Juan Chen,Zhengkui Lin,Xin Liu,Zhian Deng,Xianzhi Wang

DOI: https://doi.org/10.1007/978-3-319-73564-1_59

2017-01-01

Abstract:Internet of Things (IoT) is going to create a world where physical objects are integrated into traditional networks in order to provide intelligent services for human-beings. Trust plays an important role in communications and interactions of objects in IoT. Two vital tasks of trust management are trust model design and reputation evaluation. However, current literature cannot be simply and directly applied to the IoT due to smart node hardware constraints, very limited computing and energy resources. Therefore a general and flexible model is needed to meet the special requirements for IoT. In this paper, we firstly design LTrust, a layered trust model for IoT. Then, a Reputation Evaluation Scheme for the Node (RES-N) has been presented. The proposed trust model and reputation evaluation scheme provide a general framework for the study of trust management for IoT. The efficiency of RES-N is validated by the simulation results.

Seyed Amid Moeinzadeh Mirhosseini,Ali Fanian,T. Aaron Gulliver

DOI: https://doi.org/10.48550/arXiv.2111.13500

2021-11-26

Abstract:The advent of Bitcoin, and consequently Blockchain, has ushered in a new era of decentralization. Blockchain enables mutually distrusting entities to work collaboratively to attain a common objective. However, current Blockchain technologies lack scalability, which limits their use in Internet of Things (IoT) applications. Many devices on the Internet have the computational and communication capabilities to facilitate decision-making. These devices will soon be a 50 billion node network. Furthermore, new IoT business models such as Sensor-as-a-Service (SaaS) require a robust Trust and Reputation System (TRS). In this paper, we introduce an innovative distributed ledger combining Tangle and Blockchain as a TRS framework for IoT. The combination of Tangle and Blockchain provides maintainability of the former and scalability of the latter. The proposed ledger can handle large numbers of IoT device transactions and facilitates low power nodes joining and contributing. Employing a distributed ledger mitigates many threats, such as whitewashing attacks. Along with combining payments and rating protocols, the proposed approach provides cleaner data to the upper layer reputation algorithm.

Distributed, Parallel, and Cluster Computing,Cryptography and Security

Dong Chen,Guiran Chang,Dawei Sun,Jiajia Li,Jie Jia,Xingwei Wang

DOI: https://doi.org/10.2298/csis110303056c

2011-01-01

Computer Science and Information Systems

Abstract:Since a large scale Wireless Sensor Network (WSN) is to be completely integrated into Internet as a core part of Internet of Things (IoT) or Cyber Physical System (CPS), it is necessary to consider various security challenges that come with IoT/CPS, such as the detection of malicious attacks. Sensors or sensor embedded things may establish direct communication between each other using 6LoWPAN protocol. A trust and reputation model is recognized as an important approach to defend a large distributed sensor networks in IoT/CPS against malicious node attacks, since trust establishment mechanisms can stimulate collaboration among distributed computing and communication entities, facilitate the detection of untrustworthy entities, and assist decision-making process of various protocols. In this paper, based on in-depth understanding of trust establishment process and quantitative comparison among trust establishment methods, we present a trust and reputation model TRM-IoT to enforce the cooperation between things in a network of IoT/CPS based on their behaviors. The accuracy, robustness and lightness of the proposed model is validated through a wide set of simulations.

computer science, information systems, software engineering

Yuan Liu,Chuang Zhang,Yu Yan,Xin Zhou,Zhihong Tian,Jie Zhang

DOI: https://doi.org/10.1109/tsc.2022.3181668

IF: 11.019

2023-04-12

IEEE Transactions on Services Computing

Abstract:IoT data exchange plays a vital role in supporting various applications and services with massive IoT devices. However, the existence of malicious devices threatens the integrity and reliability of the exchanged data. Trust management has been used to mitigate the impact of malicious devices in centralized and decentralized architectures. However, most of these traditional trust management systems bear computation, storage, and communication challenges. In this study, we propose a semi-centralized trust management system architecture based on blockchain in both single and multiple domains. The IoT devices are centralized organized by cloud servers who coordinately sustain a rating data ledger within each domain based the proposed rotation based consensus protocol in a decentralized manner to support cross-domain data exchange. A computational trust model is proposed by aggregating the direct and indirect trust information, where we elaborately design decay function, recommendation credibility and adaptable weights so as to calculate the trust value of dynamic malicious devices. Finally, we evaluate the proposed system model in various situations through simulation based experiments and compare it with two classical models in the literature. The experimental results demonstrate the effectiveness of the proposed trust model in identifying malicious devices and mitigating the influence of malicious devices.

