Blockchain-based Ownership Management for Medical IoT (MIoT) Devices and their Data

  • Mansoor Alblooshi

Student thesis: Master's Thesis


Recently, blockchain has been foreseen by industry and research community as a transformational and disruptive technology that is poised to play a major role in transforming the way we transact, trade, bank, track and register assets, and do business. Blockchain can potentially be used to provide trusted authenticity, origin, and ownership for IoT devices, in a way that is secure and decentralized without the involvement of Trusted Third Parties (TTP) or centralized authorities and services. A TTP can be subject to a single point of failure, and it can be disrupted, compromised or hacked. A TTP can potentially misbehave and become corrupt in the future, even if it is trustworthy now. This research thesis shows how Ethereum blockchain (with the powerful feature of programmability through smart contracts) can provide a trusted ownership management system for medical IoT (MIoT) devices. Tracking the true ownership of MIoT devices is of a paramount importance as using counterfeited MIoT devices can be life-threatening to patients. The research thesis presents a general framework and solution to manage and trace back the true origin of ownership for an MIoT; whereby an MIoT device can be owned by multiple parties during its life cycle. The research thesis propose an access control system that can be controlled by the owner. The research thesis presents a detailed overview of our proposed system architecture, design, entity relationship, and interactions among all involved parties. The source code of the Ethereum smart contracts is made publicly available. Key aspects related to the algorithms, interactions, implementation and testing are discussed in the research thesis. Furthermore, we provide a security analysis of our proposed solution in terms of satisfying the general security goals and also resiliency against popular attacks as those of distributed denial of service (DDoS), eavesdropping and replay attacks. Indexing Terms: IoT, IoT Security, Blockchain, Authentication, Trust, IoT Device Management
Date of AwardJun 2018
Original languageAmerican English
SupervisorKhaled Salah (Supervisor)


  • IoT
  • IoT Security
  • Blockchain
  • Authentication
  • Trust
  • IoT Device Management.

Cite this