges when it receives a data request.
database backed by a blockchain ledger that provides high
Azaria et al. [190] propose a framework for storing medical
performance data handling for the IoT. Datum leverages the
records, using blockchain solely for maintaining records and
programmable logic of Ethereum smart contracts, and dis-
querying, while using existing IoT data storage mechanisms
tributed storage platforms IPFS and BigchainDB. The platform
for hosting IoT data. Approaches that keep storage responsi-
aims to deliver secure and anonymous storage of structured
bilities off-chain greatly reduce the storage requirements for
data from social networks and IoT devices such as wearables
hosts that maintain full copies of the blockchain.
and smart homes.
Similar solutions with off-chain storage hold the most
promise towards a distributed data management mechanism 25 https://docs.oraclize.it/
for the IoT. [86] is a multi-tiered cloud-blockchain hybrid 26 https://www.datum.org
D. Summary and Insights offering their data to the platform owners to compensate for
At their core, blockchains are distributed databases with their deployment costs. Similarly, the cloud platform can offer
distributed consensus on the new entries added to them. In their processing and storage services to consumers without
contrast to traditional data management solutions, blockchains having to worry about the hardware deployment costs of the
have inherent features for guaranteeing fault tolerance, and gateway and the end-devices. This is how we can comprehend
for eliminating the need to trust a central or third party the IoT business model as an ecosystem as defined by [208].
entity. However, simply using public blockchains as distributed
databases is not a viable solution for the IoT, because IoT A. Monetization in Centralized IoT
applications generate high volumes of traffic and are often
time-critical. Therefore, there is room for developing data The types of vendors in the IoT business models can be
management solutions for blockchain-based IoT frameworks. classified into four categories namely software vendors, hard-
Table VIII outlines solutions that were targeted towards ware vendors, end-to-end service providers and connectivity
centralized cloud based techniques, and Table IX contains providers. The hardware vendors sell devices and gateways as
blockchain-based frameworks for managing IoT data. For well as add-on modules for different IoT use-case applications
blockchain-based decentralized approaches, recent research like smart grid and smart city among others. On the other
contributions propose solutions that include high throughput hand, software vendors offer services that run on the back-
record-keeping in private blockchains, and off-chain data end of the system on the cloud platforms and gateways pri-
storage solutions with management functions assigned to the marily involving management of data and devices along with
blockchain. From recent research efforts, we also gain insight processing and analysis of data. End-to-end providers offer all
on how blockchains can be used to ensure data integrity and the components in the IoT architecture from the end-devices
transparency in applications that require auditable records. to the cloud platform thus relieving the consumer of the
underlying complexity of device-cloud connectivity. Finally,
the connectivity providers offer modules for communication
X. M ONETIZATION OF I OT D EVICES OR I OT DATA among the different tiers of the IoT architecture leveraging
The Internet of Things ecosystem has grown leaps and various communication standards including BLE, LoRa, and
bounds in the technological context with the recent advances NarrowBand IoT among others. Thus, an end-to-end provider
in this field. However, the extension of the IoT ecosystem can serve as both the software vendor and the hardware vendor.
from being valued as a technology platform to being valued Moreover, the hardware vendor for the devices might deliver
as a business model faces quite a few challenges. These chal- connectivity as well serving multiple sides of the market along
lenges include the lack of standardization and interoperability the lines of the service model illustrated by [209]. A list of
among different vendors, which acts as a barrier to large-scale IoT vendors is depicted in Table X with their corresponding
implementations. The unstructured nature of the architecture vendor types. The presence of a specific vendor in multiple
also plays a key role, making it cumbersome to define roles rows can be comprehended as a multiple-side provider of the
and pertinent business policies in the IoT ecosystem. market [210].
Few articles in the existing literature have attempted ad- Other than the business models mentioned above, the mon-
dressed this problem. [208] proposes an ecosystem-based etization of data plays a key role in the IoT ecosystem in
business model instead of a firm-based business model. The the form of data-ownership and sharing. The data generated
ecosystem business model takes into consideration the overall by the IoT devices is usually context-rich in nature and
values of the entire IoT ecosystem instead of fragmented thus can be valuable to vendors. On the other hand, the
individual values of the different roles or actors in the ecosys- data shared along with its context can lead to exposure of
tem. Understanding the relationships between entities in the personal data especially in use-case applications like smart
ecosystem is such a holistic way leads to an evolution in health and domotics. A survey conducted by Fortinet [211] on
how the business model is designed. On the other hand, [209] data privacy concerns among consumers in the smart home
defines the IoT business model as a multi-faceted market scenario, depicts a majority of the respondents consider data
where the different entities involved in the ecosystem can serve privacy to be a sensitive issue while also expressing a desire to
multiple sides of the market and play multiple roles in the have control on their own data and the flow of data to different
business model. entities. Perera et. al [212] has laid out the privacy challenges
The IoT ecosystem can be perceived as a three-tier archi- involved in this context which include user content acquisition
tecture, which involves the data producers in the form of the over data-sharing as well as control and customization of the
end-devices or the ‘Things’, connecting to IoT gateways which content being shared.
in turn relay the data to the highest layer, the cloud platforms Two business models are prominent in this scenario, first,
which act as data consumers processing and analyzing the where the owner of the data offers their data in exchange
data for gathering meaningful information. The roles in this of services offered by a third party provider or the owner
architecture can be defined as the following, the device owner pays to keep his data protected while using the same services.
and gateway owner deploying the end devices and the gateway These models rely on analytics to sell IoT data for targeted
respectively followed by the cloud platform owner responsible advertisement. These business models do not provide client-
for offering services on their platform. This model ensures that side services therefore users willingly surrender their data to
the device and gateway owner can deploy their hardware while third-party service providers. Users are not afforded ownership
TABLE X
I OT VENDORS AND SERVICE PROVIDERS .
Type of vendor/provider Vendor name

Hardware vendor Libelium[195], Huawei[196], Qualcomm[197], LG[198], Samsung[199], Cisco[200]
Software vendor Carriots[201], Cisco[200], Eurotech[202], IBM[203]
End-to-end provider Blueapp.io[204], Huawei[196], Carriots[201], Eurotech[202], Ericsson[205]
Connectivity provider Deutsche Telecom[206], Vodafone M2M[207]
of their data and do not have the option to monetize and benefit Samaniego et. al [214][167] use blockchains to host and
from their IoT resources. monetize software-defined IoT management resources, in an
effort to empower a decentralized IoT-edge. They demonstrate
high throughput of their proposed solution using permissioned
B. Blockchains for Monetizing the IoT blockchains for secure code distribution and immutable data
storage.
With these aforementioned challenges and business models,
blockchains offer a feasible solution to the problem, while 2) Peer-to-Peer Energy Trading Systems: Blockchains are
eliminating the need to trust third party service providers. Here being researched to develop a secure decentralized medium
we will discuss the recently proposed solutions specifically for energy trading between energy producers and consumers
in how they add monetization capabilities to the IoT through within a smart grid. Kang et al. [117] developed an architecture
blockchains. for data sharing in vehicular edge computing, where they
use consortium blockchains and smart contracts to enforce
1) Monetizing IoT Data and Resources: In existing rele-
access control for data transfer, and a reputation system for
vant literature, Shafagh et. al [104] propose a blockchain-based
data integrity. Furthermore, they use a pseudonymous address
decentralized data storage and sharing platform for IoT time-
management system to mask the identity of singular entities
series data with a secure access control management layer on
with multiple addresses. Updating pseudonyms boosts privacy
top of the storage layer. This technique uses access control
within blockchain networks, while maintaining security for
policies to grant and revoke access to certain data, in exchange
data transactions. Their further work [83], [84] involves using
for cryptocurrency. On the other hand, Xu et. al [191] devise
the consortium blockchain architecture for not only allowing
a model for the IoT end-devices to expose data analytical
data transactions, but also monetary transactions for energy
operations as a service on the blockchain instead of handing
trading in the IIoT and hybrid vehicle networks. Their ap-
over the raw data acquired. Enabling analytics on IoT data
proach to circumvent the waiting time for transaction finality
without compromising the users’ ownership of their own data
is to introduce a credit-based payment scheme, which enables
will encourage users to contribute to training machine learning
fast and secure energy transactions. Knirsch et. al [82] use
models for monetary incentives.
smart contracts and group signatures to preserve privacy and
Within the IoT ecosystem, an IoT data owner and a ser-
define varying tariffs in energy-trading smart grid applications.
vice provider can interact over a blockchain as transacting
Every transaction that occurs for energy trading involves a
participants without an intermediary. Firstly, the granularity
group signature, within which the identity of the producers or
of the data being shared is in control of the data owner with
consumers are concealed, in a k-anonymous fashion.
the use of smart contracts to define precisely the amount and
type of data to be shared along with the timespan. Secondly, The authors of [80][81] leverage the decentralization and
with the distributed ledger, the data owner can follow the data efficiency of consortium blockchains for energy transactions
flow among various entities on the blockchain. Moreover, with in smart-grid applications, and provide an off-chain anony-
the use of cryptocurrencies, the data can be monetized using mous messaging stream for energy consumers and producers
the blockchain as well. Xu et al. [213] enable a shared data to engage in negotiation. They apply context-aware address
economy by leveraging zero-knowledge schemes and privacy- updating to boost anonymity in negotiations and on-chain
preserving smart contracts. They have an negotiation functions transactions. Nehai et al. [215] suggest a blockchain-based
written into their smart contract, which can enable users to smart grid solution where the blockchain and smart contracts
exercise control over the extent of the data they are selling. manage peer-to-peer energy transactions between participants
[192] introduces the idea of sharing “data cubes," where IoT of a single smart grid. Any user preferences as well as terms
data is stored in Oraclize27 , and users can market their data to and conditions for the energy transfer is handled by the smart
potential buyers using broker accounts within the blockchain contract. Extended from this solution is the idea that several
network. [100] introduces an e-business model for IoT data smart grids will have their own governing blockchains for
using blockchains, where Decentralized Autonomous Corpo- energy transactions within them.
rations (DACs) defined within a public blockchain network Moving beyond payment systems for smart grids, the au-
engage in transactions involving IoT data and cryptocurrency. thors of [216] propose a blockchain-based solution for energy
sharing control and optimization. This solution is built on
27 https://docs.oraclize.it/ a blockchain-based decentralized optimal power flow (OPF).
The OPF is meant to perform scheduling for energy transfers, A. BlockDAG

power offloading in electricity distribution networks. Here, BlockDAG, as described in [218], is built on a data structure
smart contracts perform coordination tasks for optimum en- where blocks are organized in a DAG. Vertices in this DAG
ergy sharing scheduling. Optimal schedules are stored on represent a block, and the edges represent the multiple pre-
the blockchain, following which payments can take place viously published blocks each block is linked to. BlockDAG
autonomously without the need for a microgrid operator. does not aim to eliminate PoW mining or transaction fees,
however, it leverages the structural properties of the DAG
to meet the challenges related to the high orphan rates in
C. Startups Monetizing IoT Data Using Blockchains blockchains.
As previously discussed in Sec. II-B, orphan blocks are
From a business perspective, the use of blockchain is already
blocks published outside the longest chain because of prop-
being exploited within several domains like Social Networks,
agation delays in the blockchain network. Block creation
Artificial Intelligence, Identity, and Healthcare in order to
rates in public blockchains are kept constant to accommodate
monetize the user data. However, there are a few startups that
propagation speeds, and if the block creation rate is increased,
are focusing their efforts on the monetization of data generated
it increases the likelihood of orphan blocks being created. A
by IoT devices in particular, thus creating a domain not only
high orphan rate compromises blockchain security, because
interesting for research, but also for new business models. One
more honest blocks will end up outside the longest chain,
such startup is Slock.it28 , which is enabling smart-objects,
and will be discarded [219]. This artificial latency in block
including assets like houses or cars, to be directly rented,
creation hampers scalability, and it is worth considering that
thanks to the transparency and auditability provided by the
a DAG could perform better in dealing with forks.
blockchain, and Filament29 is developing a platform that
Forks are accounted for in a DAG-based ledger by having
enables IoT devices to directly transact and interact. In the
blocks reference all forks in the graph, instead of referencing
smart-grid sector, the information provided by IoT devices is
the top block in the longest chain. This allows for faster
also enabling new business models, such as Dajie[217] where
block creation rates and improved thoughput. As an added
IoT devices, backed by the blockchain, are able to monetize
benefit, weaker miners that publish blocks onto a smaller
energy and data.
fork are also rewarded. BlockDAG is purely a structural
alternative to the blockchain, and does not present a new form
of decentralized consensus. In [218], blocks being added on
D. Summary and Insights
different forks may contain conflicting transactions, therefore
The first use-case of blockchains as a replicated state it faces a scalability/security trade-off.
machine was to maintain decentralized records of monetary Further considerations need to be taken in blockDAG ap-
transactions. It makes sense that when integrated with the proaches to achieve consensus and avoid contradictions. The
IoT, blockchains can be used to enable innovated electronic blockDAG mechanism in [218], Spectre [220] and Jute30 allow
business models based on the IoT. The trends and perspectives contradicting transactions, but use sorting to maintain organi-
seen in recent literature show two basic areas for blockchain- zation. Braidcoin31 is a blockDAG approach that preserves
based monetization in the IoT: monetizing IoT resources, payment verification functionality by not allowing conflicting
and enabling energy trading within peer-to-peer smart grid transactions.
applications. In energy transaction systems, much of the focus
of the research is dedicated to providing privacy for energy B. TDAG Distributed Ledgers
producers and consumers, either through pseudonymous ad- Another approach is the TDAG, where the DAG is built on
dress updating, or smart contract functions. Blockchains are transactions instead of blocks. This solution effectively is not
being seen as a key to empowering IoT users, and allowing
30 https://github.com/Taek42/jute
them to exercise authority on their data as well as to profit
31 https://github.com/mcelrath/braidcoin
from their IoT resources.
XI. A LTERNATIVE A PPROACHES T OWARDS