computer science, information systems, software engineering

Guntur Dharma Putra,Volkan Dedeoglu,Salil S. Kanhere,Raja Jurdak

DOI: https://doi.org/10.48550/arXiv.1912.10247

2020-03-09

Abstract:Heterogeneous and dynamic IoT environments require a lightweight, scalable, and trustworthy access control system for protection from unauthorized access and for automated detection of compromised nodes. Recent proposals in IoT access control systems have incorporated blockchain to overcome inherent issues in conventional access control schemes. However, the dynamic interaction of IoT networks remains uncaptured. Here, we develop a blockchain based Trust and Reputation System (TRS) for IoT access control, which progressively evaluates and calculates the trust and reputation score of each participating node to achieve a self-adaptive and trustworthy access control system. Trust and reputation are explicitly incorporated in the attribute-based access control policy, so that different nodes can be assigned to different access right levels, resulting in dynamic access control policies. We implement our proposed architecture in a private Ethereum blockchain comprised of a Docker container network. We benchmark our solution using various performance metrics to highlight its applicability for IoT contexts.

Cryptography and Security,Networking and Internet Architecture

Serin V. Simpson,Y. Ravi Raju,K. Bhanu Rajesh Naidu,Gopika Venu

DOI: https://doi.org/10.1007/s41870-023-01467-5

2023-09-13

International Journal of Information Technology

Abstract:This study presents SECURE TRUST, a novel blockchain-enabled trust and reputation system designed to address the growing security risks associated with the proliferation of IoT devices. By leveraging blockchain technology, our system effectively evaluates the reliability of nodes in IoT networks and mitigates harmful activities. Our approach employs smart contracts to facilitate collaborative detection and mitigation of malicious behavior among nodes. Furthermore, we integrate a trust and reputation system that assigns trust ratings to nodes based on their past interactions and behavior. Our system is compatible with various hardware platforms and utilizes open-source software components. Extensive testing demonstrates that our proposed approach reliably detects and reduces security risks caused by malicious nodes, offering robust protection against unwanted activities.

Xinyin Xiang,Jin Cao,Weiguo Fan,Shousheng Xiang,Gang Wang

DOI: https://doi.org/10.1016/j.dss.2024.114184

IF: 6.969

2024-01-01

Decision Support Systems

Abstract:The Internet of Things (IoT) connects heterogeneous sensing devices with servers under the support of the network to monitor intelligent communication and real-time data transmission. The system caters well to the needs of medical services and also provides convenience for telemedicine. Many IoT-based solutions have been proposed for medical application scenarios. However, the unpredictable nature of communication links and device failures may lead to challenges in setting effective security policies for controlling these devices. Trust management has emerged as an ideal solution that can implement a dynamic management approach and regulate node connection requests. While centralized architectures require only a central node and relatively few devices, they are not suitable for large-scale medical facilities. In contrast, decentralized approaches based on blockchain technology have recently emerged as feasible solutions for IoT practices. Nevertheless, these decentralized approaches are vulnerable to potential attacks such as defaming honest nodes or improving the trust degrees of malicious nodes, which can compromise trust degrees within the system. This paper designs a blockchain-enabled trust management method for medical services based on the IoT, aiming to prevent malicious nodes from sending false trust levels. The proposed trust assessment model utilizes referees' direct experience and indirect feedback to recommend trustworthy medical services. The presented model provides a certain level of security against various types of attacks including malicious attacks, benevolent attacks, and on-off attacks. Experimental results illustrate that the model is robust and effective.

