Secure and scalable trust management in IoT: A hierarchical blockchain-based approach

The diverse and resource-constrained nature of Internet of Things (IoT) devices make them vulnerable against various security attacks. Effective trust management within the IoT ecosystem is crucial for reliable data collection and sharing, as well as the detection of malicious nodes. Centralized trust management methods are inefficient due to several challenges, including single point of attack/failure, unauthorized manipulation of trust data, resource limitations of smart devices, and scalability issues. Blockchain technology provides a suitable solution for trust management due to its decentralization, transparency, and immutability features. However, deploying blockchain for IoT devices is not simple due to the low performance and high computational costs of consensus algorithms, limited resources of smart devices, and the large volume of transactions created by nodes. In this paper, a hierarchical trust management approach based on blockchain is proposed. The proposed approach evaluates each node’s reputation and organizational trust at both intra-organizational and inter-organizational levels. At the internal level, a lightweight blockchain is used to evaluate and store the trust score of the nodes. At the inter-organizational level, interactions between organizations and their trust level are recorded in the public blockchain. Two methods are proposed, i.e. probing-based and evidence-based, for evaluating the reputation of each node and the trust level of each organization. The evaluation results show that with a maximum of 35% malicious nodes within an organization, the proposed method can correctly identify the malicious and honest nodes. The recall and specificity measures obtained are both greater than 0.9. Additionally, organizations with more than 35% of malicious nodes are blacklisted and suspended.