Empowering GHOST solution with the Ethereum Blockchain
Updated: Nov 16, 2018
GHOST solution depends significantly on the power of the Ethereum blockchain and more specifically in four major axes. The Ethereum blockchain is used in order to store – immutably - and enable fast access to vital data related to security of the user’s data and the system itself. First of all, each user signs a form of consent, using a Smart Contract, and this choice is logged on the Blockchain. In this way, participation to the GHOST solution is only enabled to a person owning a specific wallet. IP Blacklisting is also possible using Smart Contract technology. Malicious IPs are populating this immutable log, stored there by the users and participants of the GHOST solution. IPs are stored and graded according to the severity and frequency of an attack, thus creating a common pool of knowledge, exploited for security purposes by the constituent components. Thirdly, all IoT devices that belong to the GHOST solution should be registered. Registration ensures the avoidance of third party, possibly malicious, devices to enter the system and try obtaining sensitive data, or interact with any component of the system. Registration of the devices is performed using Solidity Smart Contracts on the Blockchain. Addition or removal of devices in thus logged in the common distributed ledger, rendering changes tractable by simply traversing the stored chain. The immutability of this ledger prohibits false registrations or possible poisoning of the register, that otherwise would be possible, especially in traditional centralized Database based solutions. Finally, the last axis concerns software integrity. The integrity of the software installed in IoT devices and Gateways is crucial to the solution, since these devices, especially Gateways, are actively involved in cyber security, through analysis of traffic, assessment of risks, blacklisting of IPs, etc. Integrity of firmware, as well as the GHOST related software, is also ensured through the Blockchain. A digest, computed using a cryptographic hashing algorithm, is stored in the Blockchain. The devices periodically recompute the hash of the installed software and crosscheck with the result stored on the Blockchain, ensuring that no changes have occurred. Possible changes alert the user to take immediate action. The Gateways act as doorways to the Blockchain connecting remotely to a full node or hosting a lite node or even hosting a full node themselves, enabling constituent IoT devices to communicate with the Blockchain. Harnessing the power of the Blockchain, security and tractability is ensured in the GHOST solution.