D ECENTRALIZING I OT
To achieve scalability and higher throughput in application New

Block
domains such as the IoT, alternative approaches for distributed
record keeping are being worked upon. The main idea here is
to use directed acyclic graphs (DAG) instead of a singular
sequence of blocks, in order to improve the scalability of a
decentralized ledger.
28 https://www.slock.it Fig. 5. BlockDAG structure. Each block references the tip of the graph as
29 https://www.filament.com visible locally to the validator.
a blockchain, however, the projects working on this approach power, sufficiently strong computational resources will render
are worth mentioning. the tangle insecure. This is a problem in traditional proof-
IoT Chain32 , IOTA Tangle [221] and Byteball [222] are of-work blockchains as well, however, they provide a much
projects currently using TDAG for linking transactions to- greater degree of security through higher fault tolerance and
gether instead of blocks. The transactions recorded in these transaction fees. Furthermore, criticism of the IOTA Tangle by
platforms contain within themselves a Merkle-tree of previous MIT Media Labs have exposed cryptographic vulnerabilities in
transaction IDs. Validation of each transaction relies on con- IOTA [223], which the IOTA team has resolved by using SHA-
firmations from local peers, thus the waiting time for mining 3 based cryptography, instead of their proprietary Curl hash
is theoretically cut short. TDAG is seen to be a solution for function. In its early stages, there is a scalability/trustlessness
scalability in the IoT application domain. The TDAG structure tradeoff in using either a blockchain or the Tangle.
becomes wide with a high incoming rate of transactions and Hybrid approaches involving blockchains and TDAG
is not limited to linear processing as seen in most non-TDAG ledgers are also being researched for IoT applications.
blockchains. All new incoming transactions are linked to Most notably, the Virtualized Distributed Ledger Technology
multiple previous transactions, and each transaction is tasked (vDLT) as proposed by Yu et al. [224] is a framework for
with validating the previous transactions it is linked with, thus reaping the benefits of token-based transactions in traditional
transaction validation is fast and computationally efficient. In blockchains, as well as the high thoughput of TDAGs. In the
blockchains, simply adding new transactions and not bundling vDLT, different virtualized DLT functions (vDLTFs) can be
them in blocks is not scalable, since there would be a huge assigned to multiple ledgers under the same framework, there-
rate of orphan chains. This problem can be potentially solved fore, for functions that require security delivered by enforcing
using TDAGs. Transactions in a TDAG simply reference transaction fees, a vDLTF can access a traditional blockchain,
any parent transactions as visible locally to the transaction and for functions that require low latency transactioning, the
issuer. Subsquently, TDAGs outperform blockDAG approaches same vDLTF can access a TDAG through APIs written in the
since there is no waiting time for mining new blocks, and framework.
transactions can instantly obtain confirmations. Since trans-
actions reference multiple tips of the DAG, any forks in the
chain are effectively included in the DAG. High volumes of XII. I SSUES AND F UTURE R ESEARCH D IRECTIONS
incoming transactions will cause a TDAG to grow wider than
blockDAGs, thus making TDAGs more scalable. All in all, the blockchain is a powerful, though emerging
To accommodate smaller IoT devices, IOTA offers a light- technology. As a result, despite its major advantages, it is
client feature whereby IoT devices will not be required to facing multiple challenges in its development, as well as
store the entire Tangle. Another feature of the light-client in its adoption in the IoT. These challenges can be broken
is that IoT devices can simply sign transactions and an- down into three major areas: privacy-preservation, scalability
other participant can validate and add the transaction to the and utilizing blockchains in scenarios involving devices with
Tangle. Therefore, IOTA is well-suited to edge-centric IoT constrained capabilities. In this section, we will discuss these
solutions where micropayments can be made over machine- challenges, administrative trade-offs in public and private
to-machine communications since transactions do not incur blockchain implementations and future research directions
fees. Transaction finality in Byteball is deterministic, while in towards integrating blockchains in the IoT.
IOTA it is probabilistic and based on a Markov Chain Monte Indeed, blockchains provide extremely efficient auditability,
Carlo (MCMC) approach. IOTA is a token based decentralized however, having all of the data stored in a publicly acces-
ledger specifically aimed at facilitating IoT micro-transactions, sible blockchain creates privacy-related issues. Furthermore,
however Byteball is open to more use-cases, supports smart when dealing with blockchains, scalability is often a serious
contracts and defining assets with attributes. The degree of drawback. For instance, current public implementations of
privacy offered by IOTA remains unclear since all records in blockchains are capable of processing only 4-20 transactions
the Tangle are kept permissionless and publicly accessible, per second [225], [226]. Therefore, they do not scale well for
however in Byteball, assets can be made private [222]. applications involving heavy amounts of traffic, like an auto-
Despite the obvious potential benefits, criticisms of IOTA mated micropayment platform for the IoT. In the IoT space, the
include heavy centralization at the early stages of deployment. ideal distributed platform would support the following main
At the beginning, when there is a lower number of participants functionalities:
and incoming transactions, a central coordinator is needed to
• Trustless peer-to-peer M2M communication
prevent a 33% attack on the IOTA tangle. Hashing only occurs
• Decentralized access control
at the point of creation of each transaction, and a tampering
• Private-by-design file sharing
attack can be mounted with 33% of the network hashing
• Scalable security provision over multiple IoT use-cases
power. The coordinator will no longer be required only after
a significant growth of the network and the tangle will be In this section, we outline the implications of these chal-
decentralized at that point. Essentially, in the IoT, with hetero- lenges and open research opportunities for future research.
geneous devices having varying levels of low computational Fig. 6 is a graphical representation of the existing issues and
open research directions in the area of a blockchain-based
32 https://iotchain.io/ decentralized IoT.
than conventional signatures in blockchain transactions. This

