The document discusses the SOFIE project, which aims to securely federate different IoT platforms using distributed ledger technology. SOFIE will prototype applying blockchains to interconnect diverse IoT systems, provide metadata about platforms, and securely record transactions. It will include pilots involving smart meters, electricity marketplaces, food supply chains, and mixed reality gaming.

1. Horizon 2020 IoT Project SOFIE:
Secure Open Federation of Internet Everywhere
and relevant research
George C. Polyzos
Mobile Multimedia Laboratory
Department of Informatics
School of Information Sciences and Technology
Athens University of Economics and Business
Athens, Greece
polyzos@aueb.gr, https://mm.aueb.gr/
Tel.: +30 210 8203 650, Fax: +30 210 8203 325

2. Outline
● Introduction
◆ Ubiquitous Computing & the Internet of Things
● IoT Challenges
◆ Interoperability, Sustainability, Trust Model, Security, and Privacy
● The role of Blockchains
● SOFIE: Secure Open Federation for Internet Everywhere
◆ Motivation and Rationale
◆ Use-­cases and Trials
◆ 4th Generation Platforms
● Our other IoT research projects
◆ INTER-­IoT/ACHILLES
◆ FIESTA
◆ POINT
■ ICN
● Conclusion and Outlook
● Blockchain-­assisted Information Distribution
polyzos@aueb.gr 2

3. Internet of Things (IoT): Vision & Status
● Blurred boundaries between the cyber and physical worlds!
◆ 2010: # Internet connected devices > Earth’s population
◆ “Connected devices” now include everyday home appliances
■ refrigerators, scales, TVs, …
■ continuously decreasing manufacturing cost of sensors and actuators
■ new protocols for autonomous M2M communication
● Fragmentation & lack of security are the main issues today
● Most IoT: Vertically oriented, closed systems
◆ Silos!
polyzos@aueb.gr 3

4. IoT Challenges
● Interoperability
● Sustainability
● Trust Model
● Security
● Privacy
polyzos@aueb.gr 4

5. The Interoperability Challenge
● well over 300 different Internet of Things (IoT) platforms
● several dozens … standards
● different basic IoT communication protocols will co-­exist
◆ Constrained Application Protocol (CoAP)
◆ Message Queue Telemetry Transport (MQTT)
◆ HTTP
● most of the deployed IoT systems are closed
◆ largely incapable of communicating with other IoT systems
polyzos@aueb.gr 5

6. The Sustainability Challenge
● How often do we change/update…
◆ smartphone?
◆ laptop?
◆ car?
◆ refrigerator?
◆ house electronic infrastructure (security system)?
● Danger of fragmented ecosystems
◆ composed of old and new devices
● In many scenarios Things are “deployed and forgotten”
◆ sensors installed during the construction of a building
◆ bio-­signal detection inside the body of a patient or of a wild animal
polyzos@aueb.gr 6

7. The Trust Model Challenge
● IoT’s biggest breakthrough/vision:
seamless, “unattended” interaction
between the cyber and the physical worlds
● A new trust model is needed to enable the interaction of
all devices with little human intervention
● We need novel mechanisms for
◆ transactions
◆ compensation
◆ accountability
polyzos@aueb.gr 7

8. The Security Challenge
● Existing security solutions cannot be directly applied to Things
◆ Things are resource limited
■ no computational power for complex cryptographic operations
◆ Things often (physically) exposed to malicious users.
◆ Not always feasible to (remotely) connect to a Thing
● Things important/sensitive
◆ can collect sensitive and personal information
◆ may control critical aspects of our daily life
● Actuators, not only sensors
◆ security even more critical… safety
polyzos@aueb.gr 8

9. The Privacy Challenge
● Things can collect personal and sensitive information
◆ which may control critical aspects of our life
◆ or the information obtained may impact our life
● Information from the IoT
◆ can have significant context
◆ be highly correlated…
● Because of the pervasive and invisible aspects of the IoT
◆ information may be collected for a long time before it becomes
known (and its impact felt)
polyzos@aueb.gr 9

10. Blockchains and Smart Contracts:
part of the solution…
● Blockchain: “A distributed append-­only ledger of
transactions maintained by a number of (untrusted)
Miners organized in a (distributed) network”
◆ Distributed Ledger Technologies (DLTs)
● Smart contracts
◆ Built on DLTs
◆ Autonomous applications with pre-­defined inputs and outputs
… that can be executed by a miner in a deterministic way
◆ Any user can invoke a smart contract, the outcome of which is
recorded as a transaction in the blockchain
polyzos@aueb.gr 10

