SIoT identity management with the ability to preserve owner privacy and built-in resistance to Sybil attacks

IF 1.5 4区 计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING
Aboulfazl Dayyani, Maghsoud Abbaspour
{"title":"SIoT identity management with the ability to preserve owner privacy and built-in resistance to Sybil attacks","authors":"Aboulfazl Dayyani,&nbsp;Maghsoud Abbaspour","doi":"10.1002/cpe.8201","DOIUrl":null,"url":null,"abstract":"<div>\n \n <p>The Social Internet of Things (SIoT) allows for more efficient and intelligent communication between entities (humans and objects). Managing the digital identity of objects, protecting the owner's privacy, and resisting impersonation attacks are crucial challenges in SIoT. On the other hand, the classic centralized identity provider servers contain valuable information for hackers and malicious parties. Effective solutions can be presented using decentralized technologies such as blockchains. This paper proposes a decentralized identity management system for SIoT based on smart contract technology. This system drives object identity control; conversely, a zero-knowledge-based protocol and double-spend prevention ideas are proposed for privacy preservation and Sybil attack resistance, respectively. The central idea is to implement self-sovereign identity (SSI) so that even certifiers are not privy to object-sensitive information. Additionally, it attempts to prevent the owner from creating Sybil objects using the web of trust method. The method's scalability and convergence can be proven by considering all acknowledgment nodes and different paths. This method was compared with the most novel available methods; the results from this comparison depict the scalability and effectiveness of the proposed method for large networks.</p>\n </div>","PeriodicalId":55214,"journal":{"name":"Concurrency and Computation-Practice & Experience","volume":"36 23","pages":""},"PeriodicalIF":1.5000,"publicationDate":"2024-08-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Concurrency and Computation-Practice & Experience","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1002/cpe.8201","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}
引用次数: 0

Abstract

The Social Internet of Things (SIoT) allows for more efficient and intelligent communication between entities (humans and objects). Managing the digital identity of objects, protecting the owner's privacy, and resisting impersonation attacks are crucial challenges in SIoT. On the other hand, the classic centralized identity provider servers contain valuable information for hackers and malicious parties. Effective solutions can be presented using decentralized technologies such as blockchains. This paper proposes a decentralized identity management system for SIoT based on smart contract technology. This system drives object identity control; conversely, a zero-knowledge-based protocol and double-spend prevention ideas are proposed for privacy preservation and Sybil attack resistance, respectively. The central idea is to implement self-sovereign identity (SSI) so that even certifiers are not privy to object-sensitive information. Additionally, it attempts to prevent the owner from creating Sybil objects using the web of trust method. The method's scalability and convergence can be proven by considering all acknowledgment nodes and different paths. This method was compared with the most novel available methods; the results from this comparison depict the scalability and effectiveness of the proposed method for large networks.

SIoT 身份管理,能够保护所有者的隐私,并内置抵御 Sybil 攻击的功能
摘要社会物联网(SIoT)使实体(人与物)之间的通信更加高效和智能。管理物体的数字身份、保护所有者的隐私和抵御假冒攻击是 SIoT 面临的关键挑战。另一方面,传统的集中式身份提供商服务器为黑客和恶意方提供了宝贵的信息。利用区块链等去中心化技术可以提出有效的解决方案。本文提出了一种基于智能合约技术的 SIoT 去中心化身份管理系统。该系统驱动对象身份控制;反之,为保护隐私和抵御西比尔攻击,分别提出了基于零知识的协议和双重支出预防思想。其核心理念是实现自我主权身份(SSI),这样即使是认证者也无法获知对象的敏感信息。此外,它还试图利用信任网方法防止所有者创建假冒对象。通过考虑所有确认节点和不同路径,可以证明该方法的可扩展性和收敛性。该方法与现有的最新颖的方法进行了比较;比较结果表明了所提方法在大型网络中的可扩展性和有效性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Concurrency and Computation-Practice & Experience
Concurrency and Computation-Practice & Experience 工程技术-计算机:理论方法
CiteScore
5.00
自引率
10.00%
发文量
664
审稿时长
9.6 months
期刊介绍: Concurrency and Computation: Practice and Experience (CCPE) publishes high-quality, original research papers, and authoritative research review papers, in the overlapping fields of: Parallel and distributed computing; High-performance computing; Computational and data science; Artificial intelligence and machine learning; Big data applications, algorithms, and systems; Network science; Ontologies and semantics; Security and privacy; Cloud/edge/fog computing; Green computing; and Quantum computing.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信