A Lightweight Authentication-Driven Trusted Management Framework for IoT Collaboration

The property of Internet of Things (IoT) applications is their capability to execute tasks through the collaboration of interconnected IoT objects. However, IoT collaborations face significant challenges due to security threats that undermine their reliability. An uncertified task publisher may deceive IoT devices into executing illegal tasks, while malicious attackers may intercept and modify transmitted data. Existing works on IoT trusted management issues tend to concentrate on individual aspects, such as authentication, privacy protection, and access control. However, trusted management for IoT collaboration is a multifaceted and intricate endeavor that necessitates a comprehensive approach. To fill this gap, we propose a lightweight authentication-driven trusted management framework that includes a novel authentication and key agreement scheme to guarantee the validity of task publishers, with greatly reduced overheads compared to recent works. The framework also incorporates a distributed data storage scheme and a fine-grained access control mechanism. We record the interactive messages on the blockchain to ensure behavior traceability. We evaluate the authentication scheme through comparative experiments and formal security analysis, demonstrating its efficiency and effectiveness. The experimental results of data storage and acquisition in real-world IoT environments indicate that the proposed framework is a feasible solution for reliable IoT collaboration.