Blockchain

Dr. David Kravitz (inventor of the Digital Signature Algorithm – DSA – as well as TrustCentral’s innovative technology) authored the recently published IEEE paper entitled: “Transaction Immutability and Reputation Traceability: Blockchain as a Platform for Access-controlled IoT and Human Interactivity.” In this paper Dr. Kravitz makes the case for the importance of this datum: “Trusted transactions require trusted provenance (origin)”. Yes, “garbage in, garbage out” can even apply to blockchain. One should consider this: how valuable are IoT data records that may not be trustworthy?

To achieve trustworthiness of IoT data for blockchain recordation, in his IEEE paper Dr. Kravitz relies on technology that he designed for TrustCentral (e.g. an “Inviter-Invitee” protocol, “communication lines” between endpoints; Trustworthiness and Reputation metrics; etc.). This IEEE paper cites TrustCentral patents and includes five figures from a TrustCentral patent. One conclusion in the paper is:

“Credible reputation lies at the core of users and devices

communicating and transacting successfully . . .

[a methodology] that has considerable implications relative

to addressing the reputation issue . . .

[is] IoT and human interaction that is securely facilitated

through use of an ‘Inviter-Invitee’ protocol to set up

dedicated maintainable ‘communication lines’”.

Smart Cities may benefit from this technology as well:

“If a blockchain platform is to realistically fulfill the promise

of cutting across silos in order to provide true advances in

management of the varied supply chains that comprise smart city operations,

such platform must be versatile enough to consolidate across verticals and

handle IoT elements of each such supported vertical.”

Dr. David Kravitz

This copyrighted paper is available for purchase from the IEEE at: https://ieeexplore.ieee.org/document/8476873.

Quoted below (under Fair Use) are the paper’s: Abstract; the first paragraph of its Introduction; and the first paragraph of its Conclusion.

Transaction Immutability and Reputation Traceability:

Blockchain as a Platform for Access-controlled IoT and Human Interactivity

David W. Kravitz

Abstract— Credible reputation lies at the core of users and devices communicating and transacting successfully. Identity fraud is becoming increasingly difficult to manage in the face of massive-scale database breaches. In critical infrastructure and public safety applications, as well as day-to-day personal and business transactions, it is imperative to have a significant degree of confidence in whom/what one communicates with – whether to know if the recipient can be entrusted with the sender’s data, or if the sender’s data is to be considered reliably sourced. Even where possible, lost reputation is substantially more cumbersome, time-consuming and expensive to replace than are compromised, stolen or defective devices and their embedded cryptographic keys. This paper focuses on two methodologies that have considerable implications relative to addressing the reputation issue: (1) blockchain-enabled anomaly detection and assessment that involves dynamically asserted identity at the network edge effected through end-user targeted release of trusted behavioral data; (2) IoT and human interaction that is securely facilitated through use of an “Inviter-Invitee” protocol to set up dedicated maintainable “communication lines.” The judiciously applied combination of the cryptographic protocol suites that enable the two methodologies results in a practicably implementable system for smart city use cases.

Keywords—IoT, blockchain, reputation, identity management, access control, audit, data integrity, entity authentication, identity fraud, impersonation attack, key agreement, digital signature, smart city

INTRODUCTION

The intent of this paper is to lay out major elements of a solution to the problem of accurately assessing trustworthiness as myriad types of devices and humans interact with one another in increasingly automated and consequential exchanges. Despite the attention being focused on exposure via massive database breaches and on attacks against data availability for bitcoin-payable ransom collection, the real killer app may be in assuring or at least detecting attacks against data integrity and in handling impersonation attempts (where the “person” may be a device). We tackle the problem by integrating and expanding upon previous research into machine-to-machine (M2M) and human-to-machine (H2M) access control mechanisms, with a focus on leveraging the immutability, transparency and availability of blockchain transactions in order to gauge, update and apply reputation scoring of individual devices and of humans utilizing devices. Although it can be argued that for meeting the scalability and throughput demands of resource-constrained IoT environments, the main priority is that controllers do not command actuation unless the inputs to associated sensors can be verified as to being appropriately sourced and passing integrity checks, with assurance of confidentiality perhaps being optional – a major premise of this work is that properly and efficiently enabled confidentiality actually enhances the quality of such entity authentication and data integrity evaluation. In particular, the blockchain-enabled live collection and evaluation by authorized entities of otherwise-confidential peer-assessments of performance and expressed indicators of warranted suspicion of anomalies can be an invaluable system remediation tool . . .

CONCLUSION

We have concentrated in this paper on development of a reputation system that is compatible with permissioned blockchains, and indicated how such a system can drive the efficiency and scalability of the blockchain to the point that critical infrastructure highly time-sensitive IoT operations can occur off-chain in real time. In particular, the fact that the disposition of payment for services (and the quality of performance of rendered services) is reflected in updated reputation scores allows services to be performed without waiting for confirmation or reconciliation of payments . . .