Big Data + Privacy in
technique involves a group of nodes signing a transaction.
Machine Permission Blockchain
Learning for The generated signature serves as proof that a specific private
-less BC Scalability
IoT key belongs to one of the signing nodes while making it
cryptographically impossible to determine which node it is.
Distributed However, to use the same private key in multiple transactions
Open Constrained
SDN can reveal the user from within the group of nodes signing
Research IoT Edge
Control for Devices the ring transaction. Linkable ring signatures is an upgraded
IoT Directions
version, that does not use signatures with a private key, but
requires proof that the user is indeed part of the signing group
Blockchain Public/Private of nodes [237]. Linkable ring signatures and financial incen-
+ Cellular Blockchain
Networks Security tives together lay down the basis of file sharing applications
Standards Trade-offs that enable more anonymity than the current peer-to-peer file
for IoT
for Smart
Contracts sharing platforms like Bittorent [238].
Address mixing is a service that enables anonymity by
sending transactions from multiple addresses to multiple desti-
Fig. 6. Open research directions in decentralizing the IoT through
blockchains. nations [239], [240]. Mixing is essentially laundering transac-
tions within the blockchain network via intermediaries. While
having an intermediary compromises decentralization in the
A. Privacy In Permissionless Blockchains blockchain network, it is a viable technique for transacting
Blockchains in public networks like Bitcoin have stored with peers anonymously. Consider Alice with address A,
transactions associated with generated blockchain addresses, wants to transfer tokens to Bob, whose address is B. Alice
and all transaction records are visible to participants of the transfers her tokens to Charlie, who runs a mixing service.
Bitcoin network. These addresses are not linked to any real- Charlie uses varying token values over multiple addresses,
world identities, and users can carry out transactions on and signs transactions addressed to multiple destinations, one
multiple addresses, so as to avoid information leakage from of the destinations being B. Charlie transfers the amount
all of their transaction information having been stored against Alice intended to Bob, and the mixed addresses launder and
one address [227]. The privacy in these records is merely anonymize Alice’s transaction. An obvious disadvantage of
to the extent of “pseudonymity”, since account balances this service is having to place trust on Charlie, the inter-
and transaction records for specific public keys are publicly mediary. The intermediary can choose to be dishonest and
accessible [33], [228]. However, such open records can lead reveal Alice and Bob’s transaction history. An even more
to inferences revealing user information [229], and can even malicious breach of trust would result in Charlie never sending
be used to triangulate and track user’s IP addresses [123]. A the tokens to Bob in the first place. Mixcoin is a service
privacy breach can also occur by drawing inferences based on that attempts to mitigate malicious behavior while performing
graph analysis of the network of nodes a user transacts with address mixing [241]. Mixcoin adds accountability to detect
[230], [231]. In blockchain applications, the ideal solution for if the intermediary has in fact cheated, however, it offers
privacy would be a form of decentralized record keeping that no preventive measures. Another solution is to use multiple
is completely obfuscated and anonymous by design. pseudonym address management systems instead of singular
Towards developing privacy-preserving blockchain applica- pseudonymous addressing. Multiple pseudonymous addresses
tions, Zerocoin is a blockchain implementation purposely de- can be used to mask the identity of any singular participant in a
veloped to enable anonymization for peer-to-peer transactions blockchain network. So far, this is the most promising solution
[232]. In Zerocoin, transactions are unlinked from the source towards providing privacy, however, the more addresses any
of payment, hence preventing inferences via graph analysis. entity uses, the more complicated accountability becomes for
The transaction amount and destination are still on display. use-cases where transaction transparency is required to serve
Subsequently, Zcash was developed to keep account balances legal purposes. Pseudonymous address management systems
and transaction information private [233]. Zcash is heralded that change addresses timely, or on a context-aware basis may
as the most promising solution towards enabling privacy need further immutable record keeping for the addresses any
in blockchain applications and offers guaranteed anonymity singular entity has used in the past, in order to provide a trail
by leveraging zero-knowledge cryptography [234]. In Zcash, for legal proceedings.
transactions are fully encrypted and validated using proofs The challenge in developing a blockchain-based IoT plat-
called “Zero-Knowledge Succinct Non-Interactive Argument form that maintains the delicate balance of preserving account-
of Knowledge" (zk-SNARKs). While Zcash provides guaran- ability and privacy has prompted many proposed solutions, yet
teed anonymity, it comes at a cost: the Zcash blockchain has remains open to further research and development. Proposed
no auditability. A recently proposed auditability mechanism solutions involve either implementing access policies within
applicable to Zerocoin and Zerocash is detailed in [235]. the blockchain itself, or implementing access policies through
For identity applications and transaction anonymization, a smart contracts. A promising method to provide privacy in
promising technique is to use ring signatures [236]. Ring blockchain-based IoT platforms is a tiered architecture, where
signatures are more complicated and mathematically involved secluded private blockchains are connected through a public
blockchain. In a tiered architecture, an important research to compete with the transaction processing speed of credit card
challenge is to maintain data integrity within the private companies. The issue surrounding low throughput is exacer-
blockchains, while providing data seclusion and selective bated in the IoT where a much higher volume of data transac-
expression for privacy. Providing auditability and preventing tions occur; either data creation or transfer. Vertically scaling
double-spending led to sacrificing anonymity in blockchains, blockchain as a distributed database is one potential direction.
therefore, guaranteed privacy remains a fertile area of research On the other hand, horizontal scaling shows more promise
[242] for applications that have privacy built into them by in solving blockchain scalability issues, therefore semantics
design. independent inter-blockchain communications is another key
research direction. Solving scalability in the blockchain will
be a huge step forward in creating decentralized infrastructures
B. Scalability in Blockchains
for the IoT.
Currently, all blockchains’ consensus protocols, both in pri-
vate and public blockchains, require every fully participating C. IoT Edge-Device Constraints
node to hold a copy of all the transactions recorded in the The IoT augments the traditional Internet by connecting
history of the blockchain. While this provides decentralization, smart devices together for performing automated tasks. Most
security and fault tolerance, it comes at a cost of scalability. IoT devices have strict computational and networking con-
Traditionally, databases only require additional storage to cope straints, which pose an issue when using blockchain-based
with a growing number of records, however, in blockchains, decentralized architectures. Most IoT devices cannot engage
every full node requires added storage to host a full copy of in PoW consensus due to their limited computational power
the blockchain. This problem is compounded in proof-of-work and battery life. Even if devices are added to a blockchain
based consensus, where a growing number of participants in where the device does not mine new blocks, or in blockchains
the network would require added computational power for that use alternate consensus algorithms, IoT devices do not
mining nodes, in order to process transactions faster. In other come with the required storage space to host a complete
words, as the blockchain grows, the requirement for storage copy of the blockchain [156]. While integrating IoT devices
grows; additionally, depending on the consensus algorithm to the blockchain using blockchain-connected gateways, the
being used, requirements of bandwidth and computational degree of decentralization achieved remains limited. A recent
power also grow. contribution towards this challenge was in [248], which is
Recent advances with “light-clients” developed by a memory-optimized blockchain for IoT networks of larger
blockchain platforms like Ethereum, improve upon the scale.
growing storage requirements of a steadily growing blockchain Apart from computational and networking constraints, IoT
[243]. However, in applications beyond cryptocurrencies, and edge devices suffer from limited interoperability and a lack
specifically the Internet of Things, blockchains remain out of of authentication and authorization standards. Blockchains
the reach of devices with limited storage, computational and can be implemented to record structured and unstructured
networking capabilities. data transfer over data transacting networks, therefore they
Scaling the blockchain has been an area of active research have the potential to enable interoperability over different IoT
[225], starting with Segwit [244] and an increased block size edge devices. Blockchain platforms like Hyperledger’s Burrow
[46]. Both techniques were applied to the Bitcoin network [28] and Sawtooth [57] create roles for nodes in blockchain
and were aimed to enable vertical scalability in blockchains. networks, including limited roles well-suited for IoT edge
Horizontal scalability via sidechains and inter-blockchain com- devices, where nodes can simply push transactions to the
munications are also being researched [86][114]. Similar to blockchain without needing to store a full copy. So far, this
multi-tiered blockchain architectures [87] suggests connecting solution only works in private blockchain implementations,
IoT gateways to public blockchain networks. These solutions however, for public blockchains, pushing transactions through
on their own provide incremental scalability but may not serve IoT gateways is seen as one possible solution [86] [114],
to be the silver bullet required for future-proofing scalability however it would require computationally capable gateways
in blockchain networks. Challenges in blockchain scalability to participate in a public blockchain.
is an open area of research. Many different approaches are A key future research direction is to extend blockchains to
seen in recent research, that aim to improve scalability in the IoT edge. The high performance and networking overheads
blockchains, from SegWit for the Bitcoin blockchain to the of blockchains limit their use over constrained IoT devices. A
more recent sharding [67] techniques being developed by significant proposed solutions in research is performing end-
Ethereum. More promising solutions involve either moving to-end communications over the blockchain through computa-
processing and storage load off-chain [245] [246], or limiting tionally capable IoT gateways. The challenge in this research
the scope of consensus over different parts of a blockchain net- direction would be to enable IoT devices and gateways to
work, or developing inter-blockchain communications [247] push transactions to the blockchain using light clients, without
for connecting multiple blockchains. creating centralized block validation pools.
Scaling blockchains remains a huge issue in their imple-
mentation in digital finance and beyond, due to their high per- D. Trade-off in Public-Private Blockchains
formance and networking overhead. In digital finance, current In finance applications, blockchains have not reached the
public blockchain implementations do not scale well enough technological maturity to compete with the transaction pro-
cessing times of mainstream financial systems like Visa or not only benefit from the security features of blockchain and
Paypal. Paypal averages at 193 transactions per second, while cellular networking, but to also provide flexible data packages
Visa achieves an even faster rate of processing around 1667 and wifi resource sharing.
transactions per second [249]. At the same time, mainstream Much of the IoT edge relies on cellular networking, and
cryptocurrencies Bitcoin and Ethereum have transaction pro- the research for decentralizing cellular networks is still at
cessing times of 4 and 15 transactions per second respectively very nascent stages. For existing blockchain protocols, the
[225], [226]. demonstrated performance only scales up to thousands of
While private blockchains have a much higher transaction peers, so scalability will be detrimental for research in this
throughput, they do not provide total decentralization, and in direction. Blockchains can assist with existing approaches for
fact, blockchains run by organizations are under the centralized cellular networks like application-layer traffic optimization
control of the organization itself. The consensus protocols used [251], and can help in hosting virtualized resources. Virtu-
in private blockchains involve rounds of voting to provide alized network resources will further the logical evolution
Byzantine fault tolerance, which is not suitable for public of cellular networks, and blockchains have the potential to
blockchain implementations. In public blockchain platforms, perform resource scheduling via distributed applications.
the philosophy of all users being equal, without a governing
entity prevails. The latency in public blockchains is inherent G. SDN Integration for Blockchain-Based IoT Edge
to the lottery-based consensus algorithms they employ, which
In the future of development for the Internet, and specifi-
aim to create a secure and permissionless transaction process-
cally the IoT, Software-Defined Networking (SDN) and Net-
ing platform. Thus, blockchain consensus protocols make the
work Function Virtualization (NFV) aim to provide a vir-
tradeoff between high-speed transactions and decentralization
tualized edge platform, where virtual hosts can be dynami-
[250].
cally deployed. Thus SDN and NVF are complementary to
For applications beyond cryptocurrencies, the challenge is
each other and are key to enabling a shared IoT edge with
to provide privacy to the users, along with scalability while
virtualized IoT assets [167]. Virtualized hosts or IoT assets
providing multiple application services. In applications where
can be made responsible for specific applications in provid-
the blockchain spreads over multiple geographic locations and
ing security through firewalling and intrusion detection, and
multiple use case scenarios, like the Internet of Things, there
commissioning IoT devices to remote edge users. Since SDN
will be a need for multiple blockchains communicating with
split control plane and data forwarding functionalities, it can be
each other to provide IoT services, thus being able to scale
used to easily control virtual IoT assets. This direction in IoT’s
vertically and horizontally.
development has the potential to enhance the IoT edge with
easy configuration and management capabilities. However,
E. Security Standards for Scripting Smart Contracts while SDN and NFV evolve respectively, newer cybersecurity
Despite the inherent security features of the blockchain, issues arise, which are compounded when integrated with the
the weak link proves to be the exploitable loopholes within Internet of Things.
smart contracts. An example of adversaries exploiting the SDNs provide enterprises the capabilities of adding, re-
shortcomings of a smart contract was seen in the DAO attack moving and updating virtualized networking assets with cen-
[32]. A direction of research for blockchain IoT integration is tralized control. All SDN asset configurations are managed
in developing security standards for scripting smart contracts and stored in a central control application which leads to a
in such a way that there are no loopholes that compromise the very centralized attack surface. Within the SDN and NFV
security of the devices in the IoT network. research space for the IoT, there are existing security issues
that can potentially hamper the development of a software-
defined IoT. These include Denial of Service (DoS) attacks,
F. Blockchains and Cellular Networks for the IoT
confidentiality attacks through spoofing and data modification
In the constant evolution of LTE cellular networks, re- attacks within virtualized IoT environments [252]. Integrity
search is underway in finding a balance between centralized of SDN configuration is paramount for secure functioning of
and decentralize control mechanisms. Decentralizing cellular virtualized networking assets. One of the pioneering papers
networks from a control perspective can bring the inherent in this research direction is by Sharma et. al [253], which
application layer security features of the blockchain to the proposes an architecture for decentralizing the network control
IoT edge, and it can also help leverage the authentication plane through blockchains. Securing virtualized IoT through
and data protection features offered by cellular networking blockchains will prove to be a research direction which we
at lower layers. An example of such a decentralized control anticipate will yield interesting outcomes in the future.
plane for cellular networks is seen in Qlink33 , which aims
to build an architecture on public and private blockchains for
H. Big Data and Machine Learning for Decentralized IoT
cellular networks. At the public blockchain level, infrequent
Frameworks
transactions between telecom companies take place, while at
the private blockchain level, faster transactions can take place The recent renaissance of machine learning and artificial in-
to provide services based on smart contracts. The aim is to telligence has seen revolutionary developments in only the last
few years in areas including autonomously driving vehicles,
33 https://qlink.mobi computer vision and the IoT. To fully realize the vision of
TABLE XI
S UMMARY OF OPEN RESEARCH DIRECTIONS FOR INTEGRATING BLOCKCHAINS WITH THE I OT.
Research Direction Description

- Contents of all permissionless blockchains are public for auditability;
Privacy in permissionless blockchains
- Blockchain addressing is pseudonymous; there is a need for total anonymity for privacy.
- Decentralized consensus reduces transaction throughput in permissionless blockchain;
Blockchain scalability
- Storing network-wide transactions results in increasing storage requirements.
Resource-constrained IoT devices need computational complexity for directly issuing
IoT edge device constraints transactions to the blockchain. Blockchain-connected IoT gateways need substantial
computational and storage capabilities to be a peer in a blockchain network.
- Public blockchains scale up to thousands of nodes, have guaranteed immutability and
auditability, but high latency and reduced throughput;
Public/private blockchain tradeoff
- Private blockchains have high transaction throughput, but do not have guaranteed
accountability, and only scale up well enough to tens of nodes.
Blockchain-based IoT requires standards for writing secure smart contracts that cannot
Security standards for smart contracts
be exploited for nefarious purposes.
Decentralizing the cellular networking at the IoT edge will bring complimentary low
Blockchains + cellular networks for IoT layer security features of cellular networks and application-layer security features of
blockchains.
SDN typically has heavily centralized control planes that can be subject to security threats.
Distributed SDN control for IoT
Blockchains have the potential to decentralize and secure SDN control plane.
- Room for research in leveraging blockchains for maintaining crowdsensing and big data
Big data + machine learning for applications
decentralized IoT - Incentivizing users to contribute data to open-source big data repositories, that improve
machine learning models for automating the IoT
the IoT for performing automated tasks for human users, it is data repositories, for example medical records, blockchains
essential to incorporate machine learning in the IoT. Machine can be used to enforce access control mechanisms as required
learning, and specifically deep learning algorithms perform by the IoT application.
best in an abundance of data available for predictive models With the added benefit of artificial intelligence, IoT sensors
and parameter tuning. In the IoT, machine learning can be used can truly be the augmented eyes and ears of human users,
to make intelligent decisions to optimize automation tasks like and can extend the limits of the human experience. Using
managing IoT assets, scheduling and energy transactions. blockchains to maintain integrity for big data analysis in the
IoT is a significant direction for future research.
Machine learning and deep learning models have the po-
tential in the IoT to predict and identify cybersecurity threats
I. Summary of Open Research Directions
and vulnerabilities. Intrusion detection systems can detect
malicious activity and can help further bolster the blockchain- From this section, we have seen that blockchain in itself
based IoT’s security. The most compelling use cases for is a nascent technology, with ample of room for further
machine learning algorithms are at the IoT edge where natural development, specifically in the IoT domain. Table XI shows
language processing and image recognition can significantly a summary of the issues present in the area of decentralizing
benefit IoT users. Connecting artificial intelligence and the the IoT through blockchains.
IoT requires systems that can maintain trust while retrieving
data from anonymous data sources at the IoT edge, instead of XIII. S UMMARY OF L ESSONS L EARNED
data warehouses that conventionally enrich machine learning In this survey, we have covered the recent research contri-
models. With the trustless network ecosystem blockchains butions made towards decentralizing the IoT with blockchains.
provide, that vision is within reach. Once a blockchain- While blockchains have great potential in establishing a demo-
based IoT edge comes to fruition, IoT users will be able cratic and secure fabric for the Internet of Things, it is not
to monetize their data and can crowdsource data to machine without its limitations that need to be worked upon. In this
learning models for IoT services. One such example is [254], section, we will reiterate and summarize the insight we have
where blockchains can make big data available for an open gained in the different areas of the IoT, as discussed in this sur-
collaborative IoT edge. Publicly available big data repositories vey. To visualize the papers reviewed in this survey, Table XII
secured by the blockchain can help improve training for enlists all the research contributions towards developing a
automated functionality. On the other hand, for sensitive big blockchain-based IoT, along with information on which areas
TABLE XII
S UMMARY OF R EVIEWED R ESEARCH C ONTRIBUTIONS
Trust Security Identity Data IoT

