{"title":"SIoT identity management with the ability to preserve owner privacy and built-in resistance to Sybil attacks","authors":"Aboulfazl Dayyani, Maghsoud Abbaspour","doi":"10.1002/cpe.8201","DOIUrl":null,"url":null,"abstract":"<div>\n \n <p>The Social Internet of Things (SIoT) allows for more efficient and intelligent communication between entities (humans and objects). Managing the digital identity of objects, protecting the owner's privacy, and resisting impersonation attacks are crucial challenges in SIoT. On the other hand, the classic centralized identity provider servers contain valuable information for hackers and malicious parties. Effective solutions can be presented using decentralized technologies such as blockchains. This paper proposes a decentralized identity management system for SIoT based on smart contract technology. This system drives object identity control; conversely, a zero-knowledge-based protocol and double-spend prevention ideas are proposed for privacy preservation and Sybil attack resistance, respectively. The central idea is to implement self-sovereign identity (SSI) so that even certifiers are not privy to object-sensitive information. Additionally, it attempts to prevent the owner from creating Sybil objects using the web of trust method. The method's scalability and convergence can be proven by considering all acknowledgment nodes and different paths. This method was compared with the most novel available methods; the results from this comparison depict the scalability and effectiveness of the proposed method for large networks.</p>\n </div>","PeriodicalId":55214,"journal":{"name":"Concurrency and Computation-Practice & Experience","volume":"36 23","pages":""},"PeriodicalIF":1.5000,"publicationDate":"2024-08-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Concurrency and Computation-Practice & Experience","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/cpe.8201","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}
引用次数: 0
Abstract
The Social Internet of Things (SIoT) allows for more efficient and intelligent communication between entities (humans and objects). Managing the digital identity of objects, protecting the owner's privacy, and resisting impersonation attacks are crucial challenges in SIoT. On the other hand, the classic centralized identity provider servers contain valuable information for hackers and malicious parties. Effective solutions can be presented using decentralized technologies such as blockchains. This paper proposes a decentralized identity management system for SIoT based on smart contract technology. This system drives object identity control; conversely, a zero-knowledge-based protocol and double-spend prevention ideas are proposed for privacy preservation and Sybil attack resistance, respectively. The central idea is to implement self-sovereign identity (SSI) so that even certifiers are not privy to object-sensitive information. Additionally, it attempts to prevent the owner from creating Sybil objects using the web of trust method. The method's scalability and convergence can be proven by considering all acknowledgment nodes and different paths. This method was compared with the most novel available methods; the results from this comparison depict the scalability and effectiveness of the proposed method for large networks.
期刊介绍:
Concurrency and Computation: Practice and Experience (CCPE) publishes high-quality, original research papers, and authoritative research review papers, in the overlapping fields of:
Parallel and distributed computing;
High-performance computing;
Computational and data science;
Artificial intelligence and machine learning;
Big data applications, algorithms, and systems;
Network science;
Ontologies and semantics;
Security and privacy;
Cloud/edge/fog computing;
Green computing; and
Quantum computing.