11. Blockchains enable novel security mechanisms
● No centralized trusted entity (control)
● No single point of failure
Blockchains
● Prevent censorship
● Transparent, Scalable (?)
● Facilitate accountability
● Facilitate the interaction of nodes not mutually trusted
polyzos@aueb.gr 11

12. Blockchains contribute to system sustainability
● resistant against cyber attacks, secure
● many critical operations of an IoT system can be
delegated to or realized with blockchains
◆ using smart contracts
● end-­points can be “dumb”
● inter-­ledger technology can provide long-­term
sustainability across DLTs
polyzos@aueb.gr 12

13. Blockchains enable new Trust Models
● Blockchains are built around transactions
● The mapping of blockchain’s digital coin to the
physical world is application specific:
◆ Real money
◆ Domain name
◆ Actuation
◆ Transfer of electricity
◆ …
polyzos@aueb.gr 13

14. DLTs — Authentication and Access Control
● Access control enforcement can be delegated to third
parties, the “Access control Providers” (ACP)
● The mapping between a content item and the appropriate
ACP can be stored in the blockchain
● Messages can be relayed securely using blockchains
● ACP decisions can be stored in the blockchain
→ facilitates accountability
N. Fotiou, T. Kotsonis, G. F. Marias, G.C. Polyzos, “Access Control for the Internet of Things,” Proc. International
Workshop on Secure Internet of Things, Heraklion, Greece, September 2016.
polyzos@aueb.gr 14

15. DLTs — Accountability
● Record transactions in the blockchain
◆ in order to be valid and actionable
● The blockchain makes sure that the history is not deleted
◆ users can be held accountable for their actions
● … Non-­repudiation
polyzos@aueb.gr 15

16. SOFIE:
Secure Open Federation of Internet Everywhere
● Applying Distributed Ledger Technology (DLT)
◆ e.g. blockchains
● to securely and openly federate IoT platforms
● with interconnected distributed ledgers to
◆ build decentralized business platforms
◆ support the interconnection of diverse IoT systems
◆ provide openly accessible metadata about platforms
◆ define business rules on how to connect to platforms
◆ securely record audit trails to be used to resolve disputes
polyzos@aueb.gr 16

17. SOFIE: Overall Concept and Key Ideas
polyzos@aueb.gr 17

18. SOFIE
● The concept will be
prototyped and studied in
an EU Horizon 2020 funded
project
◆ 1/1/2018 – 31/12/2020
◆ €4.5M
● Partners
◆ Aalto University, Ericsson, Rovio (Finland)
◆ Guardtime (Estonia)
◆ AUEB, Synelixis, Optimum (Greece)
◆ Eng, Asm Terni Spa, Emotion Srl (Italy)
polyzos@aueb.gr 18

19. SOFIE’s Federation Architecture
IoT
Network
Stored
Data
Abstraction
Services/API
Federation
Adapter
IoT
Network
Stored
Data
Abstraction
Services/API
Federation
Adapter
Existing
“closed”
IoT
Platforms
IoT
Network
Stored
Data
Abstraction
Services/API
Federation
Adapter
Federation
Adapter
Existing
“open”
IoT
Platforms
(e.g.
FIWARE)
Inter-­‐ledger
transactions
Layer
Guardtime
KSI
Ethereum
Hyper-­‐Ledger
Fabric
.
.
.Semantic
Representation
Secure
Actuation
SOFIE
Federation
Framework
Legacy
IoT
Application
SOFIE
IoT
Application
Hybrid
IoT
Application
.
.
.
Hybrid
IoT
Application
SOFIE
Component Existing
DLT Existing
IoT
Platform
polyzos@aueb.gr 19

20. SOFIE’s Decentralized Management System
using Blockchains
polyzos@aueb.gr 20

21. SOFIE’s Energy I Pilot:
Smart Meters (Estonia)
polyzos@aueb.gr 21

22. SOFIE’s Energy II Pilot:
Electricity Marketplace (Italy)
polyzos@aueb.gr 22

23. SOFIE’s Food-­Chain Pilot
polyzos@aueb.gr 23

24. SOFIE’s Mixed-­Reality Gaming Pilot
polyzos@aueb.gr 24

25. Horizon 2020
INTER-­IoT/ACHILLES: Access Control and autHenticatIon
deLegation for interoperabLE IoT applicationS
polyzos@aueb.gr 25
ØInteroperability
ØAPI
ØLink-­layer
ØIoT Platforms
ACHILLES
ØAccess control
ØAuthentication
ØEncryption
ØPrivacy
Key features
üLightweight
üBusiness oriented
üIntegratable
üOpen source
CoAP

