Realizing the applications of Internet of Things (IoT) with the goal of achieving a more efficient and automated world requires billions of connected smart devices and the minimization of hardware cost in these devices. As a result, many IoT devices do not have sufficient resources to support various protocols required in many IoT applications. Because of this, new protocols have been introduced to support the integration of these devices. One of these protocols is the increasingly popular routing protocol for low-power and lossy networks (RPL). However, this protocol is well known to attract blackhole and sinkhole attacks and cause serious difficulties when using more computationally intensive techniques to protect against these attacks, such as intrusion detection systems and rank authentication schemes. In this paper, an effective approach is presented to protect RPL networks against blackhole attacks. The approach does not address sinkhole attacks because they cause low damage and are often used along blackhole attacks and can be detected when blackhole attaches are detected. This approach uses the feature of multiple parents per node and a parent evaluation system enabling nodes to select more reliable routes. Simulations have been conducted, compared to existing approaches this approach would provide better protection against blackhole attacks with much lower overheads for small RPL networks.

Many residences from student apartment units to family homes use a range of smart devices to make the day-to-day lives of the residents safer and more convenient. The ability to remotely access these devices has further increased their convenience, but it comes with the increased risk of vulnerable devices being exploited to achieve unauthorized access or to conduct surveillance on the users. This highlights the need for an access control system to securely restrict home device access to authorized users only. Existing approaches for securing smart homes use less secure authentication methods, do not allow for data ownership or fine-grained access control, and do not reliably store credential modification records, access records, or access policy modification records. These records can be a valuable resource to have available in the case of a security incident.In this thesis, a secure and efficient remote mutual authentication system with fine-grained access control integrating blockchain and digital signatures to authenticate users, authenticate the home gateway, and provide reliable auditing of the credential modifications, access history, and access policy modifications of the devices is presented. The immutability and verifiability properties of blockchain make it useful for securely storing these records. In this approach, a smart contract is created in the blockchain to keep track of authorized users, manage the access policy, and record requests for access or control of the home devices. A private blockchain is used to provide trust and privacy, which is necessary for a smart home system. Elliptic curve digital signatures are used to verify identities because the shorter key sizes and signature times are more adapted to Internet of Things contexts. The approach presented in this thesis is better than existing approaches because it provides fine-grained access control, and reliably stores credential modification records, access records, and access policy modification records. The approach was implemented and evaluated using Hyperledger, a private open-source blockchain, and the results show that this approach has significant additional security benefits with negligible additional overhead cost.