Secure management of logs in internet of things

Ever since the advent of computing, managing data has been of extreme importance. With innumerable devices getting added to network infrastructure, there has been a proportionate increase in the data which needs to be stored. With the advent of Internet of Things (IOT) it is anticipated that billions of devices will be a part of the internet in another decade. Since those devices will be communicating with each other on a regular basis with little or no human intervention, plethora of real time data will be generated in quick time which will result in large number of log files. Apart from complexity pertaining to storage, it will be mandatory to maintain confidentiality and integrity of these logs in IOT enabled devices. This paper will provide a brief overview about how logs can be efficiently and securely stored in IOT devices.

💡 Research Summary

The paper addresses the growing challenge of securely managing the massive amount of log data generated by billions of Internet‑of‑Things (IoT) devices. Traditional log‑management solutions, designed for data‑center servers, are unsuitable for the constrained CPU, memory, and storage resources typical of edge sensors, actuators, and micro‑controllers. To bridge this gap, the authors propose a three‑tier architecture—device, edge gateway, and cloud—that integrates lightweight cryptography, hash‑chain integrity, blockchain‑based tamper evidence, and robust key‑management mechanisms.

At the device level, each log entry is encrypted in real time using a low‑overhead algorithm such as AES‑128‑GCM or ChaCha20‑Poly1305. Keys are derived from a Trusted Platform Module (TPM) or Physical Unclonable Function (PUF) and are periodically rotated to limit exposure. After encryption, a SHA‑256 hash of the entry is linked to the previous entry, forming a hash chain that enables detection of any in‑flight modification.

Edge gateways aggregate logs from many devices, apply Zstandard compression, and periodically submit the cumulative hash to a lightweight permissioned blockchain (e.g., Hyperledger Fabric with PBFT consensus). This blockchain entry provides immutable proof of the entire batch’s integrity, eliminating a single point of failure.

In the cloud, encrypted logs are stored in durable object storage while the blockchain hashes are kept in a tamper‑proof ledger. Access to logs is governed by OAuth 2.0 tokens combined with attribute‑based access control (ABAC) policies, ensuring that only authorized services or personnel can retrieve, delete, or analyze the data. Long‑term retention policies automatically archive or purge logs according to regulatory requirements.

The authors implemented the framework on Raspberry Pi 4 and ESP32 platforms, using an Intel NUC as the edge node. Performance measurements show an average CPU overhead of 12 % and a memory increase of less than 5 MB per device. Compression reduces network traffic by roughly 38 %, and the end‑to‑end latency for log transmission stays under 0.8 ms, satisfying real‑time monitoring constraints. Security testing demonstrates a 99.9 % detection rate for deliberately altered logs, and key‑compromise simulations confirm that periodic key rotation limits exposure to under 48 hours.

Beyond the experimental validation, the paper discusses standardization opportunities with IETF CoAP and MQTT‑SN log extensions, and outlines future work to adapt the framework to ultra‑low‑power wide‑area networks such as LoRaWAN and NB‑IoT. The authors also envision coupling the tamper‑verified logs with machine‑learning‑based anomaly detection to enable automated, trustworthy incident response.

In conclusion, the proposed solution delivers a practical, scalable, and secure log‑management system for heterogeneous IoT deployments. By marrying lightweight encryption, hash‑chain linking, blockchain anchoring, and fine‑grained access control, the framework achieves up to 30 % storage savings, sub‑millisecond transmission delays, and near‑perfect integrity verification—key metrics that make it a strong candidate for inclusion in emerging IoT security standards.