Xu Yuan,Fang Luo,Muhammad Zeeshan Haider,Zhikui Chen,Yucheng Li

DOI: https://doi.org/10.1155/2021/9952218

2021-01-01

Wireless Communications and Mobile Computing

Abstract:Blockchain technology has advanced rapidly in recent years and is now widely used in a variety of fields. Blockchain appears to be one of the best solutions for managing massive heterogeneous devices while achieving advanced data security and data reputation, particularly in the field of large-scale IoT (Internet of Things) networks. Despite the numerous advantages, there are still challenges while deploying IoT applications on blockchain systems due to the limited storage, power, and computing capability of IoT devices, and some of these problems are caused by the consensus algorithm, which plays a significant role in blockchain systems by ensuring overall system reliability and robustness. Nonetheless, most existing consensus algorithms are prone to poor node reliability, low transaction per second (TPS) rates, and scalability issues. Aiming at some critical problems in the existing consensus algorithms, this paper proposes the Efficient Byzantine Reputation-based Consensus (EBRC) mechanism to resolve the issues raised above. In comparison to traditional algorithms, we reinvented ways to evaluate node reliability and robustness and manage active nodes. Our experiments show that the EBRC algorithm has lower consensus delay, higher throughput, improved security, and lower verification costs. It offers new reference ideas for solving the Internet of Things+blockchain+Internet court construction problem.

Guntur Dharma Putra,Changhoon Kang,Salil S. Kanhere,James Won-Ki Hong

DOI: https://doi.org/10.48550/arXiv.2203.05769

2022-03-11

Cryptography and Security

Abstract:Blockchain has the potential to enhance supply chain management systems by providing stronger assurance in transparency and traceability of traded commodities. However, blockchain does not overcome the inherent issues of data trust in IoT enabled supply chains. Recent proposals attempt to tackle these issues by incorporating generic trust and reputation management, which does not entirely address the complex challenges of supply chain operations and suffers from significant drawbacks. In this paper, we propose DeTRM, a decentralised trust and reputation management solution for supply chains, which considers complex supply chain operations, such as splitting or merging of product lots, to provide a coherent trust management solution. We resolve data trust by correlating empirical data from adjacent sensor nodes, using which the authenticity of data can be assessed. We design a consortium blockchain, where smart contracts play a significant role in quantifying trustworthiness as a numerical score from different perspectives. A proof-of-concept implementation in Hyperledger Fabric shows that DeTRM is feasible and only incurs relatively small overheads compared to the baseline.

Juan Chen,Zhihong Tian,Xiang Cui,Lihua Yin,Xianzhi Wang

DOI: https://doi.org/10.1007/s12652-018-0887-z

IF: 3.662

2018-01-01

Journal of Ambient Intelligence and Humanized Computing

Abstract:Internet of Things (IoT) represents a fundamental infrastructure and set of techniques that support innovative services in various application domains. Trust management plays an important role in enabling the reliable data collection and mining, context-awareness, and enhanced user security in the IoT. The main tasks of trust management include trust architecture design and reputation evaluation. However, existing trust architectures and reputation evaluation solutions cannot be directly applied to the IoT, due to the large number of physical entities, the limited computation ability of physical entities, and the highly dynamic nature of the network. In comparison, it generally requires a general and flexible architecture to manage trust in such a dynamic environment as IoT. In this paper, we present IoTrust, a trust architecture that integrates Soft Defined Network (SDN) in IoT, and a cross-layer authorization protocol based on IoTrust. IoTrust and the protocol together provide a new insight for research on trust management in the IoT. For trust establishment, we further propose a Behavior-based Reputation Evaluation Scheme for the Node (BES) and an Organization Reputation Evaluation Scheme (ORES). Both our theoretical analysis and simulation results validate the efficiency of BES and ORES.

