区块链/分布式账本技术工作组|用区块链技术保障物联网安全。
版权©2018,云安全联盟。保留所有权利。
1
Using Blockchain
Technology to Secure
the Internet of Things
用区块链技术保障物联网安全
Presented by the Blockchain/
Distributed Ledger
Working Group
由区域链
/
分布式账本工作组提供
区块链/分布式账本技术工作组|用区块链技术保障物联网安全。
版权©2018,云安全联盟。保留所有权利。
2
© 2018 Cloud Security Alliance – All Rights Reserved.
You may download, store, display on your computer, view, print, and link to Using Blockchain
Technology to Secure the Internet of Things subject to the following: (a) the Document may be used
solely for your personal, informational, non-commercial use; (b) the Report may not be modified or
altered in any way; (c) the Document may not be redistributed; and (d) the trademark, copyright or
other notices may not be removed. You may quote portions of the Document as permitted by the Fair
Use provisions of the United States Copyright Act, provided that you attribute the portions to the
Using Blockchain Technology to Secure the Internet of Things paper.
——版权所有©2018 云安全联盟。
您可以下载、存储、显示在您的计算机、查看、打印和链接到使用区块链技术来确保物联网:(a)该文件仅
可用于您的个人、信息、非商业用途
;(b)
不得以任何方式修改或改变该报告
;(c)
文件不得重新分配
;(d)
不得移
除商标、版权或其他通知。你可以引用《美国版权法案》中合理使用条款所允许的部分文件,使用区块链
技术来保证物联网的内容可以把这些内容引用到相关论文中。
关于 CSA(
ABOUT CSA)
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best
practices for providing security assurance within Cloud Computing, and to provide education on the uses
of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a
broad coalition of industry practitioners, corporations, associations and other key stakeholders. For
further information, visit us at www.cloudsecurityalliance.org and follow us on Twitter @cloudsa.
云安全联盟是一个非营利组织,其使命是促进在云计算中提供安全保证的最佳实践,并提供关于云计算用
途的教育,以帮助确保所有其他形式的计算。云安全联盟由行业从业者、公司、协会和其他关键利益相关
者组成的广泛联盟。如需进一步信息,请访问我们的
www.cloudsecurityalliance.org
和推特
@ cloudsa
跟
着我们。
区块链/分布式账本技术工作组|用区块链技术保障物联网安全。
版权©2018,云安全联盟。保留所有权利。
3
TABLE OF CONTENTS 目录
ABOUT CSA....................................................................................................................................................................................2
关于 CSA
ACKNOWLEDGMENTS
............................................................................................................................................................
4
致谢
INTRODUCTION
............................................................................................................................................................................
5
简介
OVERVIEW OF BLOCKCHAIN TECHNOLOGY..........................................................................................................8
区块链概述
Transaction Propagation and Blockchain Construction
.......................................................................................
12
事务传播和区块链建设
Smart Contracts...................................................................................................................................................................... 12
智能合约
Off-Chain Storage Solutions............................................................................................................................................. 13
链下存储解决方案
Deployment Options
..............................................................................................................................................................
14
部署选项
INTERNET OF THINGS ARCHITECTURE BASED ON BLOCKCHAIN TECHNOLOGY...................... 15
基于区块链的物联网架构
The Communication Model
................................................................................................................................................
15
通信模型
A Rich Ecosystem for Leveraging Interoperability Capabilities
.......................................................................
19
一个利用互操作性能力的丰富生态系统
Cohabitation between Multiple Blockchain Services
.............................................................................................
20
多个区块链服务之间的共存
The IoT Architecture Pattern Based on a Blockchain Technology
................................................................
21
基于区块链技术的物联网架构模式
Selection of Blockchain Technology for IoT Security........................................................................................... 22
用于物联网安全的区块链技术的选择
SUMMARY OF BLOCKCHAIN SECURITY SERVICES FOR THE IOT........................................................... 30
物联网区块链的安全服务总结
CONCLUSION................................................................................................................................................................................ 31
结论
REFERENCES
...............................................................................................................................................................................
32
参考文献
区块链/分布式账本技术工作组|用区块链技术保障物联网安全。
版权©2018,云安全联盟。保留所有权利。
4
ACKNOWLED
GMENTS
致谢
Initiative Lead: 主导者
Sabri Khemissa
Key Contributors: 主要
贡献者
Alex Brown
Giuliana Carullo
Elier Cruz
Kevin Fielder
Doug Gardner
Jas Khehra
Imre Kocsis
Paul Lanois
Ashish Mehta
Matt Murphy
Todd Nelson
Denis Nwanshi
Luc Poulin
Michael Roza
Brian Russell
Srinivas Tatipamula
Udo Gustavo von Blücher
CSA Staff: CSA 员工
Hillary Baron
Kendall Scoboria
John Yeoh
First draft of Chinese translation 中文翻译初稿
Yan 北京老李
区块链/分布式账本技术工作组|用区块链技术保障物联网安全。
版权©2018,云安全联盟。保留所有权利。
5
简介(INTRODUCTION)
In the last four years, technical experts, chief digital officers, marketing managers, journalists, bloggers and
research institutions have discussed and promoted a new distributed model for secure transaction processing
and storage using blockchain technology. IDC FutureScape predicted that by 2020, 20% of global trade
finance will incorporate blockchain
在过去的四年中,技术专家、首席数字官、营销经理、记者、博客作者和研究机构讨论并推广了一种新的分布式模型,
使用区块链技术用于安全事务处理和存储。国际数据公司 IDC FutureScape 预测,到 2020 年,20%的全球贸易融资
将纳入区块链
[1]. Coindesk reports that venture capitalists have invested over $1.8 billion in blockchain startups over the past few years
Coindesk 报告说,过去几年,风险投资在区块链的创业公司投资超过 18 亿美
[2].Consortiums and alliances have sprouted up, such as the Enterprise Ethereum Alliance, which focus on
identifying new uses cases for blockchain technology across sectors.
财团和联盟已经涌现,例如企业以太坊联盟,它致力于识别跨部门的区块链技术的新用例。
Blockchain, a public and distributed ledger of transactions grouped into blocks, promises to:
区块链是一种公共的和分布式的交易分类账簿,承诺:
1. Increase speed, efficiency, and security of ownership transfer of digital assets
2. Eliminate need for central authorities to certify ownership and clear transactions
3. Reduce fraud and corruption by providing a transparent and publicly auditable ledger
4. Reduce administrative cost using agreements that can automatically activate, secure and certify
trusted actions based on specific conditions (“smart contracts”).
1.提高数字资产所有权转让的速度、效率和安全性。
2.消除中央主管机构认证所有权和清算交易的需要。
3.通过提供透明和公开的审计的分类账目来减少欺诈和腐败。
4.使用可根据特定条件自动激活、保护和验证可信操作(“智能合约”)的协议降低管理成本。
A key challenge associated with the adoption of blockchain is the need to identify relevant use cases that
would benefit from the integration of blockchain technology. The Internet of Things (IoT) has long been
associated with security weaknesses and challenges, and experts and organizations have begun exploring
the use of blockchain to securing the IoT. Organizations like IOTA and the Trusted IoT Alliance have begun
to focus on IoT security through the application of blockchain.
与采用区块链相关的一个关键挑战是需要确定相关的用例,这些用例将从区块链技术的集成中获益。物联网(IoT)长期
以来一直与安全弱点和挑战联系在一起,专家和组织已经开始探索利用区块链来保护物联网的安全。像 IOTA 和可信
物联网联盟这样的组织已经开始通过应用区块链来关注物联网的安全性。
