IEEE Press Editorial Board
Ekram Hossain, Editor in Chief
Giancarlo Fortino | Andreas Molisch | Linda Shafer |
David Alan Grier | Saeid Nahavandi | Mohammad Shahidehpour |
Donald Heirman | Ray Perez | Sarah Spurgeon |
Xiaoou Li | Jeffrey Reed | Ahmet Murat Tekalp |
Edited by
Sachin S. Shetty
Charles A. Kamhoua
Laurent L. Njilla
Copyright © 2019 the IEEE Computer Society, Inc. All rights reserved.
Published by John Wiley & Sons, Inc., Hoboken, New Jersey.
Published simultaneously in Canada.
No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning, or otherwise, except as permitted under Section 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, Inc., 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 750-4470, or on the web at www.copyright.com. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permission.
Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the publisher nor author shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.
For general information on our other products and services or for technical support, please contact our Customer Care Department within the United States at (800) 762-2974, outside the United States at (317) 572-3993 or fax (317) 572-4002.
Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic formats. For more information about Wiley products, visit our web site at www.wiley.com.
Library of Congress Cataloging-in-Publication Data is available.
ISBN: 978-1-119-51960-7
The success of the United States Department of Defense (DoD) in the future battlefield will hinge on the ability to protect the cyber infrastructure from loss of personal identifiable information, tampering of sensitive data, and interruption of services. Although all cyber risks are critical and need to be addressed, issues related to data integrity are most acute, as data tampering can have a huge impact on mission critical services that depend upon reliable data. The current cyber defense solutions are unable to combat data breaches effectively and are typically reactive in nature, and cannot keep up with the exponentially increasing cyber threats. Cyber defense solutions should be able to protect data despite attempts by adversaries to derail their effectiveness.
There is a pressing need for a paradigm shift in the development of next generation cyber defense strategies. Blockchain is an emerging technology that could address cyber security challenges, such as identity management and data provenance for distributed systems. Blockchain technology provides several advantages in building resilient cyber defense solutions. First, blockchains are shared, distributed, and fault-tolerant databases that every participant in the network can share, but no entity can control, and is resilient to single point of failure. Second, data integrity is ensured as tampering of blockchains is extremely challenging due to the use of a cryptographic data structure and lack of reliance on secrets. Third, blockchains assume the presence of adversaries in the network, making compromise by adversaries significantly expensive. Blockchain solutions for cyber security could represent a paradigm shift in how data manipulation will be defended by creating a trusted system in a trustless environment. Cloud, the Internet of Things (IoT), and the Internet of Battlefield Things (IoBT) are being used as distributed platforms. However, these platforms are plagued by numerous vulnerabilities that allow adversaries to gain access to sensitive information and disrupt services. A blockchain-empowered security platform will ensure the integrity of the data exchanged in these systems and reduce risks from data breach attacks.
Under the 2018 National Defense Authorization Act, the DoD will conduct a comprehensive study of blockchain, particularly in the context of cybersecurity. There have been DoD investments (research grants, SBIR/STTR awards, etc.) in the investigation of blockchain for secure message delivery in tactical scenarios, additive manufacturing, and the protection of supply chains. On the flip side, there is growing concern that malware or other illicit content, once introduced into a blockchain, would be very hard to remove. There is also growing concern about the threat to blockchain posed by quantum computing.
The focus of the book is on providing blockchain-based solutions to distributed systems to ensure a resilient and reliable cyberinfrastructure for operations and missions. Most current books on blockchain only focus on impacts in the financial sector. There is a need for books to understand how the blockchain's impact goes beyond cryptocurrency, and to address security and privacy issues in cloud and IoT/IoBT platforms. The topics in the book provide blockchain-empowered solutions to protect cloud and IoT/IoBT platforms. The book also presents security challenges that must be addressed for blockchain technologies to reach their full potential.
Dr. Ananthram Swami
Senior Research Scientist (ST) for Network Science,
ARL Fellow, IEEE Fellow
US Army Research Laboratory, Adelphi, MD
Cyberattacks have increasingly targeted commercial, government, and military enterprises with the goal to steal sensitive information and/or disrupt service. There is an urgent need for cyber defense solutions to ensure traceable and tamper-evident accountability and auditability of command and control, logistics, and other critical mission data as future operations will involve the convergence of multiple domains and a heavily contested cyberspace. Thus, the emphasis needs to be on cyber defense solutions that can ensure resilient operation during adversarial attempts to thwart normal operation. The existing cyber defense solutions are reactive and are not able to combat the impact of the exponential rise in cyber threats. Centralized or homogenous information assurance systems and databases must evolve to possess distributed, disintermediated, and secure capabilities.
The cyber warfare strategy will come down to the ability to conduct operations on data in a secure and trusted environment. In order to win the cyber warfare, the military needs to protect data operations by (i) preventing adversarial access to networks housing critical data, (ii) ensuring the integrity of data despite the presence of the adversary on the network, and (iii) being resilient to the adversary's efforts to manipulate data. At the same time, the emergence of cloud and the Internet of Things to support on-demand computing, dynamic provisioning, and management of autonomous systems has increased the need to improve their security. Security assurance of intracloud and intercloud data management and transfer is a key issue. Cloud auditing can only be effective if all operations on the data can be tracked reliably. Assured provenance data can help detect access violations within the cloud computing infrastructure. The Internet of Things (IoT) in the military context interconnects warfighting resources, such as sensors, munitions, weapons, vehicles, robots, and wearable devices, to perform tasks such as sensing, communicating, acting, and collaborating with human warfighters. The massive scale and distributed nature of IoT devices will create several security and privacy challenges. Firstly, the underlying IoT networking and communication infrastructure needs to be flexible and adaptive to support dynamics military missions. This dynamic change to the communication infrastructure needs to happen in an autonomous fashion without reliance on centralized maintenance services. Second, there is a need to ensure the veracity of the information made available through the IoT devices. There is a need for a trusted platform to ensure the information consumed by the human warfighters are accurate.
