面向大数据共享：基于区块链的统一可信远程认证方案

IF 8.9 1区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Internet of Things Journal Pub Date : 2025-03-31 DOI:10.1109/JIOT.2025.3555880

Ran Wang;Fuqiang Ma;Shihong Duan;Zhiyuan Su;Xiaotong Zhang;Cheng Xu

{"title":"面向大数据共享：基于区块链的统一可信远程认证方案","authors":"Ran Wang;Fuqiang Ma;Shihong Duan;Zhiyuan Su;Xiaotong Zhang;Cheng Xu","doi":"10.1109/JIOT.2025.3555880","DOIUrl":null,"url":null,"abstract":"The rapid expansion of the Internet of Things (IoT) has brought forth new challenges and opportunities in securely managing and sharing vast amounts of data generated by connected devices. Blockchain technology, with its decentralization, tamper-resistance, and traceability, offers a promising framework for IoT data sharing but struggles to safeguard smart contracts and sensitive data. Integrating trusted execution environments (TEEs) with blockchain addresses these concerns, enabling secure execution and communication via remote attestation. However, existing remote attestation methods face challenges, including incompatibility across heterogeneous TEEs, inefficiency under frequent authentication, and vulnerability to DoS attacks. To tackle these, we propose a blockchain-based unified remote attestation scheme for IoT. Our three-tier blockchain architecture—comprising a certificate authority (CA) channel, an authoritative channel, and a business channel—separates authentication, attestation, and operations while ensuring auditability. An abstraction layer supports heterogeneous TEEs, and an authoritative blockchain stores authentication reports, enabling secure, frequent attestations. Additionally, a distributed CA system enhances resilience to DoS attacks. Experimental results validate our scheme’s efficiency and security, offering a robust solution for IoT data sharing.","PeriodicalId":54347,"journal":{"name":"IEEE Internet of Things Journal","volume":"12 13","pages":"24656-24671"},"PeriodicalIF":8.9000,"publicationDate":"2025-03-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Toward Big-Data Sharing: A Unified Trusted Remote Attestation Scheme Based on Blockchain\",\"authors\":\"Ran Wang;Fuqiang Ma;Shihong Duan;Zhiyuan Su;Xiaotong Zhang;Cheng Xu\",\"doi\":\"10.1109/JIOT.2025.3555880\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The rapid expansion of the Internet of Things (IoT) has brought forth new challenges and opportunities in securely managing and sharing vast amounts of data generated by connected devices. Blockchain technology, with its decentralization, tamper-resistance, and traceability, offers a promising framework for IoT data sharing but struggles to safeguard smart contracts and sensitive data. Integrating trusted execution environments (TEEs) with blockchain addresses these concerns, enabling secure execution and communication via remote attestation. However, existing remote attestation methods face challenges, including incompatibility across heterogeneous TEEs, inefficiency under frequent authentication, and vulnerability to DoS attacks. To tackle these, we propose a blockchain-based unified remote attestation scheme for IoT. Our three-tier blockchain architecture—comprising a certificate authority (CA) channel, an authoritative channel, and a business channel—separates authentication, attestation, and operations while ensuring auditability. An abstraction layer supports heterogeneous TEEs, and an authoritative blockchain stores authentication reports, enabling secure, frequent attestations. Additionally, a distributed CA system enhances resilience to DoS attacks. Experimental results validate our scheme’s efficiency and security, offering a robust solution for IoT data sharing.\",\"PeriodicalId\":54347,\"journal\":{\"name\":\"IEEE Internet of Things Journal\",\"volume\":\"12 13\",\"pages\":\"24656-24671\"},\"PeriodicalIF\":8.9000,\"publicationDate\":\"2025-03-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Internet of Things Journal\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10944709/\",\"RegionNum\":1,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet of Things Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10944709/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

物联网（IoT）的快速发展为安全管理和共享连接设备产生的大量数据带来了新的挑战和机遇。区块链技术具有去中心化、防篡改和可追溯性，为物联网数据共享提供了一个有前景的框架，但在保护智能合约和敏感数据方面存在困难。将可信执行环境（tee）与区块链集成可以解决这些问题，从而通过远程认证实现安全执行和通信。然而，现有的远程认证方法面临着挑战，包括跨异构tee的不兼容性、频繁身份验证的低效率以及容易受到DoS攻击。为了解决这些问题，我们提出了一种基于区块链的物联网统一远程认证方案。我们的三层区块链体系结构——包括一个证书颁发机构（CA）通道、一个权威通道和一个业务通道——将身份验证、认证和操作分开，同时确保可审计性。抽象层支持异构tee，权威区块链存储身份验证报告，支持安全、频繁的认证。此外，分布式CA系统增强了对DoS攻击的弹性。实验结果验证了该方案的有效性和安全性，为物联网数据共享提供了一个强大的解决方案。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Toward Big-Data Sharing: A Unified Trusted Remote Attestation Scheme Based on Blockchain

The rapid expansion of the Internet of Things (IoT) has brought forth new challenges and opportunities in securely managing and sharing vast amounts of data generated by connected devices. Blockchain technology, with its decentralization, tamper-resistance, and traceability, offers a promising framework for IoT data sharing but struggles to safeguard smart contracts and sensitive data. Integrating trusted execution environments (TEEs) with blockchain addresses these concerns, enabling secure execution and communication via remote attestation. However, existing remote attestation methods face challenges, including incompatibility across heterogeneous TEEs, inefficiency under frequent authentication, and vulnerability to DoS attacks. To tackle these, we propose a blockchain-based unified remote attestation scheme for IoT. Our three-tier blockchain architecture—comprising a certificate authority (CA) channel, an authoritative channel, and a business channel—separates authentication, attestation, and operations while ensuring auditability. An abstraction layer supports heterogeneous TEEs, and an authoritative blockchain stores authentication reports, enabling secure, frequent attestations. Additionally, a distributed CA system enhances resilience to DoS attacks. Experimental results validate our scheme’s efficiency and security, offering a robust solution for IoT data sharing.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IEEE Internet of Things Journal Computer Science-Information Systems

CiteScore

17.60

自引率

13.20%

发文量

1982

期刊介绍： The EEE Internet of Things (IoT) Journal publishes articles and review articles covering various aspects of IoT, including IoT system architecture, IoT enabling technologies, IoT communication and networking protocols such as network coding, and IoT services and applications. Topics encompass IoT's impacts on sensor technologies, big data management, and future internet design for applications like smart cities and smart homes. Fields of interest include IoT architecture such as things-centric, data-centric, service-oriented IoT architecture; IoT enabling technologies and systematic integration such as sensor technologies, big sensor data management, and future Internet design for IoT; IoT services, applications, and test-beds such as IoT service middleware, IoT application programming interface (API), IoT application design, and IoT trials/experiments; IoT standardization activities and technology development in different standard development organizations (SDO) such as IEEE, IETF, ITU, 3GPP, ETSI, etc.