Blockchain Based Decentralized Identity Management System for Authentication and Authorization in IoT Networks

Abstract

As IoT-connected devices, sometimes referred to as the Internet of Things (IoT), continue to proliferate, existing centralized identity management systems struggle in the large scale due to issues with scalability, privacy and security. For these reasons, centralized identity management systems will not meet the requirements of large-scale IoT deployments. In this paper, we suggest a decentralized identity management system to authenticate and authorize IoT devices based on a hybrid blockchain and Zero-Knowledge Proof (ZKP) protocol. The proposed system utilizes decentralized identifiers (DIDs), verifiable credentials (VCs) and a hierarchical web-of-trust structure as part of the identity management process. The identity and credentials can be created and validated in a decentralized manner and locally, using smart contracts and lightweight consensus models such as Proof of Stake (PoS) and Practical Byzantine Fault Tolerance (PBFT). The performance evaluation demonstrated the performance in respect of authentication latency businesses managed to get the latency to 250 ms, throughput reaching to 200 messages per second and energy efficiency improved to 300mW/device. Based on the baseline comparisons including PoW, OAuth and Hash-MAC based systems included, the proposed method is scalably better, provides greater security against DDoS and MITM attacks and used less memory. The proposed method yields a robust, fully decentralized identification system for managing IoT identities without requiring a centralized authority, allowing scalable and secure interactions across distributed networks.

References

. M. Adil et al., "Hash-MAC-DSDV: Mutual Authentication for Intelligent IoT-Based Cyber–Physical Systems," in IEEE Internet of Things Journal, vol. 9, no. 22, pp. 22173-22183, 15 Nov.15, 2022, doi: 10.1109/JIOT.2021.3083731.

. Cirani, S., Picone, M., Gonizzi, P., Veltri, L., & Ferrari, G. (2015). IoT-OAS: An OAuth-Based Authorization Service Architecture for Secure Services in IoT Scenarios. IEEE Sensors Journal, 15(2), 1224–1234. doi:10.1109/jsen.2014.2361406.

. Condry, M. W., & Nelson, C. B. (2016). Using Smart Edge IoT Devices for Safer, Rapid Response With Industry IoT Control Operations. Proceedings of the IEEE, 104(5), 938–946. Doi:10.1109/jproc.2015.2513672.

. Liang, Y., Samtani, S., Guo, B., & Yu, Z. (2020). Behavioral Biometrics for Continuous Authentication in the Internet of Things Era: An Artificial Intelligence Perspective. IEEE Internet of Things Journal, 1–1. doi:10.1109/jiot.2020.3004077.

. Azad, M. A., Bag, S., Perera, C., Barhamgi, M., & Hao, F. (2019). Authentic-Caller: Self-enforcing Authentication in a Next Generation Network. IEEE Transactions on Industrial Informatics, 1–1. doi:10.1109/tii.2019.2941724.

. Chaudhry, S. A., Farash, M. S., Kumar, N., & Alsharif, M. H. (2020). PFLUA-DIoT: A Pairing Free Lightweight and Unlinkable User Access Control Scheme for Distributed IoT Environments. IEEE Systems Journal, 1–8. doi:10.1109/jsyst.2020.3036425.

. Leithardt, V., Santos, D., Silva, L., Viel, F., Zeferino, C., & Silva, J. (2020). A Solution for Dynamic Management of User Profiles in IoT Environments. IEEE Latin America Transactions, 18(07), 1193–1199. doi:10.1109/tla.2020.9099759.

. Oktian, Y. E., & Lee, S.-G. (2021). BorderChain: Blockchain-Based Access Control Framework for the Internet of Things Endpoint. IEEE Access, 9, 3592–3615. doi:10.1109/access.2020.3047413

. Panda, S. S., Jena, D., Mohanta, B. K., Ramasubbareddy, S., Daneshmand, M., & Gandomi, A. H. (2021). Authentication and Key Management in Distributed IoT Using Blockchain Technology. IEEE Internet of Things Journal, 8(16), 12947–12954. doi:10.1109/jiot.2021.3063806.

. Zeng, S., Zhang, H., Hao, F., & Li, H. (2021). Deniable-Based Privacy-Preserving Authentication Against Location Leakage in Edge Computing. IEEE Systems Journal, 1–10. doi:10.1109/jsyst.2021.3049629

. Li, X., Peng, J., Obaidat, M. S., Wu, F., Khan, M. K., & Chen, C. (2019). A Secure Three-Factor User Authentication Protocol With Forward Secrecy for Wireless Medical Sensor Network Systems. IEEE Systems Journal, 1–12. doi:10.1109/jsyst.2019.2899580

. Aman, M. N., Taneja, S., Sikdar, B., Chua, K. C., & Alioto, M. (2018). Token-Based Security for the Internet of Things With Dynamic Energy-Quality Tradeoff. IEEE Internet of Things Journal, 1–1. doi:10.1109/jiot.2018.2875472

. Gaba, G. S., Kumar, G., Monga, H., Kim, T.-H., & Kumar, P. (2020). Robust and Lightweight Mutual Authentication Scheme in Distributed Smart Environments. IEEE Access, 1–1. doi:10.1109/access.2020.2986480

. Lu, D., Han, R., Shen, Y., Dong, X., Ma, J., Du, X., & Guizani, M. (2020). xTSeH : A Trusted Platform Module Sharing Scheme towards Smart IoT-eHealth Devices. IEEE Journal on Selected Areas in Communications, 1–1. doi:10.1109/jsac.2020.3020658.