Eric Ke Wang,RuiPei Sun,Chien-Ming Chen,Zuodong Liang,Saru Kumari,Muhammad Khurram Khan

DOI: https://doi.org/10.1016/j.cose.2020.101871

2020-08-01

Abstract:<p>Recently, blockchain technology has been used to address the security issues of Internet of things (IoT) applications. However, some issues particular to blockchain should be solved to meet the security requirements of IoT systems. The core of blockchain technology is distributed computing, along with the collaboration mechanism of group trust under the distributed computing environment, which can solve the scalability, collaboration ability, trust relationship, and security protection challenges faced by the IoT. The existing blockchain consensus protocol can only solve the trust cooperation problem with limited credibility. Although distributed trust relationship management has advantages over centralized trust relationship management, several risks exist. Here, the most critical issue is the credibility of the blockchain consensus protocol. Based on the characteristics of the traditional public chain, we propose a repute-based consensus protocol for blockchain-enabled IoT systems. In the protocol, two methods are designed to enable the blockchain system to reach a consensus rapidly and safely. The repute rewards and punishments method settles the repute values of nodes; nodes with satisfactory behavior receive repute rewards. The repute mining method proposes repute requirements for consensus nodes; nodes with high repute value produce blocks more easily. Security analysis has been conducted using a theory model and experimental evaluation. The establishment of our repute system can improve the consensus protocol, resisting stronger attacks, and giving several users with lower computing power a greater opportunity to participate in consensus. The experimental results show that the repute-based consensus protocol has advantages in terms of security and that its resistance capability against attacks is improved.</p>

computer science, information systems

Lanlan Rui,Liangchen Zhao,Jingyang Yan,Xuesong Qiu,Shaoyong Guo

DOI: https://doi.org/10.1109/jiot.2024.3387448

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:With the deep integration of a new generation of information technology and physical manufacturing, equipment in all walks of life and fields has transformed to digitalization, networking, and intelligence, and the Internet of Things puts forward higher requirements for ubiquitous interconnection, security, reliability, intelligence, and efficiency. The data interaction of IoT terminal devices has cross-system, cross-enterprise, and cross-business requirements, but this also leads to many sensitive information in the Internet of Things network, such as hidden leakage and difficulty in distinguishing the authenticity of data information. Based on the above challenges, this article proposes a distributed authentication scheme based on Delegated Proof of Stake consensus algorithm and a dynamic reputation evaluation mechanism based on smart contracts, which improves the authentication efficiency and the anti-attack ability of the authentication network and maintains the security and stability of the network. At the same time, the dynamic reputation evaluation results are uploaded to the blockchain storage, which not only ensures the security and immutability of data but also provides queryable historical reputation records for subsequent terminal access authentication evaluation. Safety analysis and performance simulation experiments show that the proposed scheme has high safety and good performance.

Guntur Dharma Putra,Volkan Dedeoglu,Salil S Kanhere,Raja Jurdak,Aleksandar Ignjatovic

DOI: https://doi.org/10.48550/arXiv.2104.00832

2021-04-02

Abstract:Authorization or access control limits the actions a user may perform on a computer system, based on predetermined access control policies, thus preventing access by illegitimate actors. Access control for the Internet of Things (IoT) should be tailored to take inherent IoT network scale and device resource constraints into consideration. However, common authorization systems in IoT employ conventional schemes, which suffer from overheads and centralization. Recent research trends suggest that blockchain has the potential to tackle the issues of access control in IoT. However, proposed solutions overlook the importance of building dynamic and flexible access control mechanisms. In this paper, we design a decentralized attribute-based access control mechanism with an auxiliary Trust and Reputation System (TRS) for IoT authorization. Our system progressively quantifies the trust and reputation scores of each node in the network and incorporates the scores into the access control mechanism to achieve dynamic and flexible access control. We design our system to run on a public blockchain, but we separate the storage of sensitive information, such as user's attributes, to private sidechains for privacy preservation. We implement our solution in a public Rinkeby Ethereum test-network interconnected with a lab-scale testbed. Our evaluations consider various performance metrics to highlight the applicability of our solution for IoT contexts.

