Supply chains constitute a type of IoT system that is becoming increasingly complex today. Providing supply chains with cybersecurity guarantees is becoming a highly topic in current research. This interest is mainly rooted on the fact that supply chains may include different vulnerable components, such as those residing in factories, distribution centres, logistics, or transportation, just to name a few. Moreover, most of these components are controlled by different IoT devices, such as sensors and actuators, also becoming well-known sources of vulnerabilities, easing attackers access to the whole system. In this scenario, cyberattacks that use this weak link in a supply chain are increasing in the last years, as it has been largely reported in the literature. In this heterogeneous scenario, the key trend to facilitate cybersecurity provisioning sits on guaranteeing cyber-security in the entire supply chain, handled as a whole, that is, not separately for each individual component of the chain. In this paper, we propose an authentication/access mechanism for the weaker elements in a supply chain, i.e., the IoT devices, leveraging blockchain as the baseline technology, based on considering the generation of temporal tickets to have a higher access control.

Martí Miquel Martínez , Eva Marín Tordera, Xavi Masip Bruin