Verifiable decentralized identity-based meta-computing in Industrial Internet of Things (IIoT)

IF 3.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture Pub Date : 2025-03-13 DOI:10.1016/j.sysarc.2025.103391

Kai Ding , Tianxiu Xie , Keke Gai , Chennan Guo , Liangqi Lei , Dongjue Wang , Jing Yu , Liehuang Zhu , Weizhi Meng

{"title":"Verifiable decentralized identity-based meta-computing in Industrial Internet of Things (IIoT)","authors":"Kai Ding , Tianxiu Xie , Keke Gai , Chennan Guo , Liangqi Lei , Dongjue Wang , Jing Yu , Liehuang Zhu , Weizhi Meng","doi":"10.1016/j.sysarc.2025.103391","DOIUrl":null,"url":null,"abstract":"<div><div>Meta-computing in Industrial Internet of Things (IIoT) has triggered a dramatic advance due to the gigantic supports of computation power for processing complex IIoT tasks. However, users identities are encountering security and verification issues since emerging threats derive from dynamic inter-operations in the cross-organization context. Even though blockchain-based Decentralized Identity (DID) is an alternative for offering a strengthened identity governance, current verifiability of DID documents still encounters vulnerabilities due to the involvement of the less trustful third parties that maintain the storage of binding relationships between DID identifiers and public keys. In this paper, we propose a novel <em><u>V</u>erifiable and <u>S</u>earchable <u>D</u>ecentralized <u>I</u>dentity (VS-DID)</em> model. We focus on the verifiability of DID documents and propose a verifiable registry scheme that ensures verifiable binding relationships. In order to enable efficient queries in large-scale users’ identities in meta-computing IIoT, we develop an on-chain-off-chain query strategy that adopts a slide window accumulator. The experimental results show that our scheme reduces aggregate proof time and commitment time by 93.5% and 96.5%, respectively, compared to the Merkle SNARK scheme, while maintaining reasonable verification time, significantly improving the efficiency of DID registry in large-scale IIoT environments.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"162 ","pages":"Article 103391"},"PeriodicalIF":3.7000,"publicationDate":"2025-03-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Systems Architecture","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1383762125000633","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

Meta-computing in Industrial Internet of Things (IIoT) has triggered a dramatic advance due to the gigantic supports of computation power for processing complex IIoT tasks. However, users identities are encountering security and verification issues since emerging threats derive from dynamic inter-operations in the cross-organization context. Even though blockchain-based Decentralized Identity (DID) is an alternative for offering a strengthened identity governance, current verifiability of DID documents still encounters vulnerabilities due to the involvement of the less trustful third parties that maintain the storage of binding relationships between DID identifiers and public keys. In this paper, we propose a novel Verifiable and Searchable Decentralized Identity (VS-DID) model. We focus on the verifiability of DID documents and propose a verifiable registry scheme that ensures verifiable binding relationships. In order to enable efficient queries in large-scale users’ identities in meta-computing IIoT, we develop an on-chain-off-chain query strategy that adopts a slide window accumulator. The experimental results show that our scheme reduces aggregate proof time and commitment time by 93.5% and 96.5%, respectively, compared to the Merkle SNARK scheme, while maintaining reasonable verification time, significantly improving the efficiency of DID registry in large-scale IIoT environments.

查看原文本刊更多论文

工业物联网（IIoT）中基于身份的可验证分散元计算

工业物联网（IIoT）中的元计算由于处理复杂工业物联网任务的计算能力的巨大支持而引发了巨大的进步。然而，由于新出现的威胁源自跨组织上下文中的动态互操作，用户身份正在遇到安全和验证问题。尽管基于区块链的去中心化身份（DID）是一种提供强化身份治理的替代方案，但由于维护DID标识符和公钥之间绑定关系存储的不太可信的第三方的参与，目前DID文档的可验证性仍然遇到漏洞。本文提出了一种新的可验证和可搜索的去中心化身份（VS-DID）模型。我们关注DID文档的可验证性，并提出了一个可验证的注册表方案，以确保可验证的绑定关系。为了在元计算工业物联网中实现大规模用户身份的高效查询，我们开发了一种采用滑动窗口累加器的链上-链下查询策略。实验结果表明，与Merkle SNARK方案相比，我们的方案在保持合理的验证时间的同时，将总证明时间和承诺时间分别缩短了93.5%和96.5%，显著提高了大规模IIoT环境下DID注册的效率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Systems Architecture 工程技术-计算机：硬件

CiteScore

8.70

自引率

15.60%

发文量

226

审稿时长

46 days

期刊介绍： The Journal of Systems Architecture: Embedded Software Design (JSA) is a journal covering all design and architectural aspects related to embedded systems and software. It ranges from the microarchitecture level via the system software level up to the application-specific architecture level. Aspects such as real-time systems, operating systems, FPGA programming, programming languages, communications (limited to analysis and the software stack), mobile systems, parallel and distributed architectures as well as additional subjects in the computer and system architecture area will fall within the scope of this journal. Technology will not be a main focus, but its use and relevance to particular designs will be. Case studies are welcome but must contribute more than just a design for a particular piece of software. Design automation of such systems including methodologies, techniques and tools for their design as well as novel designs of software components fall within the scope of this journal. Novel applications that use embedded systems are also central in this journal. While hardware is not a part of this journal hardware/software co-design methods that consider interplay between software and hardware components with and emphasis on software are also relevant here.