Accountable Distributed Access Control With Privacy Preservation for Blockchain-Enabled Internet of Things Systems: A Zero-Trust Security Scheme

IF 8.9 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS IEEE Internet of Things Journal Pub Date : 2025-02-11 DOI:10.1109/JIOT.2025.3540868

He Fang;Li Xu;Guoshun Nan;Danyang Zheng;Haitao Zhao;Xianbin Wang

{"title":"Accountable Distributed Access Control With Privacy Preservation for Blockchain-Enabled Internet of Things Systems: A Zero-Trust Security Scheme","authors":"He Fang;Li Xu;Guoshun Nan;Danyang Zheng;Haitao Zhao;Xianbin Wang","doi":"10.1109/JIOT.2025.3540868","DOIUrl":null,"url":null,"abstract":"While being able to avoid single point failures, emerging decentralized security techniques are facing new challenges of reliability, robustness, and privacy preservation in blockchain-enabled Internet of Things (IoT) systems. To circumvent these issues, a zero-trust security scheme is proposed through distributed access control, enhanced authentication, dynamic authorization, and privacy preservation enabled by the consortium blockchain. The proposed scheme integrates three key components, i.e., a distributed recommendation mechanism, where multiple authorized nodes are utilized as referrers to efficiently confer their trust on a new public entity for enhanced authentication; an anonymous credential generation strategy, which is developed for the new entity to further protect its privacy from linking attacks; and an adaptive reputation update strategy, which is proposed for evaluating the nodes’ behaviors in the system for accountability and dynamic multiple-level authorization. The proposed scheme is implemented in a Hyperledge Fabric and the results show that it significantly enhances security and protects private information.","PeriodicalId":54347,"journal":{"name":"IEEE Internet of Things Journal","volume":"12 11","pages":"17936-17947"},"PeriodicalIF":8.9000,"publicationDate":"2025-02-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet of Things Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10879499/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

While being able to avoid single point failures, emerging decentralized security techniques are facing new challenges of reliability, robustness, and privacy preservation in blockchain-enabled Internet of Things (IoT) systems. To circumvent these issues, a zero-trust security scheme is proposed through distributed access control, enhanced authentication, dynamic authorization, and privacy preservation enabled by the consortium blockchain. The proposed scheme integrates three key components, i.e., a distributed recommendation mechanism, where multiple authorized nodes are utilized as referrers to efficiently confer their trust on a new public entity for enhanced authentication; an anonymous credential generation strategy, which is developed for the new entity to further protect its privacy from linking attacks; and an adaptive reputation update strategy, which is proposed for evaluating the nodes’ behaviors in the system for accountability and dynamic multiple-level authorization. The proposed scheme is implemented in a Hyperledge Fabric and the results show that it significantly enhances security and protects private information.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于区块链的物联网系统的可问责分布式访问控制与隐私保护：零信任安全方案

在能够避免单点故障的同时，新兴的分散安全技术在支持区块链的物联网（IoT）系统中面临着可靠性、鲁棒性和隐私保护的新挑战。为了规避这些问题，提出了一种零信任安全方案，该方案通过分布式访问控制、增强身份验证、动态授权和由区块链联盟支持的隐私保护来实现。该方案集成了三个关键组件，即分布式推荐机制，利用多个授权节点作为推荐人，有效地将其信任授予新的公共实体，以增强身份验证；为新实体开发的匿名凭证生成策略，进一步保护其隐私免受链接攻击；并提出了一种自适应信誉更新策略，用于评估系统中节点的行为，以实现问责制和动态多级授权。在Hyperledge Fabric中实现了该方案，结果表明该方案显著提高了安全性，保护了私有信息。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IEEE Internet of Things Journal Computer Science-Information Systems

CiteScore

17.60

自引率

13.20%

发文量

1982

期刊介绍： The EEE Internet of Things (IoT) Journal publishes articles and review articles covering various aspects of IoT, including IoT system architecture, IoT enabling technologies, IoT communication and networking protocols such as network coding, and IoT services and applications. Topics encompass IoT's impacts on sensor technologies, big data management, and future internet design for applications like smart cities and smart homes. Fields of interest include IoT architecture such as things-centric, data-centric, service-oriented IoT architecture; IoT enabling technologies and systematic integration such as sensor technologies, big sensor data management, and future Internet design for IoT; IoT services, applications, and test-beds such as IoT service middleware, IoT application programming interface (API), IoT application design, and IoT trials/experiments; IoT standardization activities and technology development in different standard development organizations (SDO) such as IEEE, IETF, ITU, 3GPP, ETSI, etc.