Research Contributions Privacy
for IoT Access Data Management Management Monetization
Confidentiality Availability
Control Integrity
FairAccess [101][102] X X X X X X X X X
Zhang et al. [100] X X X X X X X X X
Enigma [103][110] X X X X X X X X X
Shafagh et al. [104] X X X X X X X X ×
PISCES [105] X X X X X X X X ×
PlaTIBART [106] X X × × X X X × ×
Ayoade et al. [107] X X × × X X X X ×
Cha et al. [87] X × × × X X × × ×
Hawk [33] X X X X X X X X X
Conoscenti et al. [108] X X × X X X X X ×
Sharma et al. [109] X X X × X X X X ×
Rahulamathavan et al. [111] X X × X X X X X ×
JointCloud [112] X × × × X X X X ×
Hardjono et al. [113] X X X × X X X X ×
Dorri et al. [86] X X X X X X X X ×
Ali et al. [114] X X X X X X X X ×
Aitzhan et al. [80] X X × X X X X × X
Laszka et al. [81] X X × X X X X × X
Knirsch et al. [82] X X × X X X X × X
Lombardi et al. [115] X X × X X X X × X
Gao et al. [118] X × X X X X X X ×
Kang et al. [117] X X X X X X X X ×
Kang et al. [84], [83] X X X X X X X × X
Wang et al. [116] X × X × X X X × ×
Liu et al. [128] × X × X X X X × ×
Urien et al. [129] × X × × X X X × ×
Bahga et. al [130] × X × X X X X × ×
Boudguiga et al. [131] × X × X X X X × ×
DiPietro et al. [132] × X × X X X X × ×
IoTChain [133] × X × X X X X X ×
Psaras et al. [134] × X × X X X X × ×
Trustchain [135] × X × X X X X × ×
Tian et al. [136] × X × X X X X X ×
Bocek et al. [137] × X × X X X X X ×
Samaniego et al. [138][167] × X × × X X X × X
Axon et al. [151] × X X X X X X × ×
Hashemi et al. [152] × X X X X X X X ×
Novo et al. [153] × X X X X X X X ×
Capchain [154] × X X X X X X X ×
Hamza et al. [155] × X X X X X X X ×
Biswas et al. [156] × X X X X X X X ×
Yang et al. [157] × X × X X X X × ×
Lee et al. [158] × X × X X X X X ×
Steger et al. [159] X X X X X X X X ×
Alphand et al. [160] × X × X X X X X ×
Chakraborty et al. [161] × X × X X X × X ×
Imbault et al. [165] × X × X X X X × ×
Kikitamara et al. [166] × X × X X X X × ×
Kravitz et al. [168] × × × × X X X × ×
Huh et al. [169] × X × X X X X × ×
Lee et al. [170] × X × X X X X × ×
Liang et al. [189] X X X X X X × X ×
Azaria et al. [190] X X X X X X X X ×
Xu et al. [191] × X × X × X X X X
Missier et al. [192] × × × X X X × X X
Nehai et al. [215] × X × X × X X × X
Münsing et al. [216] × X × X X X X × X
Spectre [220] × × × X × X X X ×
Lewenberg et al. [218] × × × X × X X X ×
IOTA Tangle [221] × × × X × X X X X
Byteball [222] × × × X × X X X ×
Yu et al. [224] × X X X X X X X ×
of the IoT mentioned in this survey is sufficiently addressed by XIV. C ONCLUSIONS