Blockchain and distributed ledger technologies as a whole demonstrate the potential of a truly distributed and disintermediated mechanism for accountability and auditability. Blockchains are shared, distributed, and fault-tolerant databases that every participant in the network can share, but no entity can control. Blockchains assume the presence of adversaries in the network and nullify adversarial strategies by harnessing the computational capabilities of the honest nodes, and the information exchanged is resilient to manipulation and destruction. This ability allows leaders to continue military operations despite adversarial attempts to cause disruption. Blockchain solutions for cyber security will represent a paradigm shift in how data manipulation will be defended. Blockchain has the ability to create a trusted system in a trustless environment.
Tampering of blockchains is extremely challenging due to the use of a cryptographic data structure and no reliability of secrets. Blockchain has the potential to enhance cyber defense with its ability to prevent unauthorized actions through distributed consensus mechanisms and provision of data integrity through its immutability, auditability, and operational resilience (ability to withstand a single point of failure) mechanisms. Though blockchain is not a panacea for all cyber security challenges, the technology does have the ability to help organizations tackle cyber security risk issues such as identity management, provenance, and data integrity.
The focus of the book is on providing blockchain-based solutions to distributed systems to ensure a resilient and reliable cyberinfrastructure for operations and missions. There is a need to understand how blockchain's impact goes beyond cryptocurrency and can address distributed security and privacy issues in cloud and IoT platforms. The topics in the book describe the properties underlying formal foundations of blockchain technologies and practical issues for deployment in cloud and IoT platforms. In addition, the book also presents security and privacy issues that must be solved for blockchain technologies to reach full potential. Three book chapters (Chapters 4,5, and 8) are based on research articles that were voted as Top Blockchain papers at the 2019 Blockchain Connect Conference.1
This material is based on research sponsored by the Air Force Research Laboratory (AFRL) under agreement number FA8750-16-0301, and we would like to thank AFRL for their financial support, collaboration, and guidance. The US Government is authorized to reproduce and distribute reprints for governmental purposes notwithstanding any copyright notation thereon. The work described in this book was also partially supported by other sources acknowledged in individual chapters.
The editors would like to acknowledge the contributions of the following individuals (in alphabetical order): Abdulhamid Adebayo, Philip Asuquom, Shihan Bao, Yue Cao, Haitham Cruickshank, Ali Dorri, Peter Foytik, Arash Golchubian, Y. Thomas Hou, Raja Jurdak, Salil S. Kanhere, Kevin Kwiat, Adriaan Larmuseau, Ao Lei, Jin Li, Xueping Liang, Wenjing Lou, Andrew Miller, Aziz Mohaisen, Mehrdad Nojoumian, DaeHun Nyang, Danda B. Rawat, Muhammad Saad, Devu Manikantan Shila, Jeffrey Spaulding, Marco Steger, Zhili Sun, Deepak Tosh, Yang Xiao, and Ning Zhang. We would like to extend our thanks to Misty Blowers, Jerry Clarke, Jim Perretta, and Val Red for their valuable support and guidance. We would like to thank Paul Ratazzi, Robert Reschly, and Michael Weisman for technical review support. Last, we would like to extend thanks and acknowledgment to Jovina E. Allen, Walter J. Bailey, Sandra B. Fletcher, Lisa M. Lacey, Sandra H. Montoya, Lorri E. Roth, and Jessica D. Schultheis, who helped edit and collect the text into its final form, and to Mary Hatcher and Vishnu Narayanan of Wiley for their kind assistance in guiding this book through the publication process.
Disclaimer: The views and content expressed in this book are those of the authors and do not reflect the official policy or position of the Department of Defense, or the US Government.
Abdulhamid Adebayo
Howard University
Philip Asuquom
University of Surrey
Shihan Bao
University of Surrey
Yue Cao
Northumbria University
Haitham Cruickshank
University of Surrey
Ali Dorri
University of New South Wales
Peter Foytik
Old Dominion University
Arash Golchubian
Florida Atlantic University
Y. Thomas Hou
Virginia Tech
Raja Jurdak
University of New South Wales
Salil S. Kanhere
University of New South Wales
Kevin Kwiat
CAESAR Group
Adriaan Larmuseau
United Technologies Research Center China
Ao Lei
University of Surrey
Jin Li
Guangzhou University, Guangzhou, China
Xueping Liang
Old Dominion University
Wenjing Lou
Virginia Tech
Andrew Miller
University of Illinois at Urbana-Champaign
Aziz Mohaisen
University of Central Florida
Mehrdad Nojoumian
Florida Atlantic University
DaeHun Nyang
Inha University
Danda B. Rawat
Howard University
Muhammad Saad
University of Central Florida
Devu Manikantan Shila
United Technologies Research Center
Jeffrey Spaulding
University of Central Florida
Marco Steger
Virtual Vehicle Research Center, Graz, Styria, Austria
Zhili Sun
University of Surrey
Deepak Tosh
University of Texas at El Paso
Yang Xiao
Virginia Tech
Ning Zhang
Washington University in St. Louis