Cryptography and Security

Bochuan Hou,Yang Xin,Hongliang Zhu,Yixian Yang,Jianhua Yang

DOI: https://doi.org/10.3390/app13095733

2023-01-01

Applied Sciences

Abstract:Vehicle ad-hoc network (VANET) is interconnected through message forwarding and exchanging among vehicle nodes. Due to its highly dynamic topology and its wireless and heterogeneous communication mode, VANET is more vulnerable to security threats from multiple parties. Compared to entity-based security authentication, it is essential to consider how to protect the security of the data itself. Existing studies have evaluated the reliability of interactive data through reputation quantification, but there are still some issues in the design of secure reputation management schemes, such as its low efficiency, poor security, and unreliable management. Aiming at the above-mentioned issues, in this paper we propose an effective VANET model with a secure reputation based on a blockchain, and it is called the double-layer blockchain-based reputation evaluation & management model (DBREMM). In the DBREMM, we design a reputation management model based on two parallel blockchains that work collaboratively, and these are called the event chain and reputation chain. A complete set of reputation evaluation schemes is presented. Our schemes can reduce observation errors and improve evaluation reliability during trust computation by using direct trust calculation based on the multi-factor Bayesian inference. Additionally, we propose an indirect trust calculation based on the historical accumulated reputation value with an attenuation factor, and a secure a reputation fusion scheme based on the number threshold with the fluctuation factor, which can reduce the possibility of attacks, such as collusive attacks and false information injection. Theoretical analysis and extensive simulation experiments reflect the DBREMM’s security algorithm effectiveness, accuracy, and ability to resist several attacks.

Roberto Di Pietro,Xavier Salleras,Matteo Signorini,Erez Waisbard

DOI: https://doi.org/10.1145/3205977.3205993

2018-06-07

Abstract:One of the biggest challenges for the Internet of Things (IoT) is to bridge the currently fragmented trust domains. The traditional PKI model relies on a common root of trust and does not fit well with the heterogeneous IoT ecosystem where constrained devices belong to independent administrative domains. In this work we describe a distributed trust model for the IoT that leverages the existing trust domains and bridges them to create end-to-end trust between IoT devices without relying on any common root of trust. Furthermore we define a new cryptographic primitive, denoted as obligation chain designed as a credit-based Blockchain with a built-in reputation mechanism. Its innovative design enables a wide range of use cases and business models that are simply not possible with current Blockchain-based solutions while not experiencing traditional blockchain delays. We provide a security analysis for both the obligation chain and the overall architecture and provide experimental tests that show its viability and quality.

Volkan Dedeoglu,Raja Jurdak,Guntur D. Putra,Ali Dorri,Salil S. Kanhere

DOI: https://doi.org/10.48550/arXiv.1906.11461

2019-06-27

Abstract:Blockchain is a promising technology for establishing trust in IoT networks, where network nodes do not necessarily trust each other. Cryptographic hash links and distributed consensus mechanisms ensure that the data stored on an immutable blockchain can not be altered or deleted. However, blockchain mechanisms do not guarantee the trustworthiness of data at the origin. We propose a layered architecture for improving the end-to-end trust that can be applied to a diverse range of blockchain-based IoT applications. Our architecture evaluates the trustworthiness of sensor observations at the data layer and adapts block verification at the blockchain layer through the proposed data trust and gateway reputation modules. We present the performance evaluation of the data trust module using a simulated indoor target localization and the gateway reputation module using an end-to-end blockchain implementation, together with a qualitative security analysis for the architecture.

Cryptography and Security,Distributed, Parallel, and Cluster Computing

Jianli Hu,Bin Zhou,Quanyuan Wu,Xiaohua Li

DOI: https://doi.org/10.1109/ISECS.2010.59

2011-01-01

Abstract:An important challenge regarding peer's trust valuation in peer-to-peer (P2P) networks is how to cope with such problems as dishonest feedbacks from malicious peers, collusions and complex strategic frauds, which cannot be effectively tackled by the existing solutions. Thus, a reputation-based distributed trust management model for P2P networks, named RATM for short, is proposed to quantify and evaluate the trustworthiness of peers. In RATM, the metric of time zone is used to describe the time property of the transaction experiences and recommendations; the peer trust value, the short trust value and the long trust value are applied to express accurately the final trust level of peers. Moreover, the trust deviation value and the trust abuse value are introduced to depict the above several trust metrics. Theoretical analyses and simulation experiments demonstrates that, RATM has advantages in combating various dynamic malicious behaviors such as dishonest feedbacks and strategic malicious attacks, over the current trust model, and shows more effectiveness and stronger dynamic adaptability.