them. These research contributions utilize the inherent virtues In this paper, we provided an extensive survey of the recent
of the blockchain and other distributed ledger technologies attempts in bringing the blockchain technology to maturity,
in these areas of the IoT, as well as specific techniques as with a specific focus on the current research efforts in design-
discussed in previous sections. ing and developing blockchain-based platforms, applications,
Public blockchains provide immutability through decentral- and services suitable for the new era of the Internet of
ized consensus, along with accountability, since all transaction Things. We began our narrative outlining the core features
contents of the blockchain are visible to the participants of of the Blockchain technology, which is a distributed ledger
the blockchain network. On the other hand, while private with immutable and verifiable transaction records. Blockchains
blockchains retain privacy within one organization, they do achieve immutable and secure records through distributed
not guarantee accountability, since it is not sufficiently decen- consensus algorithms. Therefore, blockchains provide a “trust-
tralized. This leads to a trade-off in auditability and privacy less" environment for record keeping, where no trust is re-
in choosing public versus private blockchains. Recent research quired to be placed on any individual centralized entity.
efforts towards developing a privacy-preserving decentralized Following the degree of decentralization that blockchains
IoT involve access policies written into either the transac- have achieved in cryptocurrency networks, blockchains are
tional model of the blockchain, the block headers or smart hailed as the potential solution to decentralizing the IoT. In
contract conditions [33], [103], [102]. Other solutions involve current IoT framework, centralized authentication, authoriza-
tiered architectures built on public and private blockchains tion, and access models require users to trust centralized third-
[86], [114], where the benefits of both private and public party entities for managing, handling and processing their IoT
blockchains can be reaped. While recent research efforts pro- data. Blockchains can lay down the foundation for a decentral-
pose promising solutions, the problem of maintaining privacy ized fabric for the IoT, with no managing or authorizing inter-
in public blockchains remains an open research challenge. mediaries. We highlighted the different scopes within the IoT
We also learned how the “trustless" networking environment framework where research efforts are already demonstrating
provided by blockchains can be leveraged to perform monetary the potential benefits of blockchain-based decentralization. As
and data transactions without the need for any trusted interme- discussed, these areas include privacy, trustless and secured
diaries. Recent research has shown the benefits of blockchain- communications, identity and data management, as well as
based trustlessness in IoT services, specifically supply chain monetization of IoT data and resources.
management [137], [136]. Thus blockchains prove to be a key To conclude, we have conducted an in-depth survey of
technology in guaranteeing trust in IoT services. blockchains, along with their main features and characteristics,
as well as technical working principles. Then, we discussed
In providing security for the IoT, we learned how the
recent research efforts that are leveraging the benefits of
cryptographic features of blockchain addressing and transac-
the blockchain within different challenge areas of the IoT.
tions enable confidentiality in the IoT [151], [80]. Blockchain
These areas where Research & Development is currently more
smart contracts enforce terms and conditions where access
concentrated, helped us reveal open research directions that
control policies can be written for secure data access. The
have the potential to yield major outcomes in the near future.
decentralized nature of blockchains prevent IoT services from
having centralized points of failure, and transaction fees in
public blockchains prevent flooding attacks, thus preserving R EFERENCES
the availability of the IoT [160], [130]. Decentralized con- [1] K. Ashton, “That "Internet of Things" Thing,” RFID Journal, Jun.
2009.
sensus ensures all contents of the blockchain are immutable, [2] R. Minerva, A. Biru, and R. D., “Towards a Definition of the Internet
which form the basis of solutions that ensure data integrity of Things (IoT),” IEEE IoT Initiative, Tech. Rep., 2015, rev. 1.
in data stored on-chain and in off-chain storage mechanisms [3] A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, and
M. Ayyash, “Internet of things: A survey on enabling technologies,
[156], [128]. protocols, and applications,” IEEE Communications Surveys & Tutori-
We discussed identity management solutions for the IoT als, vol. 17, no. 4, pp. 2347–2376, 2015.
[4] F. A. Alaba, M. Othman, I. A. Targio Hashem, and F. Alotaibi, “Internet
based on blockchains, as proposed in recent research. These of things security: A survey,” Journal of Network and Computer
solutions promise identities for devices and entities partici- Applications, vol. 88, pp. 10–28, 2017.
pating in end-to-end IoT communications, in varying degrees [5] R. Mahmud, R. Kotagiri, and R. Buyya, “Fog computing: A taxonomy,
survey and future directions,” in Internet of everything. Springer, 2018,
of anonymity [151], [81]. Blockchain-based solutions provide pp. 103–130.
data management with guaranteed integrity and resilience. [6] T. Borgohain, U. Kumar, and S. Sanyal, “Survey of security and privacy
Current cloud solutions depend on centralized servers for han- issues of internet of things,” arXiv preprint arXiv:1501.02211, 2015.
[7] S. Huckle, R. Bhattacharya, M. White, and N. Beloff, “Internet of
dling and storing IoT data, whereas blockchains democratize things, blockchain and shared economy applications,” Procedia Com-
data management, and eliminate the chances of centralized ser- puter Science, vol. 98, pp. 461–466, 2016.
vices unfairly exploiting user data. Blockchains also provide a [8] S. Haber and W. S. Stornetta, “How to time-stamp a digital document,”
Journal of Cryptology, vol. 3, no. 2, pp. 99–111, Jan. 1991.
platform for automated micropayments, data monetization and [9] S. Nakamoto. Bitcoin: A peer-to-peer electronic cash system.
energy transactions. The recent research papers we reviewed Last accessed: December 12, 2018. [Online]. Available: http:
in the matter of IoT monetization involve various techniques //bitcoin.org/bitcoin.pdf
[10] F. Tschorsch and B. Scheuermann, “Bitcoin and beyond: A technical
by which blockchains can help develop a decentralized and survey on decentralized digital currencies,” IEEE Communications
democratized IoT marketplace. Surveys & Tutorials, vol. 18, no. 3, pp. 2084–2123, thirdquarter 2016.
[11] P. Brody, V. Pureswaran, S. Panikkar, and S. Nair, “Empowering the [37] D. Dolev, C. Dwork, and L. Stockmeyer, “On the minimal synchronism
edge practical insights on a decentralized internet of things,” IBM needed for distributed consensus,” Journal of the ACM (JACM), vol. 34,
Institute for Business Value. Technical Report, 2015. no. 1, pp. 77–97, 1987.
[12] N. Szabo, “Formalizing and securing relationships on public networks,” [38] D. Malkhi and M. Reiter, “Byzantine quorum systems,” Distributed
First Monday, vol. 2, no. 9, 1997. Computing, pp. 203–213, 1998.
[13] M. Conoscenti, A. Vetro, and J. C. De Martin, “Blockchain for the [39] L. Law, S. Sabett, and J. Solinas, “How to make a mint: The
internet of things: A systematic literature review,” in IEEE/ACS 13th cryptography of anonymous electronic cash,” National Security Agency
International Conference of Computer Systems and Applications, 2016, Office of Information Security Research and Technology, Cryptology
pp. 1–6. Division, 1996.
[14] M. Atzori, “Blockchain-based architectures for the internet of things: [40] N. Szabo. Bit gold. Last accessed: December 12, 2018. [Online].
a survey,” SSRN, 2017. [Online]. Available: https://ssrn.com/abstract= Available: http://unenumerated.blogspot.de/2005/12/bit-gold.html
2846810 [41] W. Dai. (1998) B-Money website. Last accessed: December 12, 2018.
[15] K. Christidis and M. Devetsikiotis, “Blockchains and smart contracts [Online]. Available: http://www.weidai.com/bmoney.txt
for the internet of things,” IEEE Access, vol. 4, pp. 2292–2303, 2016. [42] L. Lamport, R. Shostak, and M. Pease, “The byzantine generals
[16] A. Reyna, C. Martín, J. Chen, E. Soler, and M. Díaz, “On blockchain problem,” ACM Transactions on Programming Languages and Systems
and its integration with iot. challenges and opportunities,” Future (TOPLAS), vol. 4, no. 3, pp. 382–401, 1982.
Generation Computer Systems, 2018. [43] M. Correia, G. S. Veronese, N. F. Neves, and P. Verissimo, “Byzan-
tine consensus in asynchronous message-passing systems: a survey,”
[17] T. M. FernÃandez-CaramÃl’s
˛ and P. Fraga-Lamas, “A review on the
International Journal of Critical Computer-Based Systems (IJCCBS),
use of blockchain for the internet of things,” IEEE Access, vol. 6, pp.
vol. 2, no. 2, pp. 141–161, Jul. 2011.
32 979–33 001, 2018.
[44] A. Baliga, “Understanding blockchain consensus models,” Persistent
[18] K. Yeow, A. Gani, R. W. Ahmad, J. J. Rodrigues, and K. Ko, Systems Ltd, Tech. Rep., 2017.
“Decentralized consensus for edge-centric internet of things: A review, [45] J. R. Douceur, “The sybil attack,” in International Workshop on Peer-
taxonomy, and research issues,” IEEE Access, vol. 6, pp. 1513–1524, to-Peer Systems, 2002, pp. 251–260.
2018. [46] A. Gervais, G. O. Karame, K. Wüst, V. Glykantzis, H. Ritzdorf,
[19] A. Panarello, N. Tapas, G. Merlino, F. Longo, and A. Puliafito, and S. Capkun, “On the security and performance of proof of work
“Blockchain and iot integration: A systematic survey,” Sensors, vol. 18, blockchains,” in Proc. of the ACM SIGSAC Conference on Computer
no. 8, p. 2575, 2018. and Communications Security, 2016, pp. 3–16.
[20] T. Neudecker and H. Hartenstein, “Network layer aspects of permis- [47] A. Miller and J. J. LaViola Jr, “Anonymous byzantine consen-
sionless blockchains,” IEEE Communications Surveys Tutorials, pp. 1– sus from moderately-hard puzzles: A model for bitcoin,” Available
1, 2018. on line: http://nakamotoinstitute. org/research/anonymous-byzantine-
[21] M. Pilkington, “Blockchain technology: principles and applications,” consensus, 2014.
Research Handbook on Digital Transformations, 2015. [48] D. Bradbury, “In blocks [security bitcoin],” Engineering Technology,
[22] R. Beck, J. S. Czepluch, N. Lollike, and S. Malone, “Blockchain- vol. 10, no. 2, pp. 68–71, Mar. 2015.
the gateway to trust-free cryptographic transactions.” in 24th European [49] K. J. O’Dwyer and D. Malone, “Bitcoin mining and its energy
Conference on Information Systems (ECIS), Istanbul, Turkey, 2016. footprint,” in 25th IET Irish Signals Systems Conference and China-
[23] P. Mueller, A. Rizk, and R. Steinmetz. (2017) BlockChain a new Ireland International Conference on Information and Communications
foundation for building trustworthy and secure distributed applications Technologies (ISSC/CIICT), Jun. 2014, pp. 280–285.
(DAPP’s) of the future. Last accessed: December 12, 2018. [Online]. [50] Peercoin website. Last accessed: December 12, 2018. [Online].
Available: http://dspace.icsy.de:12000/dspace/handle/123456789/432 Available: https://peercoin.net
[24] R. C. Merkle, “A digital signature based on a conventional encryption [51] “Nxt whitepaper,” Nxt community, Tech. Rep., 2014.
function,” in Advances in Cryptology – CRYPTO’87, 2000, pp. 369– [52] P. Vasin, “Blackcoin’s proof-of-stake protocol v2,” Blackcoin, Tech.
378. Rep., 2014.
[25] G. Wood, “Ethereum: A secure decentralised generalised transaction [53] N. Houy, “It will cost you nothing to’kill’a proof-of-stake crypto-
ledger,” Ethereum Project Yellow Paper, vol. 151, 2014. currency,” 2014.
[26] Z. Zheng, S. Xie, H. N. Dai, and H. Wang, “Blockchain challenges [54] C. Cachin and M. Vukolić, “Blockchains consensus protocols in the
and opportunities: A survey,” International Journal of Web and Grid wild,” arXiv preprint arXiv:1707.01873, 2017.
Services, pp. 1–23, 2017. [55] I. Bentov, C. Lee, A. Mizrahi, and M. Rosenfeld, “Proof of activity:
[27] A. Back, M. Corallo, L. Dashjr, M. Friedenbach, G. Maxwell, Extending bitcoin’s proof of work via proof of stake [extended ab-
A. Miller, A. Poelstra, J. Timón, and P. Wuille, “Enabling blockchain stract]y,” SIGMETRICS Perform. Eval. Rev., vol. 42, no. 3, pp. 34–37,
innovations with pegged sidechains,” opensciencereview.com, Tech. Dec. 2014.
Rep., 2014. [56] Decred documentation. Last accessed: December 12, 2018. [Online].
[28] V. Dhillon, D. Metcalf, and M. Hooper, “The hyperledger project,” in Available: https://docs.decred.org/research/overview/
Blockchain Enabled Applications, 2017, pp. 139–149. [57] Sawtooth documentation. Last accessed: December 12, 2018. [Online].
[29] J. Fairfield, “Smart contracts, bitcoin bots, and consumer protection,” Available: https://goo.gl/izmMYn/
Washington and Lee Law Review Online, vol. 71, no. 2, pp. 35–50, [58] V. Costan and S. Devadas, “Intel sgx explained.” IACR Cryptology
2014. ePrint Archive, vol. 2016, p. 86, 2016.
[59] M. Walport, “Distributed ledger technology: Beyond blockchain,” UK
[30] S. Omohundro, “Cryptocurrencies, smart contracts, and artificial intel-
Government Office for Science, 2016.
ligence,” AI matters, vol. 1, no. 2, pp. 19–21, 2014.
[60] M. Castro, B. Liskov et al., “Practical byzantine fault tolerance,” in
[31] L. Luu, D.-H. Chu, H. Olickel, P. Saxena, and A. Hobor, “Making OSDI, vol. 99, 1999, pp. 173–186.
smart contracts smarter,” in Proc. of the ACM SIGSAC Conference on [61] E. Androulaki, C. Cachin, A. De Caro, A. Kind, and M. Osborne,
Computer and Communications Security, 2016, pp. 254–269. “Cryptography and protocols in hyperledger fabric,” in Real-World
[32] N. Atzei, M. Bartoletti, and T. Cimoli, “A survey of attacks on ethereum Cryptography Conference, 2017.
smart contracts (sok),” in Proc. of the 6th International Conference on [62] C. Cachin, S. Schubert, and M. Vukolić, “Non-determinism in byzan-
Principles of Security and Trust, 2017, pp. 164–186. tine fault-tolerant replication,” arXiv preprint arXiv:1603.07351, 2016.
[33] A. Kosba, A. Miller, E. Shi, Z. Wen, and C. Papamanthou, “Hawk: [63] J. Kwon. (2014) Tendermint: Consensus without mining. [Online].
The blockchain model of cryptography and privacy-preserving smart Available: http://tendermint.com/docs/tendermint.pdf
contracts,” in IEEE Symposium on Security and Privacy, 2016, pp. [64] D. Schwartz, N. Youngs, and A. Britto, “The ripple protocol consensus
839–858. algorithm,” Ripple Labs Inc White Paper, vol. 5, 2014.
[34] RSK website. Last accessed: December 12, 2018. [Online]. Available: [65] D. Mazieres, “The stellar consensus protocol: A federated
https://www.rsk.co/ model for internet-level consensus,” last accessed: December
[35] J. Turek and D. Shasha, “The many faces of consensus in distributed 12, 2018. [Online]. Available: https://www.stellar.org/papers/
systems,” IEEE Computer, vol. 25, no. 6, pp. 8–17, 1992. stellar-consensus-protocol.pdf/
[36] M. J. Fischer, N. A. Lynch, and M. S. Paterson, “Impossibility of [66] M. Vukolić, “The quest for scalable blockchain fabric: Proof-of-work
distributed consensus with one faulty process,” Journal of the ACM vs. bft replication,” in International Workshop on Open Problems in
(JACM), vol. 32, no. 2, pp. 374–382, 1985. Network Security. Springer, 2015, pp. 112–125.
[67] (2017) Ethereum sharding FAQ. Last accessed: December 12, [91] G. Greenwald and E. MacAskill, “Nsa prism program taps in to user
2018. [Online]. Available: https://github.com/ethereum/wiki/wiki/ data of apple, google and others,” The Guardian, vol. 7, no. 6, pp.
Sharding-FAQ 1–43, 2013.
[68] B. Greenstein. (2018) IoT Trends in 2018: AI, [92] C. M. Medaglia and A. Serbanati, “An overview of privacy and security
Blockchain, and the Edge. Last accessed: December 12, issues in the internet of things,” in The Internet of Things, 2010, pp.
2018. [Online]. Available: https://iot.ieee.org/newsletter/january-2018/ 389–395.
iot-trends-in-2018-ai-blockchain-and-the-edge#_ftn1 [93] O. Vermesan and P. Friess, Internet of things: converging technologies
[69] D. Miorandi, S. Sicari, F. D. Pellegrini, and I. Chlamtac, “Internet of for smart environments and integrated ecosystems. River Publishers,
things: Vision, applications and research challenges,” Ad Hoc Networks, 2013.
vol. 10, no. 7, pp. 1497–1516, 2012. [94] R. Roman, P. Najera, and J. Lopez, “Securing the internet of things,”
[70] “List of 450 IoT Platform Companies,” Research and Markets, Tech. Computer, vol. 44, no. 9, pp. 51–58, 2011.
Rep. ID: 4330410, 2017. [95] G. V. Lioudakis, E. A. Koutsoloukas, N. Dellas, S. Kapellaki, G. N.
[71] A. Barki, A. Bouabdallah, S. Gharout, and J. Traore, “M2m security: Prezerakos, D. I. Kaklamani, and I. S. Venieris, “A proxy for privacy:
Challenges and solutions,” IEEE Communications Surveys & Tutorials, the discreet box,” in The International Conference on" Computer as a
vol. 18, no. 2, pp. 1241–1254, 2016. Tool" (EUROCON), 2007, pp. 966–973.
[72] J. Zhou, Z. Cao, X. Dong, and A. V. Vasilakos, “Security and privacy [96] D. Chaum and E. Van Heyst, “Group signatures,” in Workshop on the
for cloud-based iot: Challenges,” IEEE Communications Magazine, Theory and Application of of Cryptographic Techniques, 1991, pp. 257–
vol. 55, no. 1, pp. 26–33, 2017. 265.
[73] M. Mohammadi and A. Al-Fuqaha, “Enabling cognitive smart cities [97] F. Li, Z. Zheng, and C. Jin, “Secure and efficient data transmission in
using big data and machine learning: Approaches and challenges,” the internet of things,” Telecommunication Systems, vol. 62, no. 1, pp.
IEEE Communications Magazine, vol. 56, no. 2, pp. 94–101, 2018. 111–122, 2016.
[74] V. Gazis, “A survey of standards for machine-to-machine and the [98] L. Sweeney, “k-anonymity: A model for protecting privacy,” Interna-
internet of things,” IEEE Communications Surveys & Tutorials, vol. 19, tional Journal of Uncertainty, Fuzziness and Knowledge-Based Sys-
no. 1, pp. 482–511, 2017. tems, vol. 10, no. 05, pp. 557–570, 2002.
[75] D. S. Nunes, P. Zhang, and J. Sa Silva, “A survey on human-in-the- [99] J. Domingo-Ferrer and V. Torra, “A critique of k-anonymity and some
loop applications towards an internet of all,” IEEE Communications of its enhancements,” in Third International Conference on Availability,
Surveys & Tutorials, vol. 17, no. 2, pp. 944–965, 2015. Reliability and Security, 2008, pp. 990–993.
[76] M. Ammar, G. Russello, and B. Crispo, “Internet of things: A survey [100] Y. Zhang and J. Wen, “The iot electric business model: Using
on the security of iot frameworks,” Journal of Information Security and blockchain technology for the internet of things,” Peer-to-Peer Net-
Applications, vol. 38, pp. 8–27, 2018. working and Applications, vol. 10, no. 4, pp. 983–994, 2017.
[77] K. Zhao and L. Ge, “A survey on the internet of things security,” in 9th [101] A. Ouaddah, A. A. Elkalam, and A. A. Ouahman, “Towards a novel
International Conference on Computational Intelligence and Security privacy-preserving access control model based on blockchain technol-
(CIS), 2013, pp. 663–667. ogy in iot,” in Europe and MENA Cooperation Advances in Information
[78] J. S. Kumar and D. R. Patel, “A survey on internet of things: Security and Communication Technologies, 2017, pp. 523–533.
and privacy issues,” International Journal of Computer Applications, [102] A. Ouaddah, A. Abou Elkalam, and A. Ait Ouahman, “Fairaccess:
vol. 90, no. 11, 2014. a new blockchain-based access control framework for the internet of
[79] Z. Yan, P. Zhang, and A. V. Vasilakos, “A survey on trust management things,” Security and Communication Networks, vol. 9, no. 18, pp.
for internet of things,” Journal of network and computer applications, 5943–5964, 2016.
vol. 42, pp. 120–134, 2014. [103] G. Zyskind, O. Nathan, and A. Pentland, “Enigma: Decentralized
[80] N. Z. Aitzhan and D. Svetinovic, “Security and privacy in decentralized computation platform with guaranteed privacy,” 2015, last accessed:
energy trading through multi-signatures, blockchain and anonymous December 12, 2018. [Online]. Available: https://enigma.co/enigma_
messaging streams,” IEEE Transactions on Dependable and Secure full.pdf
Computing, 2016. [104] H. Shafagh, L. Burkhalter, A. Hithnawi, and S. Duquennoy, “Towards
[81] A. Laszka, A. Dubey, M. Walker, and D. Schmidt, “Providing privacy, blockchain-based auditable storage and sharing of iot data,” in Proc.
safety, and security in iot-based transactive energy systems using of the Cloud Computing Security Workshop, 2017, pp. 45–50.
distributed ledgers,” in Proceedings of the Seventh International Con- [105] N. Foukia, D. Billard, and E. Solana, “Pisces: A framework for privacy
ference on the Internet of Things, ser. IoT ’17. ACM, 2017, pp. by design in iot,” in 14th Annual Conference on Privacy, Security and
13:1–13:8. Trust (PST), 2016, pp. 706–713.
[82] F. Knirsch, A. Unterweger, G. Eibl, and D. Engel, “Privacy-preserving [106] M. A. Walker, A. Dubey, A. Laszka, and D. C. Schmidt, “Platibart:
smart grid tariff decisions with blockchain-based smart contracts,” in a platform for transactive iot blockchain applications with repeatable
Sustainable Cloud and Energy Services, 2018, pp. 85–116. testing,” in Proc. of the 4th Workshop on Middleware and Applications
[83] J. Kang, R. Yu, X. Huang, S. Maharjan, Y. Zhang, and E. Hossain, “En- for the Internet of Things, 2017, pp. 17–22.
abling localized peer-to-peer electricity trading among plug-in hybrid [107] G. Ayoade, V. Karande, L. Khan, and K. Hamlen, “Decentralized iot
electric vehicles using consortium blockchains,” IEEE Transactions on data management using blockchain and trusted execution environment,”
Industrial Informatics, vol. 13, no. 6, pp. 3154–3164, Dec 2017. in 2018 IEEE International Conference on Information Reuse and
[84] Z. Li, J. Kang, R. Yu, D. Ye, Q. Deng, and Y. Zhang, “Consortium Integration (IRI), July 2018, pp. 15–22.
blockchain for secure energy trading in industrial internet of things,” [108] M. Conoscenti, A. Vetro, and J. C. De Martin, “Peer to peer for privacy
IEEE Transactions on Industrial Informatics, vol. 14, no. 8, pp. 3690– and decentralization in the internet of things,” in IEEE/ACM 39th
3700, Aug 2018. International Conference on Software Engineering Companion (ICSE-
[85] P. Garcia Lopez, A. Montresor, D. Epema, A. Datta, T. Higashino, C), 2017, pp. 288–290.
A. Iamnitchi, M. Barcellos, P. Felber, and E. Riviere, “Edge-centric [109] P. K. Sharma, M.-Y. Chen, and J. H. Park, “A software defined fog node
computing: Vision and challenges,” SIGCOMM Comput. Commun. based distributed blockchain cloud architecture for iot,” IEEE Access,
Rev., vol. 45, no. 5, pp. 37–42, Sep. 2015. [Online]. Available: vol. 6, pp. 115–124, 2018.
http://doi.acm.org/10.1145/2831347.2831354 [110] G. Zyskind, O. Nathan et al., “Decentralizing privacy: Using
[86] A. Dorri, S. S. Kanhere, R. Jurdak, and P. Gauravaram, “Blockchain for blockchain to protect personal data,” in IEEE Security and Privacy
iot security and privacy: The case study of a smart home,” in IEEE In- Workshops (SPW), 2015, pp. 180–184.
ternational Conference on Pervasive Computing and Communications [111] Y. Rahulamathavan, R. C.-W. Phan, S. Misra, and M. Rajarajan,
Workshops (PerCom Workshops), 2017, pp. 618–623. “Privacy-preserving blockchain based iot ecosystem using attribute-
[87] S.-C. Cha, J.-F. Chen, C. Su, and K.-H. Yeh, “A blockchain connected based encryption,” 2017.
gateway for ble-based devices in the internet of things,” IEEE Access, [112] W. Chen, M. Ma, Y. Ye, Z. Zheng, and Y. Zhou, “Iot service based on
2018. jointcloud blockchain: The case study of smart traveling,” in 2018 IEEE
[88] K. Wüst and A. Gervais, “Do you need a blockchain?” Symposium on Service-Oriented System Engineering (SOSE), March
[89] S. Sicari, A. Rizzardi, L. A. Grieco, and A. Coen-Porisini, “Security, 2018, pp. 216–221.
privacy and trust in internet of things: The road ahead,” Computer [113] T. Hardjono and N. Smith, “Cloud-based commissioning of constrained
networks, vol. 76, pp. 146–164, 2015. devices using permissioned blockchains,” in Proc. of the 2nd ACM
[90] J. A. Stankovic, “Research directions for the internet of things,” IEEE International Workshop on IoT Privacy, Trust, and Security, 2016, pp.
Internet of Things Journal, vol. 1, no. 1, pp. 3–9, 2014. 29–36.
[114] M. S. Ali, K. Dolui, and F. Antonelli, “Iot data privacy via blockchains [136] F. Tian, “A supply chain traceability system for food safety based on
and ipfs,” in 7th International Conference for the Internet of Things, haccp, blockchain & internet of things,” in International Conference
2017. on Service Systems and Service Management (ICSSSM), 2017, pp. 1–6.
[115] F. Lombardi, L. Aniello, S. De Angelis, A. Margheri, and V. Sassone, [137] T. Bocek, B. B. Rodrigues, T. Strasser, and B. Stiller, “Blockchains
“A blockchain-based infrastructure for reliable and cost-effective iot- everywhere-a use-case of blockchains in the pharma supply-chain,” in
aided smart grids,” 2018. IFIP/IEEE Symposium on Integrated Network and Service Management
[116] J. Wang, M. Li, Y. He, H. Li, K. Xiao, and C. Wang, “A blockchain (IM), 2017, pp. 772–777.
based privacy-preserving incentive mechanism in crowdsensing appli- [138] M. Samaniego and R. Deters, “Blockchain as a service for iot,” in
cations,” IEEE Access, vol. 6, pp. 17 545–17 556, 2018. IEEE International Conference on Internet of Things (iThings) and
[117] J. Kang, R. Yu, X. Huang, M. Wu, S. Maharjan, S. Xie, and Y. Zhang, IEEE Green Computing and Communications (GreenCom) and IEEE
“Blockchain for secure and efficient data sharing in vehicular edge Cyber, Physical and Social Computing (CPSCom) and IEEE Smart