. Macedo, E. L. C., de Oliveira, E. A. R., Silva, F. H., Mello, R. R., Franca, F. M. G., Delicato, F. C., … de Moraes, L. F. M. (2019). On the security aspects of Internet of Things: A systematic literature review. Journal of Communications and Networks, 1–14. doi:10.1109/jcn.2019.000048

. Arfaoui, A., Cherkaoui, S., Kribeche, A., & Senouci, S. M. (2020). Context-Aware Adaptive Remote Access for IoT Applications. IEEE Internet of Things Journal, 7(1), 786–799. doi:10.1109/jiot.2019.2953144.

. Patel, C., & Doshi, N. prafulchandra. (2020). Secure Lightweight Key Exchange Using ECC for User-Gateway Paradigm. IEEE Transactions on Computers, 1–1. doi:10.1109/tc.2020.3026027.

. Malik, M., Dutta, M., & Granjal, J. (2019). A survey of Key bootstrapping protocols based on Public Key Cryptography in the Internet of Things. IEEE Access, 1–1. doi:10.1109/access.2019.2900957.

. Chaudhry, S. A., Alhakami, H., Baz, A., & Al-Turjman, F. (2020). Securing Demand Response Management: A Certificate based Access Control in Smart Grid Edge Computing Infrastructure. IEEE Access, 1–1. doi:10.1109/access.2020.2996093.

. Hamad, S. A., Sheng, Q. Z., Zhang, W. E., & Nepal, S. (2020). Realizing an Internet of Secure Things: A Survey on Issues and Enabling Technologies. IEEE Communications Surveys & Tutorials, 1–1. doi:10.1109/comst.2020.2976075

Authors

  • Kriti Patidar Department of Electrical and Electronics Engineering (EEE), Shri Vaishnav Vidyapeeth Vishwavidyalaya, Indore, Madhya Pradesh, India
  • Swapnil Jain Department of Electrical and Electronics Engineering (EEE), Shri Vaishnav Vidyapeeth Vishwavidyalaya, Indore, Madhya Pradesh, India
  • Mohammad Husain Department of Computer Science, Faculty of Computer and Information systems, Islamic University of Madinah, Madinah-42351, KSA
  • Mohd Muqeem Department of Computer Science and Engineering, Sandip University, Nashik. Maharashtra, India
  • Mohammad Nadeem Ahmed Department of Computer Science, College of Computer Science, King Khalid University, Kingdom of Saudi Arabia, Abha-61421, KSA
  • Ahmad Neyaz Khan Department of CSE-CYS, Department of Computer Science, NIET, Greater Noida, UP, India
  • Mohammad Rashid Hussain Department of Business Informatics, College of Business, King Khalid University, Kingdom of Saudi Arabia, Abha-62217, KSA
  • Arshad Ali Department of Computer Science, Faculty of Computer and Information systems, Islamic University of Madinah, Madinah-42351, KSA
  • Nazneen Mushtaque Department of Information Systems, Rijaal alma, King Khalid University, Kingdom of Saudi Arabia, KSA

DOI:

https://doi.org/10.31449/inf.v49i34.9164

Downloads

Published

08/26/2025

How to Cite

Patidar, K., Jain, S., Husain, M., Muqeem, M., Ahmed, M. N., Khan, A. N., … Mushtaque, N. (2025). Blockchain Based Decentralized Identity Management System for Authentication and Authorization in IoT Networks. Informatica, 49(34). https://doi.org/10.31449/inf.v49i34.9164

Issue

Vol. 49 No. 34 (2025): Online-only issue

Section

Online-only

License

I assign to Informatica, An International Journal of Computing and Informatics ("Journal") the copyright in the manuscript identified above and any additional material (figures, tables, illustrations, software or other information intended for publication) submitted as part of or as a supplement to the manuscript ("Paper") in all forms and media throughout the world, in all languages, for the full term of copyright, effective when and if the article is accepted for publication. This transfer includes the right to reproduce and/or to distribute the Paper to other journals or digital libraries in electronic and online forms and systems.

I understand that I retain the rights to use the pre-prints, off-prints, accepted manuscript and published journal Paper for personal use, scholarly purposes and internal institutional use.

In certain cases, I can ask for retaining the publishing rights of the Paper. The Journal can permit or deny the request for publishing rights, to which I fully agree.

I declare that the submitted Paper is original, has been written by the stated authors and has not been published elsewhere nor is currently being considered for publication by any other journal and will not be submitted for such review while under review by this Journal.  The Paper contains no material that violates proprietary rights of any other person or entity. I have obtained written permission from copyright owners for any excerpts from copyrighted works that are included and have credited the sources in my article. I have informed the co-author(s) of the terms of this publishing agreement.


Copyright ©  Slovenian Society Informatika