Anuoluwapo A. Adewuyi,Hui Cheng,Qi Shi,Jiannong Cao,Aine MacDermott,Xingwei Wang

DOI: https://doi.org/10.1109/jiot.2019.2902022

IF: 10.6

2019-01-01

IEEE Internet of Things Journal

Abstract:Security through trust presents a viable solution for threat management in the Internet of Things (IoT). Currently, a well-defined trust management framework for collaborative applications on the IoT platform does not exist. In order to estimate reliably the trust values of nodes within a system, the trust should be measured by suitable parameters that are based on the nodes’ functional properties in the application context. Existing models do not clearly outline the parametrization of trust. Also, trust decay is inadequately modeled in most current models. In addition, trust recommendations are usually inaccurately weighted with respect to previous trust, thereby increasing the effect of bad recommendations. A new model, CTRUST, is proposed to resolve these shortcomings. In CTRUST, trust is accurately parametrized while recommendations are evaluated through belief functions. The effects of trust decay and maturity on the trust evaluation process were studied. Each trust component is neatly modeled by appropriate mathematical functions. CTRUST was implemented in a collaborative download application and its performance was evaluated based on the utility derived and its trust accuracy, convergence, and resiliency. The results indicate that IoT collaborative applications based on CTRUST gain a significant improvement in performance, in terms of efficiency and security.

Nguyen Binh Truong,Hyunwoo Lee,Bob Askwith,Gyu Myoung Lee

DOI: https://doi.org/10.3390/s17061346

IF: 3.9

2017-06-09

Sensors

Abstract:In the blooming era of the Internet of Things (IoT), trust has been accepted as a vital factor for provisioning secure, reliable, seamless communications and services. However, a large number of challenges still remain unsolved due to the ambiguity of the concept of trust as well as the variety of divergent trust models in different contexts. In this research, we augment the trust concept, the trust definition and provide a general conceptual model in the context of the Social IoT (SIoT) environment by breaking down all attributes influencing trust. Then, we propose a trust evaluation model called REK, comprised of the triad of trust indicators (TIs) Reputation, Experience and Knowledge. The REK model covers multi-dimensional aspects of trust by incorporating heterogeneous information from direct observation (as Knowledge TI), personal experiences (as Experience TI) to global opinions (as Reputation TI). The associated evaluation models for the three TIs are also proposed and provisioned. We then come up with an aggregation mechanism for deriving trust values as the final outcome of the REK evaluation model. We believe this article offers better understandings on trust as well as provides several prospective approaches for the trust evaluation in the SIoT environment.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Jiaze Shang,Tianbo Lu,Yingjie Cai,Shuang Luo,Zhaoxin Jin

DOI: https://doi.org/10.1109/hpcc-dss-smartcity-dependsys57074.2022.00202

2022-01-01

Abstract:The application of blockchain in the Internet of Things (IoT) solves the problem of centralization, enables data interaction of IoT nodes in untrusted environments. However, most of the blockchain consensus protocols are computationally expensive and poorly scalable, which cannot meet the current demand for low power consumption and low latency of IoT devices. Meanwhile, IoT nodes suffer from many malicious attacks. An effective reputation evaluation scheme is valuable for establishing a trusted, secure IoT environment with certain applications. In this paper, we propose RBCP, a novel reputation-based blockchain consensus protocol, and apply it to the IoT. The protocol divides IoT nodes into multiple regions, and consensus nodes in each region are selected based on real-time updated reputation values, which are used to participate in light PoW consensus and finally propose blocks. Then, we model the deposits and profits of the nodes as Stackelberg game and analyze the relationship between them. To evaluate our proposed protocol, we compare it with existing consensus protocols through several experiments. Our experimental results show that RBCP has advantages in terms of TPS, consensus time, and communication consumption, proving that it has low latency and less consensus time under the premise of sufficient security.