computing and networks,” IEEE Internet of Things Journal, pp. 1–1, Data (SmartData), 2016, pp. 433–436.
2018. [139] S. Tai, “Continuous, trustless, and fair: Changing priorities in services
[118] F. Gao, L. Zhu, M. Shen, K. Sharif, Z. Wan, and K. Ren, “A computing,” in European Conference on Service-Oriented and Cloud
blockchain-based privacy-preserving payment mechanism for vehicle- Computing, 2016, pp. 205–210.
to-grid networks,” IEEE Network, pp. 1–9, 2018. [140] P. R. Sousa, L. Antunes, and R. Martins, “The present and future of
[119] A. Alcaide, E. Palomar, J. Montero-Castillo, and A. Ribagorda, privacy-preserving computation in fog computing,” in Fog Computing
“Anonymous authentication for privacy-preserving iot target-driven in the Internet of Things, 2018, pp. 51–69.
applications,” computers & security, vol. 37, pp. 111–123, 2013. [141] T. McConaghy, R. Marques, A. Müller, D. De Jonghe, T. Mc-
[120] X.-J. Lin, L. Sun, and H. Qu, “Insecurity of an anonymous authenti- Conaghy, G. McMullen, R. Henderson, S. Bellemare, and A. Granzotto,
cation for privacy-preserving iot target-driven applications,” computers “BigchainDB: a scalable blockchain database,” BigChainDB, Tech.
& security, vol. 48, pp. 142–149, 2015. Rep., 2016.
[121] T. Hardjono, N. Smith, and A. S. Pentland, “Anonymous identities for [142] W. Obile, “Ericsson mobility report,” Nov, 2016.
permissioned blockchains,” 2016. [143] J. Granjal, E. Monteiro, and J. S. Silva, “Security for the internet of
[122] E. Brickell and J. Li, “Enhanced privacy id: A direct anonymous attes- things: a survey of existing protocols and open research issues,” IEEE
tation scheme with enhanced revocation capabilities,” in Proceedings Communications Surveys & Tutorials, vol. 17, no. 3, pp. 1294–1312,
of the 2007 ACM workshop on Privacy in electronic society. ACM, 2015.
2007, pp. 21–30. [144] H. Suo, J. Wan, C. Zou, and J. Liu, “Security in the internet of
[123] A. Biryukov, D. Khovratovich, and I. Pustogarov, “Deanonymisation things: a review,” in International Conference on Computer Science
of clients in bitcoin p2p network,” in Proc. of the ACM SIGSAC and Electronics Engineering (ICCSEE), vol. 3, 2012, pp. 648–651.
Conference on Computer and Communications Security, 2014, pp. 15– [145] C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas, “DDoS in the
29. IoT: Mirai and other botnets,” Computer, vol. 50, no. 7, pp. 80–84,
[124] A. Boualouache and S. Moussaoui, “Urban pseudonym changing 2017.
strategy for location privacy in vanets,” Int. J. Ad Hoc Ubiquitous [146] E. Bertino and N. Islam, “Botnets and internet of things security,”
Comput., vol. 24, no. 1/2, pp. 49–64, Jan. 2016. [Online]. Available: Computer, vol. 50, no. 2, pp. 76–79, 2017.
https://doi.org/10.1504/IJAHUC.2017.080914 [147] J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, “Internet of
[125] J. Kang, R. Yu, X. Huang, and Y. Zhang, “Privacy-preserved things (iot): A vision, architectural elements, and future directions,”
pseudonym scheme for fog computing supported internet of vehicles,” Future generation computer systems, vol. 29, no. 7, pp. 1645–1660,
IEEE Transactions on Intelligent Transportation Systems, vol. 19, no. 8, 2013.
pp. 2627–2637, Aug 2018. [148] S. Sicari, A. Rizzardi, C. Cappiello, D. Miorandi, and A. Coen-Porisini,
[126] M. Raya and J.-P. Hubaux, “Securing vehicular ad hoc networks,” “Toward data governance in the internet of things,” in New advances
J. Comput. Secur., vol. 15, no. 1, pp. 39–68, Jan. 2007. [Online]. in the internet of things. Springer, 2018, pp. 59–74.
Available: http://dl.acm.org/citation.cfm?id=1370616.1370618 [149] M. U. Farooq, M. Waseem, A. Khairi, and S. Mazhar, “A critical anal-
[127] Z. Lu, W. Liu, Q. Wang, G. Qu, and Z. Liu, “A privacy-preserving ysis on the security concerns of internet of things (iot),” International
trust model based on blockchain for vanets,” IEEE Access, vol. 6, pp. Journal of Computer Applications, vol. 111, no. 7, 2015.
45 655–45 664, 2018. [150] H. Halpin and M. Piekarska, “Introduction to security and privacy on
[128] B. Liu, X. L. Yu, S. Chen, X. Xu, and L. Zhu, “Blockchain based the blockchain,” in IEEE European Symposium on Security and Privacy
data integrity service framework for IoT data,” in IEEE International Workshops (EuroS&PW), 2017, pp. 1–3.
Conference on Web Services (ICWS), 2017, pp. 468–475. [151] L. Axon and M. Goldsmith, “Pb-pki: a privacy-aware blockchain-based
[129] P. Urien, “Towards secure elements for trusted transactions in pki,” 2016.
blockchain and blochchain IoT (BIoT) Platforms,” in Fourth Interna- [152] S. H. Hashemi, F. Faghri, P. Rausch, and R. H. Campbell, “World of
tional Conference on Mobile and Secure Services (MobiSecServ), 2018, empowered iot users,” in Internet-of-Things Design and Implementation
pp. 1–5. (IoTDI), 2016 IEEE First International Conference on. IEEE, 2016,
[130] A. Bahga and V. K. Madisetti, “Blockchain platform for industrial pp. 13–24.
internet of things,” Journal of Software Engineering and Applications, [153] O. Novo, “Blockchain meets iot: an architecture for scalable access
vol. 9, no. 10, p. 533, 2016. management in iot,” IEEE Internet of Things Journal, 2018.
[131] A. Boudguiga, N. Bouzerna, L. Granboulan, A. Olivereau, F. Quesnel, [154] T. Le and M. W. Mutka, “Capchain: A privacy preserving access control
A. Roger, and R. Sirdey, “Towards better availability and account- framework based on blockchain for pervasive environments,” in 2018
ability for iot updates by means of a blockchain,” in IEEE European IEEE International Conference on Smart Computing (SMARTCOMP),
Symposium on Security and Privacy Workshops (EuroS&PW), 2017, June 2018, pp. 57–64.
pp. 50–58. [155] H. Es-Samaali, A. Outchakoucht, and J. P. Leroy, “A blockchain-
[132] R. Di Pietro, X. Salleras, M. Signorini, and E. Waisbard, “A blockchain- based access control for big data,” International Journal of Computer
based trust system for the internet of things,” in Proceedings of the Networks and Communications Security, vol. 5, no. 7, p. 137, 2017.
23Nd ACM on Symposium on Access Control Models and Technologies, [156] K. Biswas and V. Muthukkumarasamy, “Securing smart cities using
ser. SACMAT ’18. New York, NY, USA: ACM, 2018, pp. 77–83. blockchain technology,” in IEEE 18th International Conference on High
[Online]. Available: http://doi.acm.org/10.1145/3205977.3205993 Performance Computing and Communications; IEEE 14th International
[133] B. Yu, J. Wright, S. Nepal, L. Zhu, J. Liu, and R. Ranjan, “Iotchain: Conference on Smart City; IEEE 2nd International Conference on Data
Establishing trust in the internet of things ecosystem using blockchain,” Science and Systems, 2016, pp. 1392–1393.
IEEE Cloud Computing, vol. 5, no. 4, pp. 12–23, Jul 2018. [157] Z. Yang, K. Zheng, K. Yang, and V. C. Leung, “A blockchain-
[134] I. Psaras, “Decentralised edge-computing and iot through distributed based reputation system for data credibility assessment in vehicular
trust,” in Proceedings of the 16th Annual International Conference networks,” in Personal, Indoor, and Mobile Radio Communications
on Mobile Systems, Applications, and Services, ser. MobiSys ’18. (PIMRC), 2017 IEEE 28th Annual International Symposium on. IEEE,
New York, NY, USA: ACM, 2018, pp. 505–507. [Online]. Available: 2017, pp. 1–5.
http://doi.acm.org/10.1145/3210240.3226062 [158] B. Lee and J.-H. Lee, “Blockchain-based secure firmware update for
[135] P. Otte, M. de Vos, and J. Pouwelse, “Trustchain: A sybil-resistant embedded devices in an internet of things environment,” The Journal
scalable blockchain,” Future Generation Computer Systems, 2017. of Supercomputing, vol. 73, no. 3, pp. 1152–1167, 2017.
[159] M. Steger, A. Dorri, S. S. Kanhere, K. Römer, R. Jurdak, and environments,” in 7th IEEE Consumer Communications and Network-
M. Karner, “Secure wireless automotive software updates using ing Conference (CCNC), 2010, pp. 1–5.
blockchains: A proof of concept,” in Advanced Microsystems for [183] C. C. Cerbulescu and C. M. Cerbulescu, “Large data management in
Automotive Applications 2017, 2018, pp. 137–149. iot applications,” in 17th International Carpathian Control Conference
[160] O. Alphand, M. Amoretti, T. Claeys, S. Dall’Asta, A. Duda, G. Ferrari, (ICCC), 2016, pp. 111–115.
F. Rousseau, B. Tourancheau, L. Veltri, and F. Zanichelli, “Iotchain: A [184] T. Li, Y. Liu, Y. Tian, S. Shen, and W. Mao, “A storage solution for
blockchain security architecture for the internet of things,” in Wireless massive iot data based on nosql,” in IEEE International Conference on
Communications and Networking Conference (WCNC), 2018 IEEE. Green Computing and Communications (GreenCom), 2012, pp. 50–57.
IEEE, 2018, pp. 1–6. [185] Y. Zhou, S. De, W. Wang, and K. Moessner, “Enabling query of
[161] R. B. Chakraborty, M. Pandey, and S. S. Rautaray, “Managing com- frequently updated data from mobile sensing sources,” in IEEE 17th
putation load on a blockchain–based multi–layered internet–of–things International Conference on Computational Science and Engineering
network,” Procedia Computer Science, vol. 132, pp. 469–476, 2018. (CSE), 2014, pp. 946–952.
[162] J. H. Park and J. H. Park, “Blockchain security in cloud computing: [186] X. Hao, P. Jin, and L. Yue, “Efficient storage of multi-sensor object-
Use cases, challenges, and solutions,” Symmetry, vol. 9, no. 8, p. 164, tracking data,” IEEE Transactions on Parallel and Distributed Systems,
2017. vol. 27, no. 10, pp. 2881–2894, 2016.
[163] M. Vučinić, B. Tourancheau, F. Rousseau, A. Duda, L. Damon, and [187] T. Lu, J. Fang, and C. Liu, “A unified storage and query optimization
R. Guizzetti, “Oscar: Object security architecture for the internet of framework for sensor data,” in 12th Web Information System and
things,” Ad Hoc Networks, vol. 32, pp. 3–16, 2015. Application Conference (WISA), 2015, pp. 229–234.
[164] N. Kshetri, “1 blockchain’s roles in meeting key supply chain manage- [188] I. P. Zarko, K. Pripuzic, M. Serrano, and M. Hauswirth, “Iot data
ment objectives,” International Journal of Information Management, management methods and optimisation algorithms for mobile pub-
vol. 39, pp. 80–89, 2018. lish/subscribe services in cloud environments,” in European Conference
[165] F. Imbault, M. Swiatek, R. De Beaufort, and R. Plana, “The green on Networks and Communications (EuCNC), 2014, pp. 1–5.
blockchain: Managing decentralized energy production and consump- [189] X. Liang, J. Zhao, S. Shetty, and D. Li, “Towards data assurance and
tion,” in IEEE International Conference on Environment and Electrical resilience in iot using blockchain,” in IEEE Military Communications
Engineering and IEEE Industrial and Commercial Power Systems Conference, 2017.
Europe, 2017, pp. 1–5. [190] A. Azaria, A. Ekblaw, T. Vieira, and A. Lippman, “Medrec: Using
[166] S. Kikitamara, M. van Eekelen, and D. I. J.-P. Doomernik, “Digital blockchain for medical data access and permission management,” in
identity management on blockchain for open model energy system,” International Conference on Open and Big Data (OBD), 2016, pp.
2017. 25–30.
[167] M. Samaniego and R. Deters, “Hosting virtual iot resources on edge- [191] Q. Xu, K. M. M. Aung, Y. Zhu, and K. L. Yong, “A blockchain-based
hosts with blockchain,” in IEEE International Conference on Computer storage system for data analytics in the internet of things,” in New
and Information Technology (CIT), 2016, pp. 116–119. Advances in the Internet of Things, 2018, pp. 119–138.
[168] D. W. Kravitz and J. Cooper, “Securing user identity and transactions [192] P. Missier, S. Bajoudah, A. Capossele, A. Gaglione, and M. Nati,
symbiotically: Iot meets blockchain,” in Global Internet of Things “Mind my value: a decentralized infrastructure for fair and trusted iot
Summit, 2017, pp. 1–6. data trading,” in Proc. of the Seventh International Conference on the
[169] S. Huh, S. Cho, and S. Kim, “Managing iot devices using blockchain Internet of Things, 2017, p. 15.
platform,” in 19th International Conference on Advanced Communica- [193] F. Wang, S. Liu, P. Liu, and Y. Bai, “Bridging physical and virtual
tion Technology (ICACT), 2017, pp. 464–467. worlds: complex event processing for rfid data streams,” in Interna-
[170] J.-H. Lee, “Bidaas: blockchain based id as a service,” IEEE Access, tional Conference on Extending Database Technology, 2006, pp. 588–
vol. 6, pp. 2274–2278, 2018. 607.
[171] J. Hughes and E. Maler, “Security assertion markup language (saml) [194] M. Ma, P. Wang, and C.-H. Chu, “Data management for internet of
v2. 0 technical overview,” OASIS SSTC Working Draft sstc-saml-tech- things: Challenges, approaches and opportunities,” in Green Comput-
overview-2.0-draft-08, pp. 29–38, 2005. ing and Communications (GreenCom), IEEE and Internet of Things
[172] D. Recordon and D. Reed, “OpenID 2.0: a platform for user-centric (iThings/CPSCom), IEEE International Conference on and IEEE Cy-
identity management,” in Proc. of the Second ACM workshop on Digital ber, Physical and Social Computing, 2013, pp. 1144–1151.
identity management, 2006, pp. 11–16. [195] A. Asin and D. Gascon, “50 sensor applications for a smarter world:
[173] D. Hardt, “The oauth 2.0 authorization framework,” Tech. Rep., 2012. Libelium white paper,” Libelium, 2012.
[174] H. A. Kalodner, M. Carlsten, P. Ellenbogen, J. Bonneau, and [196] Huawei: IoT, driving verticals to digitization. Last accessed: December
A. Narayanan, “An empirical study of namecoin and lessons for 12, 2018. [Online]. Available: http://www.huawei.com/minisite/iot/en/
decentralized namespace design,” in WEIS, 2015.
[197] Qualcomm: IoT solutions. Last accessed: December 12, 2018. [Online].
[175] D. Shrier, W. Wu, and A. Pentland, “Blockchain & infrastructure
Available: https://www.qualcomm.com/solutions/internet-of-things
(identity, data security),” MIT Connection Science, pp. 1–18, 2016.
[198] LG IoT SmartThinQ. Last accessed: December 12, 2018. [Online].
[176] N. Rückeshäuser, “Typology of distributed ledger based business mod-
Available: http://www.lg.com/us/discover/smartthinq/thinqâĂŐ
els,” 2017.
[199] Samsung IoT Solutions. Last accessed: December 12, 2018. [Online].
[177] A. Act, “Health insurance portability and accountability act of 1996,”
Available: https://goo.gl/fHtMm7âĂŐ
Public law, vol. 104, p. 191, 1996.
[178] European CommissionDirective 95/46/EC of the European Parliament [200] Cisco IoT Products and Services. Last accessed: December 12, 2018.
and of the Council of 24 October 1995 on the protection of [Online]. Available: https://goo.gl/6z8o4c
individuals with regard to the processing of personal data and on [201] Carriots by Altair. Last accessed: December 12, 2018. [Online].
the free movement of such data, Official Journal of the European Available: https://www.carriots.com/
Communities No. L 281/31. [Online]. Available: http://eur-lex.europa. [202] Eurotech M2M/IoT Software and Services. Last accessed: December
eu/LexUriServ/LexUriServ.do?uri=CELEX:31995L0046:EN:HTML 12, 2018. [Online]. Available: www.eurotech.com/en/products/
[179] T. Fan and Y. Chen, “A scheme of data management in the internet of software+services
things,” in 2nd IEEE International Conference on Network Infrastruc- [203] IBM Watson IoT. Last accessed: December 12, 2018. [Online].
ture and Digital Content, 2010, pp. 110–114. Available: âĂŐhttps://www.ibm.com/internet-of-things
[180] F. Khodadadi, R. N. Calheiros, and R. Buyya, “A data-centric frame- [204] BlueApp. Last accessed: December 12, 2018. [Online]. Available:
work for development and deployment of internet of things applications https://www.blueapp.io
in clouds,” in IEEE Tenth International Conference on Intelligent [205] IoT Monetization: Ericsson. Last accessed: December 12, 2018.
Sensors, Sensor Networks and Information Processing (ISSNIP), 2015, [Online]. Available: https://goo.gl/kh8e3R
pp. 1–6. [206] Deutsche Telekom M2M. Last accessed: December 12, 2018. [Online].
[181] Q. Xu, K. M. M. Aung, Y. Zhu, and K. L. Yong, “A large-scale Available: https://m2m.telekom.com/
object-based active storage platform for data analytics in the internet of [207] Vodafone M2M/IoT Services. Last accessed: December 12, 2018.
things,” in Advanced Multimedia and Ubiquitous Engineering, 2016, [Online]. Available: www.vodafone.com/business/iot
pp. 405–413. [208] M. Westerlund, S. Leminen, and M. Rajahonka, “Designing business
[182] A. J. J. Valera, M. A. Zamora, and A. F. Skarmeta, “An architecture models for the internet of things,” Technology Innovation Management
based on internet of things to support mobility and security in medical Review, vol. 4, no. 7, 2014.
[209] T. Keskin and D. Kennedy, “Strategies in smart service systems enabled [234] D. Hopwood, S. Bowe, T. Hornby, and N. Wilcox, “Zcash protocol
multi-sided markets: Business models for the internet of things,” in 48th specification,” Zerocoin Electric Coin Company, Tech. Rep., 2016.
Hawaii International Conference on System sciences (HICSS), 2015, [235] K. Naganuma, M. Yoshino, H. Sato, and T. Suzuki, “Auditable
pp. 1443–1452. zerocoin,” in IEEE European Symposium on Security and Privacy
[210] Internet of Things Companies: The Biggest IoT Directory. Last Workshops (EuroS&PW), 2017, pp. 59–63.
accessed: December 12, 2018. [Online]. Available: http://http: [236] A. Kumar, C. Fischer, S. Tople, and P. Saxena, “A traceability analysis
//www.iot-directory.com/ of monero’s blockchain,” in European Symposium on Research in
[211] Fortinet Reveals “Internet of Things: Connected Home” Survey Computer Security. Springer, 2017, pp. 153–173.
Results. Last accessed: December 12, 2018. [Online]. Available: [237] S. Noether, A. Mackenzie et al., “Ring confidential transactions,”
http://www.fortinet.com/press_releases/2014/internet-ofthings.html Ledger, vol. 1, pp. 1–18, 2016.
[212] C. Perera, R. Ranjan, L. Wang, S. U. Khan, and A. Y. Zomaya, “Big [238] H. Kopp, D. Mödinger, F. Hauck, F. Kargl, and C. Bösch, “Design of a
data privacy in the internet of things era,” IT Professional, vol. 17, privacy-preserving decentralized file storage with financial incentives,”
no. 3, pp. 32–39, 2015. in IEEE European Symposium on Security and Privacy Workshops
[213] L. Xu, N. Shah, L. Chen, N. Diallo, Z. Gao, Y. Lu, and W. Shi, (EuroS&PW), 2017, pp. 14–22.
“Enabling the sharing economy: Privacy respecting contract based on [239] G. Maxwell, “Coinjoin: Bitcoin privacy for the real world,” in Post on
public blockchain,” in Proc. of the ACM Workshop on Blockchain, Bitcoin forum, 2013.
Cryptocurrencies and Contracts, 2017, pp. 15–21. [240] T. Ruffing, P. Moreno-Sanchez, and A. Kate, “Coinshuffle: Practical
[214] M. Samaniego and R. Deters, “Using blockchain to push software- decentralized coin mixing for bitcoin,” in European Symposium on
defined iot components onto edge hosts,” in Proceedings of the Inter- Research in Computer Security, 2014, pp. 345–364.
national Conference on Big Data and Advanced Wireless Technologies. [241] J. Bonneau, A. Narayanan, A. Miller, J. Clark, J. A. Kroll, and E. W.
ACM, 2016, p. 58. Felten, “Mixcoin: Anonymity for bitcoin with accountable mixes,”
[215] Z. Nehaï and G. Guerard, “Integration of the blockchain in a smart in International Conference on Financial Cryptography and Data
grid model,” in The 14th International Conference of Young Scientists Security, 2014, pp. 486–504.
on Energy Issues (CYSENI) 2017, pp. 127–134. [242] M. Möser and R. Böhme, “Anonymous alone? measuring bitcoin’s
[216] E. Münsing, J. Mather, and S. Moura, “Blockchains for decentralized second-generation anonymization techniques,” in IEEE European Sym-
optimization of energy resources in microgrid networks,” in Control posium on Security and Privacy Workshops (EuroS&PW), 2017, pp.
Technology and Applications (CCTA), 2017 IEEE Conference on. 32–41.
IEEE, 2017, pp. 2164–2171. [243] Ethereum light client protocol. Last accessed: December 12,
[217] Dajie Ltd. website. Last accessed: December 12, 2018. [Online]. 2018. [Online]. Available: https://github.com/ethereum/wiki/wiki/
Available: www.dajie.eu Light-client-protocol
[218] Y. Lewenberg, Y. Sompolinsky, and A. Zohar, “Inclusive block chain [244] Segregated witness benefits. Last accessed: December 12, 2018. [On-
protocols,” in International Conference on Financial Cryptography and line]. Available: https://bitcoincore.org/en/2016/01/26/segwit-benefits/
Data Security, 2015, pp. 528–547. [245] Raiden network: Fast, cheap, scalable token transfers for ethereum.
[219] Y. Sompolinsky and A. Zohar, “Secure high-rate transaction processing Last accessed: December 12, 2018. [Online]. Available: https:
in bitcoin,” in International Conference on Financial Cryptography and //raiden.network
Data Security. Springer, 2015, pp. 507–527. [246] Swarm documentation. Last accessed: December 12, 2018. [Online].
[220] Y. Sompolinsky, Y. Lewenberg, and A. Zohar, “Spectre: A fast and Available: https://swarm-guide.readthedocs.io
scalable cryptocurrency protocol.” IACR Cryptology ePrint Archive, [247] J. Kwon and E. Buchman, “Cosmos: A network of distributed ledgers,”
vol. 2016, p. 1159, 2016. Cosmos, Tech. Rep.
[221] S. Popov, “The tangle,” IOTA, Tech. Rep., 2017. [248] A. Dorri, S. S. Kanhere, and R. Jurdak, “MOF-BC: A memory
[222] A. Churyumov, “Byteball: A decentralized system for storage and optimized and flexible blockchain for large scale networks,” CoRR,
transfer of value,” Byteball, Tech. Rep., 2017. vol. abs/1801.04416, 2018.
[223] N. Narula. (2017) Cryptographic vulnerabilities in IOTA. Last [249] J. Vermeulen. Bitcoin and Ethereum vs Visa and PayPal: Transactions
accessed: December 12, 2018. [Online]. Available: https://goo.gl/ per second. Last accessed: December 12, 2018. [Online]. Available:
jFKYPp https://goo.gl/31yXJ0
[224] F. R. Yu, J. Liu, Y. He, P. Si, and Y. Zhang, “Virtualization for [250] A. Kiayias and G. Panagiotakos, “Speed-security tradeoffs in
distributed ledger technology (vdlt),” IEEE Access, vol. 6, pp. 25 019– blockchain protocols.” IACR Cryptology ePrint Archive, vol. 2015, p.
25 028, 2018. 1019, 2015.
[225] K. Croman, C. Decker, I. Eyal, A. E. Gencer, A. Juels, A. Kosba, [251] V. K. Gurbani, V. Hilt, I. Rimac, M. Tomsu, and E. Marocco, “A survey
A. Miller, P. Saxena, E. Shi, E. G. Sirer et al., “On scaling decentralized of research on the application-layer traffic optimization problem and the
blockchains,” in International Conference on Financial Cryptography need for layer cooperation,” IEEE Communications Magazine, vol. 47,
and Data Security, 2016, pp. 106–125. no. 8, 2009.
[226] Ethereum transaction chart. Last accessed: December 12, 2018. [252] A. Akhunzada, E. Ahmed, A. Gani, M. K. Khan, M. Imran, and
[Online]. Available: https://etherscan.io/chart/tx S. Guizani, “Securing software defined networks: taxonomy, require-
[227] J. Herrera-Joancomartí, “Research and challenges on bitcoin ments, and open issues,” IEEE Communications Magazine, vol. 53,
anonymity,” in Data Privacy Management, Autonomous Spontaneous no. 4, pp. 36–44, 2015.
Security, and Security Assurance, 2015, pp. 3–16. [253] P. K. Sharma, S. Singh, Y.-S. Jeong, and J. H. Park, “Distblocknet: a
[228] S. Meiklejohn, M. Pomarole, G. Jordan, K. Levchenko, D. McCoy, distributed blockchains-based secure sdn architecture for iot networks,”
G. M. Voelker, and S. Savage, “A fistful of bitcoins: characterizing IEEE Communications Magazine, vol. 55, no. 9, pp. 78–85, 2017.
payments among men with no names,” in Proc. of the Internet [254] C. Xu, K. Wang, G. Xu, P. Li, S. Guo, and J. Luo, “Making big data
Measurement Conference, 2013, pp. 127–140. open in collaborative edges: a blockchain-based framework with re-
[229] J. Barcelo, “User privacy in the public bitcoin blockchain,” duced resource requirements,” in 2018 IEEE International Conference
2014, last accessed: December 12, 2018. [Online]. Available: on Communications (ICC). IEEE, 2018, pp. 1–6.
https://goo.gl/mN2y6V
[230] S. Feld, M. Schönfeld, and M. Werner, “Analyzing the deployment
of bitcoin’s p2p network under an as-level perspective,” Procedia
Computer Science, vol. 32, pp. 1121–1126, 2014.
[231] P. Koshy, D. Koshy, and P. McDaniel, “An analysis of anonymity
in bitcoin using p2p network traffic,” in International Conference on
Financial Cryptography and Data Security, 2014, pp. 469–485.
[232] I. Miers, C. Garman, M. Green, and A. D. Rubin, “Zerocoin: Anony-
mous distributed e-cash from bitcoin,” in IEEE Symposium on Security
and Privacy (SP), 2013, pp. 397–411.
[233] E. B. Sasson, A. Chiesa, C. Garman, M. Green, I. Miers, E. Tromer,
and M. Virza, “Zerocash: Decentralized anonymous payments from
bitcoin,” in IEEE Symposium onSecurity and Privacy (SP), 2014, pp.
459–474.
Muhammad Salek Ali was awarded a B.Eng. Fabio Antonelli is head of OpenIoT Research unit
in Electrical (Telecommunications) Engineering in (Open Platforms and Enabling Technologies for the
2012 from the National University of Sciences and Internet of Things) at FBK CREATE-NET, Trento,
Technology, Pakistan, and an MSc in Data Commu- Italy. With a Master’s Degree in Electronics Engi-
nication Networks in 2015 from Aston University, neering at Politecnico di Milano, Milan, Italy he
UK. He is currently pursuing his PhD in Electronics, worked for more than 15 years in the telco sector
Telecommunications and Information Technologies (within Alcatel and Telecom Italia groups) gain-
from the University of Bologna, while conducting ing extensive knowledge in experimental research,
his research in the OpenIoT Research Unit at FBK design, software development and management of
CREATE-NET, Italy. His research interests include ICT projects. More recently, in Fondazione Bruno
blockchains and their applications within the Internet Kessler, his interests have shifted on applied research
of Things, data science and machine learning techniques. in multimedia networking, architectures and platforms for the Internet of
Things, where he has contributed and coordinated applied research activities
in different European research projects in the Future Internet, Multimedia and
Internet of Things domains.
Massimo Vecchio received the M.Sc. degree in