26. Horizon 2020
POINT: IP Over ICN -­ The Better IP?
● Project
◆ Running: 1/1/2015-­28/2/2018
◆ Partners:
Ø
Aalto U (co-­ordinator), ELL-­i (FI)
Ø
CTVC Ltd, Interdigital, U Essex (UK)
Ø
Intracom Telecom, AUEB (GR)
Ø
RWTH Aachen (DE)
Ø
Primetel (CY)
● Concept
◆ Premise: IP apps can do better over ICN
■ Need to define what “better” means
◆ Better utilisation in HTTP streaming scenarios
◆ Better privacy of personal data and metadata
◆ Better management of virtual network paths
◆ Better content distribution
● IoT Component
◆ CoAP (over UDP/IP -­ NAP/ICN)
◆ CoAP over ICN
26
● Focus
◆ 1 provider
◆ UE: no required changes
◆ ICN used internally in ISP’s net
◆ ICN can be exposed to UE
polyzos@aueb.gr

27. POINT IoT Demo at ACM ICN 2017
CoAP enables novel applications & paradigms
Asynchronous communication
(CoAP delayed responses)
Publish-­subscribe (CoAP observe)
Multicast (CoAP group communication)
ICN natively supports these paradigms
but we cannot assume ICN everywhere
An ISP deploys ICN
specialized Network Attachment Points (NAPs) translate
legacy protocols into ICN messages
polyzos@aueb.gr 27
ICN enabling CoAP Extensions for IP based IoT devices
ACM ICN 2017 Best Demo Award

28. Conclusions
● Blockchains will be critical enablers for the IoT
◆ they will enable
■ unattended operation – the heart of the IoT
through
■ automatic contract enforcement
■ trust between devices with unplanned interactions
■ decentralized payments
● Major challenges remain
◆ performance issues
◆ real-­world events not directly verifiable for smart contracts
◆ sustainability & business issues
◆ blockchains record transactions “in the open”
■ privacy issues
❍ some data can be recorded encrypted
– what?
– how to pass on keys to unplanned future parties?
■ …
polyzos@aueb.gr 28

29. Identification and Trust Management
N. Fotiou and G.C. Polyzos, “Decentralized name-­based security for content distribution using blockchains,”
Proc. IEEE INFOCOM Workshops, San Francisco, CA, April 2016.
polyzos@aueb.gr 29

30. Blockchain-­assisted Information Distribution
polyzos@aueb.gr 30
● The getaway can sign information on behalf of the thing
◆ and perhaps store it in the blockchain
● The corresponding public key can also be on the blockchain

31. Provenance Verification & Information Tracking
polyzos@aueb.gr 31

32. Provenance Verification & Information Tracking
Smart contract:
-­ input: authorized user identities
-­ output: payment receipt
polyzos@aueb.gr 32

33. Thank you!
George C. Polyzos
Mobile Multimedia Laboratory
Department of Informatics
School of Information Sciences and Technology
Athens University of Economics and Business
Athens, Greece
http://mm.aueb.gr/
polyzos@aueb.gr

34. Workshop on
Decentralized IoT Security
● Network and Distributed System
Security Symposium
◆ San Diego, CA, USA
◆ February 18-­21, 2018
https://www.ndss-­symposium.org/
● Workshop: 18/02/2018
● Abstract: 01/12/2017
● Paper: 08/12/2017
http://www.ndss-­symposium.org/ndss2018/cfp-­ndss2018-­diss/
● Organizers
■ Carsten Bormann, Universität Bremen
■ Dirk Kutscher, Huawei German Research Center
■ Michael McCool, Intel
■ Pekka Nikander, Aalto University
■ George C. Polyzos, AUEB
■ Thomas C. Schmidt, Hamburg U. of A.Sc.
■ Matthias Wählisch, Freie Universität Berlin
● Enabling secure interoperability across IoT
ecosystems
◆ Applying blockchains and Distributed Ledger
Technology to IoT infrastructure
◆ Security and availability in multi-­tiered IoT edge
networks (“fog computing”)
◆ Peer-­to-­Peer security and privacy (P2P) in IoT
◆ Decentralized trust and rights management,
including access control
◆ Decentralized authentication and access
management at the IoT edge
● Security and privacy in ongoing IoT
standardisation work
● Other topics
◆ Security and privacy trade-­offs related to IoT
scalability and decentralization
◆ Secure Service provisioning and migration in IoT
◆ Sensor and Actuator Key Management and other
Security Protocols
◆ Smart Contracts for IoT, including formal
verification of smart contracts
◆ Usable security for decentralized IoT
polyzos@aueb.gr 34

