In the first part of the interview with Prof. Ahmed Banafa, he gave us some insights into the rise of IoT devices and some of the security threats that come with it. In this second part of the interview, Prof. Banafa will offer some of his views on how the IoT can be secured and which technologies will help in achieving better security.
CSM: In your book, you suggest Blockchain as a solution – wouldn’t a blockchain based solution create a huge amount of data – and wouldn’t that make blockchain unfeasible?
The current centralized architecture of IoT is one of the main reasons for the vulnerability of IoT networks. With billions of devices connected and more to be added, IoT is a big target for cyber-attacks, which makes security extremely important.
Blockchain offers new hope for IoT security for several reasons. First, blockchain is public, everyone participating in the network of nodes of the blockchain network can see the blocks and the transactions stored and approves them, although users can still have private keys to control transactions. Second, blockchain is decentralized, so there is no single authority that can approve the transactions eliminating Single Point of Failure (SPOF) weakness. Third and most importantly, it’s secure—the database can only be extended and previous records cannot be changed.
In the coming years manufactures will recognize the benefits of having blockchain technology embedded in all devices and compete for labels like “Blockchain Certified”
CSM: In your book you point to some interesting applications of Blockchain and IoT in the area of cybersecurity. Can you elaborate?
Since a blockchain system is protected with the help of ledgers and cryptographic keys, attacking and manipulating it becomes extremely difficult. Blockchain decentralizes the systems by distributing ledger data on several systems rather than storing them on one single network. This allows the technology to focus on gathering data rather than worrying about any data being stolen. Thus, decentralization has led to an improved efficiency in blockchain-operated systems.
For a blockchain system to be penetrated, the attacker must intrude into every system on the network to manipulate the data that is stored on the network. The number of systems stored on every network can be in millions. Since domain editing rights are only given to those who require them, the hacker won’t get the right to edit and manipulate the data even after hacking a million of systems. Since such manipulation of data on the network has never taken place on the blockchain, it is not an easy task for any attacker.
While we store our data on a blockchain system, the threat of a possible hack gets eliminated. Every time our data is stored or inserted into blockchain ledgers, a new block is created. This block further stores a key that is cryptographically created. This key becomes the unlocking key for the next record that is to be stored onto the ledger. In this manner, the data is extremely secure.
Furthermore, the hashing feature of blockchain technology is one of its underlying qualities that makes it such a prominent technology. Using cryptography and the hashing algorithm, blockchain technology converts the data stored in our ledgers. This hash encrypts the data and stores it in such a language that the data can only be decrypted using keys stored in the systems. Other than cybersecurity, blockchain has many applications in several fields that help in maintaining and securing data. The fields where this technology is already showing its ability are finance, supply chain management, and blockchain-enabled smart contracts.
CSM: You also introduce the concept of Fog computing, To quote: “Once a sensor alert is received from a control system, you must react to it, meter it and bill for it instantly, all of which negates the viability of a centralized transactional authority.” – why is that not possible with a centralized authority?
This is what Fog/Edge Computing will do when deployed near the sites of action.
Fog computing is a technology that distributed the load of processing and moved it closer to the edge of the network (sensors in case of IoT). The benefits of using fog computing are very attractive to IoT solution providers. Some of these benefits allow users minimize latency, conserve network bandwidth, operate reliably with quick decisions, collect and secure a wide range of data, and move data to the best place for processing with better analysis and insights of local data.
CSM: Talking about the concept of “fog computing” – will this mean the end of traditional client/server architecture or will both exist alongside?
Both will exist, its like the local government (fog) and the federal government (cloud), we need both.
CSM: The Internet of Things can be considered as the “next big thing” in the IT industry – will we see the rise of a new Google/Facebook?
Its too big to be controlled by one company, remember that IoT consists of 4 elements: Sensors, Networks/Communications, Cloud Analytics and AI, Applications. We could see one big name in each one of the four elements.
CSM: What will your next book be about, can you tell us a bit about what to expect?
My next book will be about “Blockchain Technology and Applications “ , this is the summary of the book contents:
Blockchain is an emerging technology that can radically improve security in transaction networks, it provides the basis for a dynamic distributed ledger that can be applied to save time when recording transactions between parties, remove costs associated with intermediaries, and reduce risks of fraud and tampering. This book explores the fundamentals and applications of Blockchain technology; the transparent, secure, immutable and distributed database used currently as the underlying technology for Cryptocurrency. Decentralized peer-to-peer network, distributed ledger and the trust model that defines Blockchain technology will be explained. Components of Blockchain, its operations, underlying algorithms, and essentials of trust will be defined. Types of Blockchain networks including private and public Blockchain networks will be introduced. Concepts of smart contracts, proof of work and proof of stack will be clarified. The relationship between Blockchain technology, Internet of Things (IoT), Artificial Intelligence (AI), Cybersecurity and Digital Transformation will be explored in this book. Myths about Blockchain will be exposed and a look at the future of Blockchain will be presented.
Prof. Ahmed Banafa
Prof. Ahmed Banafa has extensive research work with focus on IoT, Blockchain, cybersecurity and AI. He served as a faculty at well-known universities and colleges.
He is the recipient of several awards, including Distinguished Tenured Staff Award, Instructor of the year and Certificate of Honor from the City and County of San Francisco.
He was named as No.1 tech voice to follow by LinkedIn (with 38k+ followers ), featured in Forbes, IEEE-IoT and MIT Technology Review, with frequent appearances on ABC, CBS, NBC, BBC and Fox TV and Radio stations.
He studied Electrical Engineering at Lehigh University, Cybersecurity at Harvard University, and Digital Transformation at MIT.