Information Engineering (Magna cum Laude) from
the University of Pisa, Pisa, Italy and the Ph.D.
degree in Computer Science and Engineering (with
Doctor Europaeus mention) from IMT Institute for
Advanced Studies, Lucca, Italy in 2005 and 2009,
respectively. Starting from May 2015, he is an
associate professor at eCampus University, while in
September 2017 he has also joined FBK CREATE-
NET, Trento, Italy to coordinate the research ac-
tivities of the OpenIoT Research Unit. He is the
project coordinator of AGILE (www.agile-iot.eu), a project co-founded by
the Horizon 2020 programme of the European Union. His current research
interests include computational intelligence and soft computing techniques, the
Internet of Things paradigm and effective engineering design and solutions Mubashir Husain Rehmani (M’14-SM’15) re-
for constrained and embedded devices. Regarding his most recent editorial ceived the B.Eng. degree in computer systems en-
activity, he is a member of the editorial board of the Applied Soft Computing gineering from Mehran University of Engineering
journal and of the newborn IEEE Internet of Things Magazine, besides being and Technology, Jamshoro, Pakistan, in 2004, the
the managing editor of the IEEE IoT newsletters. M.S. degree from the University of Paris XI, Paris,
France, in 2008, and the Ph.D. degree from the
University Pierre and Marie Curie, Paris, in 2011.
He is currently working at the Telecommunications
Software and Systems Group (TSSG), Waterford
Institute of Technology (WIT), Waterford, Ireland.
He served for five years as an Assistant Professor at
Miguel Pincheira received his Computer and Infor- COMSATS Institute of Information Technology, Wah Cantt., Pakistan. He is
matics Engineer diploma and his Master in Com- currently an Area Editor of the IEEE Communications Surveys & Tutorials.
puter Science from the University of Bío-Bío, Chile He served for three years (from 2015 to 2017) as an Associate Editor of the
in 2007 and 2011 respectively. He is currently pur- IEEE Communications Surveys & Tutorials. Currently, he serves as Associate
suing a PhD in Information and Communication Editor of IEEE Communications Magazine, Elsevier Journal of Network and
Technology from the University of Trento, working Computer Applications (JNCA), and the Journal of Communications and
in the OpenIoT Research Unit at FBK CREATE- Networks (JCN). He is also serving as a Guest Editor of Elsevier Ad Hoc
NET, Trento, Italy. Previously, he worked as full Networks journal, Elsevier Future Generation Computer Systems journal,
time lecturer and mentor for the students robotics the IEEE Transactions on Industrial Informatics, and Elsevier Pervasive and
group in the Computer Sciences and Information Mobile Computing journal. He has authored/ edited two books published
Technologies Department at University of Bío-Bío, by IGI Global, USA, one book published by CRC Press, USA, and one
Chillán, Chile. His current research interest include blockchain technology book with Wiley, U.K. He received “Best Researcher of the Year 2015 of
and its applications in the Internet of Things domain, embedded systems and COMSATS Wah” award in 2015. He received the certificate of appreciation,
robotics. “Exemplary Editor of the IEEE Communications Surveys & Tutorials for the
year 2015” from the IEEE Communications Society. He received Best Paper
Award from IEEE ComSoc Technical Committee on Communications Systems
Integration and Modeling (CSIM), in IEEE ICC 2017. He consecutively
received research productivity award in 2016-17 and also ranked #1 in all
Engineering disciplines from Pakistan Council for Science and Technology
(PCST), Government of Pakistan. He also received Best Paper Award in 2017
Koustabh Dolui has received his MS degree in from Higher Education Commission (HEC), Government of Pakistan.
Telecommunications Engineering from Politecnico
di Milano, Italy. He is pursuing a PhD in Computer
Science (2018-present) at the imec-DistriNet de-
partment, Katholieke Universiteit Leuven, Belgium.
Previously, he has worked as a research engineer at
FBK-Create-Net in Trento, Italy for the EU H2020
project AGILE. He has published and delivered
talks in multiple conferences since 2013. His current
research interests are focused on scalable data pro-
cessing in multi-tier IoT architectures and distributed
machine learning techniques.