35. Selected Publications
● Nikos Fotiou et al., “ICN enabling CoAP Extensions for IP based IoT devices,” Proc. ACM ICN, Berlin,
Germany, September 2017 (Best Demo Award).
● G.C. Polyzos & N. Fotiou, “Blockchain-­assisted Information Distribution for the Internet of Things,”
Proc. Workshop on Information Integration in Cyber Physical Systems w/ IEEE International Conference
on Information Reuse and Integration, San Diego, CA, USA, August 2017.
● N. Fotiou, et al., “Edge-­ICN and its application to the Internet of Things,” Proc. Workshop on
Information-­Centric Fog Computing w/ IFIP TC6 Networking Conference, Stockholm, Sweden, June 2017.
● N. Fotiou & G.C. Polyzos, “Decentralized Name-­based Security for Content Distribution using
Blockchains,” Proc. IEEE INFOCOM Workshops, San Francisco, CA, USA, April 2016.
● G.C. Polyzos & N. Fotiou, “Building a Reliable Internet of Things using Information-­Centric
Networking,” Journal of Reliable Intelligent Environments, Springer, vol. 1, no. 1, July 2015.
● N. Fotiou & G.C. Polyzos, “Enabling NAME-­based security and trust,” Proc. IFIP International
Conference on Trust Management, Hamburg, Germany, May 2015.
● N. Fotiou, G.F. Marias, G.C. Polyzos, “Access Control Enforcement Delegation for Information-­
Centric Networking Architectures,” ACM SIGCOMM Computer Communication Review, October 2012.
● G. Xylomenos et al., “A Survey of Information-­Centric Networking Research” IEEE Communications
Surveys and Tutorials, vol. 16, no. 2, 2014.
polyzos@aueb.gr 35

36. ICN
timeline
polyzos@aueb.gr 36
Van Jacobson
papers/talks projects
“A Survey of Information-­Centric
Networking Research,” IEEE
Communications Surveys and
Tutorials, vol. 16, no. 2, 2014.
CCN

37. polyzos@aueb.gr 37
ICN
Prototype Implementations,Testbeds, & Trials
1. PSIRP Testbed (w/ Blackhawk)
• 6 countries: UK, FI, GR, D, BU, US
• In addition: Belgium during ICT demos
• Tunneled over the public Internet
• +dedicated fiber where available
2. PURSUIT Testbed (w/ Blackadder)
• 25 nodes
• 5 countries: UK, FI, GR, D, US
• Tunneled (VPN) over the public Internet
PURSUIT
PSIRP
3. φSAT Testbed w/ SAT emulation
• Re-­used in SatNEx-­4
4. POINT Testbed, Trials and Demos
IoT Demo: ICN 2017
best demo award
BIO open trial
@ Bristol, UK
trial
@ Cyprus

38. ● PSIRP: Publish Subscribe Internet Routing Paradigm
◆ FP7 ICT STREP, 2008-­2010
■ the basis
■ focus on (inter)-­networking
● PURSUIT: Publish Subscribe Internet Technologies
◆ FP7 ICT STREP, 2010-­2013
■ extending, above & below the Internet layer
■ optical, wireless, mobility, transport…
● Euro-­NF: Anticipating the Network of the Future—From Theory to Design
◆ FP7 ICT Network of Excellence, 2008-­2012
■ ASPECTS, GOVPIMIT, E-­key-­nets
● EIFFEL: Evolved Internet Future For European Leadership
◆ FP7 ICT SSA, 2008-­2010;; Think-­Tank continued
◆ June 2011 TT @ MIT: Information-­Centric Networking
● φSAT: The Role of Satellites in Future Internet Services
◆ European Space Agency funded
◆ 2011-­2013
● I-­CAN: Information-­Centric Future Access Networks
◆ NSRF (Greece), 2014-­2015
● POINT: IP Over ICN-­ The better IP
◆ H2020 ICT STREP, 2015-­2017
polyzos@aueb.gr 38
Our ICN-­related Research Projects