Today “Smart Things” are omnipresent. The Internet-of-Things is proliferating in many areas of life: home, health, city, government, agriculture, automotive, etc. is going to become truly massive with Gartner Inc expecting 20.4 billion connected devices by 2020. Unfortunately though, rising with the number of devices, is their security concern and potential for damage.
Traditional Security Systems
IoT is a giant system of differing devices connected by mixed, heterogeneous networks. Individual devices often have some security, but no current solution addresses the full end-to-end security across entire systems. If secured at all, to date most IoT security systems follow a client-server architecture, which struggles when the number of devices within the system becomes huge.
- One of the key problems with IoT from a security perspective is scale. If the central authority gets overloaded with authentication requests, and fails, everything fails.
- The other concern for security within an IoT ecosystem is the number of vulnerable points. With every device being a threat entity, a vulnerable entry point, imagine what happens, when tens of thousands of internet-connected devices are added to a corporate network? The result is increased potential vulnerability.
In such a scenario, a security model which is peer trust-based and doesn’t rely on a central authority will mitigate the difficulties of scaling authentication across even the largest IoT environments. In this newer model, the responsibility for authentication is moved from the center to the edge of the network.
SmartAxiom’s IoT Management & Security Solution
SmartAxiom’s innovative management and security solution combines the robustness of blockchain technology with the power of IBM Analytics to protect IoT networks from the edge to the cloud. By moving the responsibility for authentication from the center to the edge of the network, SmartAxiom’s solution massively mitigates the difficulties of scaling authentication across even the largest IoT environments. The three main business benefits achieved are:
- Avoids potentially multi-million-dollar losses by reducing the risk of costly downtime
- Reduces cloud costs by moving authentication services to the edge of the network
- 30% reduction in development time with 20% greater database throughput.
Blockchain
The blockchain is the popular core technology behind cryptocurrencies such as Bitcoin and Etherium. But it also has the potential to provide a robust, decentralized security architecture for the IoT.
In IoT, blockchain supports a decentralized security model through a distributed, open ledger and the authentication responsibility stays on edge ‘miners’. Unlike a traditional security model where all the security and transaction history is stored, updated, and accessed from a central location, in this peer-to-peer model every node keeps the record, making it nigh impossible to make any unauthorized changes.
Features and benefits:
- SmartAxiom’s blockchain solution is decentralized, with a majority consensus of local nodes approving the presence of devices and their transactions. This local edge processing yields fast response times and reliability through redundancy.
- SmartAxiom’s end-to-end security implementation uses hardware based cryptography to authenticate and identify participating nodes, and allow them to securely add transactions to the ledger. Transactions are verified and confirmed by other nodes participating in the network, thus eliminating the need for a central authority and its single point of failure.
- The digital ledger, which records all the digital transactions, is visible to all participants of the network. This promotes transparency, thereby reducing mistrust, confusion and time spent in back-and-forth information collection.
- The ledger is tamper proof. Malicious actors cannot manipulate it because the transactional record doesn’t exist in a single location and every note/participant has the same transactional record as others.
- Blockchain provides protection from man-in-the-middle attacks because no single thread of communication can be intercepted.
- The ledger can only have new entries in it. Deleting or updating previous transactional records is almost impossible.
The decentralized nature of SmartAxiom’s solution means that even if one device is attacked and compromised, the problem will not spread across the network. The other nodes will recognize that the affected device has been tampered with and will isolate it to prevent further damage. IT teams can then work to fix the problem, without needing to take the entire IoT solution offline.
IBM’s Informix and SmartAxiom’s Blockchain
With IBM’s impressive work in blockchain (via its contributions to the Hyperledger project), the SmartAxiom team saw IBM as an ideal partner to help it build the technology required to get their innovative idea to market. The SmartAxiom IoT management and security solution involves deploying gateway devices that sit between the IoT devices at the edge of the network, and the cloud servers at the center. Their blockchain includes three separate ledgers: one for the IoT devices, one for the gateways themselves, and one for the cloud. The data processing can happen on the gateways, instead of relying on powerful central servers.
Almost by definition, IoT devices must be small and affordable – yet robust enough for harsh environments like industrial facilities. At the same time, the processing and memory capacity of such devices is limited, so the software running on them needs to be very efficient. That’s why SmartAxiom collaborated with IBM to use IBM’s Informix as the database platform on these embedded systems.
The SmartAxiom founder & CEO, Amit Biyani, found IBM Informix to be almost perfectly designed for IoT use cases.
- The database is optimized to handle time-series data, which is vital to sequence the incoming streams of events from several devices and is used to increase system security.
- It is column-oriented, that makes it quick to query and verify the data.
- The automatic data compression facility makes it very resource-efficient on embedded systems.
- The built-in encryption helps to protect the data at rest.
- Its strong replication capabilities make it easy to keep the data in sync between nodes throughout the network.
“With Informix, SmartAxiom’s embedded systems run 20 percent faster while using 25 percent less memory than the alternative databases we tested” said Gunjan Karun, SmartAxiom Head of Global Product Development. “IBM Informix provided a solid platform for our offering, while reducing its time-to-market, cutting the development time by 30 percent.”
Jonathan Braniff, Global Strategist and Head of Business Development is confident for a future where businesses will be using tens of thousands of IoT sensors to monitor their operations and in the process, generate terabytes of data per day. With SmartAxiom’s IoT management and security solution, this data can be captured and stored securely across a mesh of low-cost gateway devices where the load is evenly distributed, thereby avoiding a single point of failure. Furthermore, their IoT smart contracts can filter out the most meaningful data for storage and big data analytics in enterprise IBM solutions.
Looking Ahead
SmartAxiom’s blockchain based decentralized, end-to-end IoT management and security solution has a comprehensive value proposition. By offering security at various levels within an IoT landscape, the company is making IoT safer for organizations, while the use of IBM Informix makes the data processing on the edge of the network secure, efficient and reliable. SmartAxiom and IBM together are turning the promises of IoT into a reality.