Blockchains in Iot

Uploaded by

Copyright:

Available Formats

Blockchains in Iot

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Blockchains in Iot

Uploaded by

Copyright:

Available Formats

This article has been accepted for publication in a future issue of this journal, but has not been

Applications of Blockchains in the

Block 1 Block 3 Block 3

Public Blockchain Private Blockchain Consortium Blockchain

C. Transactions and Digital Signatures D. Types of Blockchains

validator is chosen. In proof of stake, a validator is selected in B. Permissioned Blockchains

Furthermore, the cost added to making new transactions TABLE III

non-sensitive information separately, thus providing varying

Proposed Architectures Main Feature Trustlessness Ensured By

General Areas for IoT Security

within transactions, so IoT devices can receive updates in a based PKI.

Mechanisms/Frameworks Main Identity Management Technique Anonymity

Framework/Mechanism Heterogeneity Integrity Architecture Storage

Framework/Mechanism Heterogeneity Integrity Architecture Storage

for the IoT. [86] is a multi-tiered cloud-blockchain hybrid 26 https://www.datum.org

Type of vendor/provider Vendor name

The OPF is meant to perform scheduling for energy transfers, A. BlockDAG

XI. A LTERNATIVE A PPROACHES T OWARDS

To achieve scalability and higher throughput in application New

than conventional signatures in blockchain transactions. This

Research Direction Description

Trust Security Identity Data IoT

of the IoT mentioned in this survey is sufficiently addressed by XIV. C ONCLUSIONS

Massimo Vecchio received the M.Sc. degree in

You might also like