DBDAA: Dual blockchain and decentralized identifiers assisted anonymous authentication for building IoT

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE Journal of Systems Architecture Pub Date : 2025-02-01 Epub Date: 2025-01-14 DOI:10.1016/j.sysarc.2025.103334

Xiaohua Wu , Zheng Luo , Jun Cheng , Puyan Wang

{"title":"DBDAA: Dual blockchain and decentralized identifiers assisted anonymous authentication for building IoT","authors":"Xiaohua Wu , Zheng Luo , Jun Cheng , Puyan Wang","doi":"10.1016/j.sysarc.2025.103334","DOIUrl":null,"url":null,"abstract":"<div><div>The rapid advancements in the Internet of Things (IoT) and blockchain have made building IoT a critical element in modern intelligent building management. However, with the increasing adaptability of building IoT systems, concerns about data security and privacy have risen. Traditional solutions often rely on a single user identity, which poses security risks. Additionally, these solutions overlook the security of user permission information in access control systems. As a result, users with elevated permissions become prime targets for attacks. Existing key management mechanisms also have shortcomings, especially in key recovery processes. To address these issues, this paper proposes an identity authentication mechanism leveraging dual-blockchain and decentralized identifier (DID) technology. In the proposed mechanism, we develop a lightweight authentication scheme for devices. We also create a multi-DID model for users and further propose an anonymous authentication scheme, to safeguard data privacy, identity, and permission information, striking a balance between anonymity and oversight. Moreover, we design a key backup and recovery scheme to safeguard against key loss or damage, increasing system reliability. Experimental results demonstrate that our scheme enhances security while reducing computational and communication overhead.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"159 ","pages":"Article 103334"},"PeriodicalIF":4.1000,"publicationDate":"2025-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Systems Architecture","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1383762125000062","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"2025/1/14 0:00:00","PubModel":"Epub","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

The rapid advancements in the Internet of Things (IoT) and blockchain have made building IoT a critical element in modern intelligent building management. However, with the increasing adaptability of building IoT systems, concerns about data security and privacy have risen. Traditional solutions often rely on a single user identity, which poses security risks. Additionally, these solutions overlook the security of user permission information in access control systems. As a result, users with elevated permissions become prime targets for attacks. Existing key management mechanisms also have shortcomings, especially in key recovery processes. To address these issues, this paper proposes an identity authentication mechanism leveraging dual-blockchain and decentralized identifier (DID) technology. In the proposed mechanism, we develop a lightweight authentication scheme for devices. We also create a multi-DID model for users and further propose an anonymous authentication scheme, to safeguard data privacy, identity, and permission information, striking a balance between anonymity and oversight. Moreover, we design a key backup and recovery scheme to safeguard against key loss or damage, increasing system reliability. Experimental results demonstrate that our scheme enhances security while reducing computational and communication overhead.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

DBDAA：双区块链和分散标识符辅助构建物联网的匿名认证

物联网（IoT）和区块链的快速发展使建筑物联网成为现代智能建筑管理的关键要素。然而，随着构建物联网系统的适应性越来越强，对数据安全和隐私的担忧也在增加。传统的解决方案通常依赖于单个用户身份，这带来了安全风险。此外，这些解决方案忽略了访问控制系统中用户权限信息的安全性。因此，具有更高权限的用户成为攻击的主要目标。现有的密钥管理机制也存在不足，特别是在密钥恢复过程中。为了解决这些问题，本文提出了一种利用双区块链和分散标识符（DID）技术的身份认证机制。在提出的机制中，我们为设备开发了一个轻量级的身份验证方案。我们还为用户创建了多did模型，并进一步提出了匿名认证方案，以保护数据隐私，身份和权限信息，在匿名和监督之间取得平衡。此外，我们还设计了密钥备份和恢复方案，防止密钥丢失或损坏，提高了系统的可靠性。实验结果表明，该方案在降低计算和通信开销的同时提高了安全性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Journal of Systems Architecture 工程技术-计算机：硬件

CiteScore

8.70

自引率

15.60%

发文量

226

审稿时长

46 days

期刊介绍： The Journal of Systems Architecture: Embedded Software Design (JSA) is a journal covering all design and architectural aspects related to embedded systems and software. It ranges from the microarchitecture level via the system software level up to the application-specific architecture level. Aspects such as real-time systems, operating systems, FPGA programming, programming languages, communications (limited to analysis and the software stack), mobile systems, parallel and distributed architectures as well as additional subjects in the computer and system architecture area will fall within the scope of this journal. Technology will not be a main focus, but its use and relevance to particular designs will be. Case studies are welcome but must contribute more than just a design for a particular piece of software. Design automation of such systems including methodologies, techniques and tools for their design as well as novel designs of software components fall within the scope of this journal. Novel applications that use embedded systems are also central in this journal. While hardware is not a part of this journal hardware/software co-design methods that consider interplay between software and hardware components with and emphasis on software are also relevant here.