As IoT-connected devices, sometimes referred to as the Internet of Things (IoT), continue to proliferate, existing centralized identity management systems struggle in the large scale due to issues with scalability, privacy and security. For these reasons, centralized identity management systems will not meet the requirements of large-scale IoT deployments. In this paper, we suggest a decentralized identity management system to authenticate and authorize IoT devices based on a hybrid blockchain and Zero-Knowledge Proof (ZKP) protocol. The proposed system utilizes decentralized identifiers (DIDs), verifiable credentials (VCs) and a hierarchical web-of-trust structure as part of the identity management process. The identity and credentials can be created and validated in a decentralized manner and locally, using smart contracts and lightweight consensus models such as Proof of Stake (PoS) and Practical Byzantine Fault Tolerance (PBFT). The performance evaluation demonstrated the performance in respect of authentication latency businesses managed to get the latency to 250 ms, throughput reaching to 200 messages per second and energy efficiency improved to 300mW/device. Based on the baseline comparisons including PoW, OAuth and Hash-MAC based systems included, the proposed method is scalably better, provides greater security against DDoS and MITM attacks and used less memory. The proposed method yields a robust, fully decentralized identification system for managing IoT identities without requiring a centralized authority, allowing scalable and secure interactions across distributed networks.

. M. Adil et al., "Hash-MAC-DSDV: Mutual Authentication for Intelligent IoT-Based Cyber–Physical Systems," in IEEE Internet of Things Journal, vol. 9, no. 22, pp. 22173-22183, 15 Nov.15, 2022, doi: 10.1109/JIOT.2021.3083731.

. Cirani, S., Picone, M., Gonizzi, P., Veltri, L., & Ferrari, G. (2015). IoT-OAS: An OAuth-Based Authorization Service Architecture for Secure Services in IoT Scenarios. IEEE Sensors Journal, 15(2), 1224–1234. doi:10.1109/jsen.2014.2361406.

. Condry, M. W., & Nelson, C. B. (2016). Using Smart Edge IoT Devices for Safer, Rapid Response With Industry IoT Control Operations. Proceedings of the IEEE, 104(5), 938–946. Doi:10.1109/jproc.2015.2513672.

. Liang, Y., Samtani, S., Guo, B., & Yu, Z. (2020). Behavioral Biometrics for Continuous Authentication in the Internet of Things Era: An Artificial Intelligence Perspective. IEEE Internet of Things Journal, 1–1. doi:10.1109/jiot.2020.3004077.

. Azad, M. A., Bag, S., Perera, C., Barhamgi, M., & Hao, F. (2019). Authentic-Caller: Self-enforcing Authentication in a Next Generation Network. IEEE Transactions on Industrial Informatics, 1–1. doi:10.1109/tii.2019.2941724.

. Chaudhry, S. A., Farash, M. S., Kumar, N., & Alsharif, M. H. (2020). PFLUA-DIoT: A Pairing Free Lightweight and Unlinkable User Access Control Scheme for Distributed IoT Environments. IEEE Systems Journal, 1–8. doi:10.1109/jsyst.2020.3036425.

. Leithardt, V., Santos, D., Silva, L., Viel, F., Zeferino, C., & Silva, J. (2020). A Solution for Dynamic Management of User Profiles in IoT Environments. IEEE Latin America Transactions, 18(07), 1193–1199. doi:10.1109/tla.2020.9099759.

. Oktian, Y. E., & Lee, S.-G. (2021). BorderChain: Blockchain-Based Access Control Framework for the Internet of Things Endpoint. IEEE Access, 9, 3592–3615. doi:10.1109/access.2020.3047413

. Panda, S. S., Jena, D., Mohanta, B. K., Ramasubbareddy, S., Daneshmand, M., & Gandomi, A. H. (2021). Authentication and Key Management in Distributed IoT Using Blockchain Technology. IEEE Internet of Things Journal, 8(16), 12947–12954. doi:10.1109/jiot.2021.3063806.

. Zeng, S., Zhang, H., Hao, F., & Li, H. (2021). Deniable-Based Privacy-Preserving Authentication Against Location Leakage in Edge Computing. IEEE Systems Journal, 1–10. doi:10.1109/jsyst.2021.3049629

. Li, X., Peng, J., Obaidat, M. S., Wu, F., Khan, M. K., & Chen, C. (2019). A Secure Three-Factor User Authentication Protocol With Forward Secrecy for Wireless Medical Sensor Network Systems. IEEE Systems Journal, 1–12. doi:10.1109/jsyst.2019.2899580

. Aman, M. N., Taneja, S., Sikdar, B., Chua, K. C., & Alioto, M. (2018). Token-Based Security for the Internet of Things With Dynamic Energy-Quality Tradeoff. IEEE Internet of Things Journal, 1–1. doi:10.1109/jiot.2018.2875472

. Gaba, G. S., Kumar, G., Monga, H., Kim, T.-H., & Kumar, P. (2020). Robust and Lightweight Mutual Authentication Scheme in Distributed Smart Environments. IEEE Access, 1–1. doi:10.1109/access.2020.2986480

. Lu, D., Han, R., Shen, Y., Dong, X., Ma, J., Du, X., & Guizani, M. (2020). xTSeH : A Trusted Platform Module Sharing Scheme towards Smart IoT-eHealth Devices. IEEE Journal on Selected Areas in Communications, 1–1. doi:10.1109/jsac.2020.3020658.

. Macedo, E. L. C., de Oliveira, E. A. R., Silva, F. H., Mello, R. R., Franca, F. M. G., Delicato, F. C., … de Moraes, L. F. M. (2019). On the security aspects of Internet of Things: A systematic literature review. Journal of Communications and Networks, 1–14. doi:10.1109/jcn.2019.000048

. Arfaoui, A., Cherkaoui, S., Kribeche, A., & Senouci, S. M. (2020). Context-Aware Adaptive Remote Access for IoT Applications. IEEE Internet of Things Journal, 7(1), 786–799. doi:10.1109/jiot.2019.2953144.

. Patel, C., & Doshi, N. prafulchandra. (2020). Secure Lightweight Key Exchange Using ECC for User-Gateway Paradigm. IEEE Transactions on Computers, 1–1. doi:10.1109/tc.2020.3026027.

. Malik, M., Dutta, M., & Granjal, J. (2019). A survey of Key bootstrapping protocols based on Public Key Cryptography in the Internet of Things. IEEE Access, 1–1. doi:10.1109/access.2019.2900957.

. Chaudhry, S. A., Alhakami, H., Baz, A., & Al-Turjman, F. (2020). Securing Demand Response Management: A Certificate based Access Control in Smart Grid Edge Computing Infrastructure. IEEE Access, 1–1. doi:10.1109/access.2020.2996093.

. Hamad, S. A., Sheng, Q. Z., Zhang, W. E., & Nepal, S. (2020). Realizing an Internet of Secure Things: A Survey on Issues and Enabling Technologies. IEEE Communications Surveys & Tutorials, 1–1. doi:10.1109/comst.2020.2976075