Resumen
The Internet of Things offers a wide range of possibilities that can be exploited more or less explicitly for user authentication, ranging from specifically designed systems including biometric devices to environmental sensors that can be opportunistically used to feed behavioural authentication systems. How to integrate all this information in a reliable way to get a continuous authentication service presents several open challenges. Among these: how to combine semi-trusted information coming from non-tamper-proof sensors, where to store such data avoiding a single point of failure, how to analyse data in a distributed way, which interface to use to provide an authentication service to a multitude of different services and applications. In this paper, we present a Blockchain-based architectural solution of a distributed system able to transform IoT interactions into useful data for an authentication system. The design includes: (i) a security procedure to certify users? positions and identities, (ii) a secure storage to hold this information, and (iii) a service to dynamically assign a trust level to a user?s position. We call this system ?Secure Path?.