@misc{10481/108591,
year = {2025},
url = {https://hdl.handle.net/10481/108591},
abstract = {The IoT-as-a-Service (IoTaaS) is an innovative business model that proposes to offer
IoT devices on demand, with considerable cost savings and resource optimization, by
enabling different applications to reuse existing devices. Despite the term having already
been coined by both industry and academia, there is no formal analysis of the implications
that this model has from a technological point of view.
Industry 4.0, also known as the Fourth Industrial Revolution, refers to the current phase
of industrial transformation characterized by the integration of advanced digital
technologies into manufacturing and industrial processes. It is set to modernize industrial
processes as we know them today. This modernization goes hand in hand with the
digitalization of industry and is closely related to the IoTaaS, the latter serving as an enabler
and accelerator for Industry 4.0 initiatives. By providing accessible, scalable, and flexible
IoT solutions, IoTaaS lowers down the entrance barriers for Industry 4.0 technologies and
supports the digital transformation of manufacturing and industrial processes.
The implementation of the IoTaaS presents numerous technological challenges, with
security standing out as a critical concern. Within the scope of security, identity
management emerges as a fundamental issue. This issue extends to Industry 4.0
environments, where the digital identification of various devices integrated into the
manufacturing process becomes crucial. The complexity of accurately and securely
identifying and authenticating the myriad of interconnected devices poses a significant
obstacle in both IoTaaS and Industry 4.0 implementations, stressing the need for robust
identity management solutions.
This thesis makes two main contributions in clarifying this field that interconnects
IoTaaS, Industry 4.0 and security. The first contribution is to formalize the technological
implications of IoTaaS, identifying its technological challenges, describing them and giving potential directions for the main problems. The second contribution is related to the
problem of security in IoT environments, with a main focus on the identity management
problem.
Here, the usage of Self-Sovereign Identity (SSI) schemes has been proposed to provide
better privacy and scalability than traditional identity paradigms, which is especially
important in the IoT owing to its characteristics. Verifiable credentials and decentralized
identifiers, which are part of the SSI concept, allow decentralized identification and
characterization of the devices (commonly IIoT devices) that make up Industry 4.0.
However, some use cases in the Industry 4.0 cannot be modelled with standard SSI
schemes. Despite the fact that delegated credentials have already been defined in the W3C
standard for verifiable credentials, current technologies present some important limitations
that make them non-implementable. This thesis analyses these limitations in the context of
the problem of building delegated credentials for the Industry 4.0, and proposes an
alternative based on an Hyperledger Aries RFC, bypassing these limitations.
Based on the previous problem of delegated credentials, a new problem arises. Current
standard SSI protocols and procedures assume that individuals store only their own
identity, failing to provide an accurate solution for the identity management of groups
where participants might use credentials from different identities and collaborate to meet a
set of verifier´s requirements. The identification of groups has been identified as another
challenge for the IoT. Consequently, the present thesis also introduces the concept of
Collaborative Credentials (CCs) to formalize identity management procedures that model
the collaboration within a group of participants. CCs allow to leverage use cases requiring
collaboration that cannot be solved with standard SSI verifiable credentials, increase the
privacy of group participants, and enable the development of a software framework that
any verifier/holder could use to generate a generic application.
To sum up, in this thesis we formally analyse the IoTaaS business model, identifying
and detailing its main technological challenges. In addition, we tackle the identity problem
of this business model and propose an SSI-based identity management system, which is
compliant with the existing standards from the W3C. As part of the identity problem,
delegation schemes and the use of CCs are also analysed. Finally, the identity model of the IoTaaS is evaluated in terms of performance, as well as some tests have been conducted to
study the feasibility of the use of credential delegation and CCs.},
organization = {Tesis Univ. Granada.},
organization = {Izertis through the SSI4.0 project, which is a collaborative project co-funded by the Department of Economic Development, Sustainability and Environment of the Vice-Ministry of Technology, Innovation and Competitiveness of the Basque Government within the HAZITEK program. (File: ZE-2020/00020)},
organization = {The Government of the Basque Country under the ELKARTEK program, project TRUSTIND (KK-2020/00054) and by MINECO (Ministry of Economy and Competitiveness) through project TIN2017-83494-R},
organization = {Research project PID2020-114495RB-I00 (SICRAC) funded by MCIN/ AEI /10.13039/501100011033 through the Spanish Government-Ministry of Science and Innovation},
organization = {Project AI4ES-2021(CER-20211030): Red de Excelencia en Tecnologías Habilitadoras basadas en el Dato. Partially supported by the Spanish Government- Ministry of Science and Innovation},
publisher = {Universidad de Granada},
title = {Enabling technologies for secure IoT-as-a-Service business model},
author = {Diego de Diego, Santiago Iván de},
}