Blockchain-based identity management system for internet of things

doi:10.11772/j.issn.1001-9081.2024081231

Journal of Computer Applications ›› 2025, Vol. 45 ›› Issue (9): 2873-2881.DOI: 10.11772/j.issn.1001-9081.2024081231

• Cyber security • Previous Articles

Blockchain-based identity management system for internet of things

Sheping ZHAI¹^,², Pengju ZHU¹(), Rui YANG¹, Jiayiteng LIU¹

^1.School of Computer Science and Technology，Xi’an University of Posts and Telecommunications，Xi’an Shaanxi 710121，China
^2.Shaanxi Key Laboratory of Network Data Analysis and Intelligent Processing （Xi’an University of Posts and Telecommunications），Xi’an Shaanxi 710121，China

Received:2024-09-02 Revised:2024-11-28 Accepted:2024-12-02 Online:2024-12-17 Published:2025-09-10
Contact: Pengju ZHU
About author:ZHAI Sheping， born in 1971， Ph. D.， professor. His research interests include blockchain， semantic computing.
YANG Rui， born in 1976， M. S.， lecturer. Her research interests include blockchain， knowledge graph.
LIU Jiayiteng， born in 1998， M. S. candidate. His research interests include blockchain.
Supported by:
National Natural Science Foundation of China(61373116);Communication Soft Science Project of Ministry of Industry and Information Technology(2018-R-26);Project of Scientific Research Program of Education Department of Shaanxi Provincial Government(18JK0697);Shaanxi Provincial Key Research and Development Program(2022GY-038);Shaanxi Provincial Social Science Fund(2016N008);Shaanxi Provincial College and University Student Innovation and Entrepreneurship Training Program(202211664016);Xi’an University of Posts and Telecommunications Graduate Student Innovation Fund(CXJJYL2022049);Xi’an Social Science Planning Fund （17X63）

基于区块链的物联网身份管理系统

翟社平¹^,², 朱鹏举¹(), 杨锐¹, 刘佳一腾¹

^1.西安邮电大学计算机学院，西安 710121
^2.陕西省网络数据分析与智能处理重点实验室（西安邮电大学），西安 710121

通讯作者: 朱鹏举
作者简介:翟社平（1971—），男，陕西宝鸡人，教授，博士，CCF会员，主要研究方向：区块链、语义计算
杨锐（1976—），女，陕西咸阳人，讲师，硕士，主要研究方向：区块链、知识图谱
刘佳一腾（1998—），男，陕西宝鸡人，硕士研究生，主要研究方向：区块链。
基金资助:
国家自然科学基金资助项目(61373116);工业和信息化部通信软科学项目(2018-R-26);陕西省教育厅科学研究计划项目(18JK0697);陕西省重点研发计划项目(2022GY-038);陕西省社会科学基金资助项目(2016N008);陕西省大学生创新创业训练计划项目(202211664016);西安市社会科学规划基金资助项目(17X63);西安邮电大学研究生创新基金资助项目(CXJJYL2022049)

Abstract

Abstract:

In the current Internet of Things （IoT） environment， Decentralized IDentifier （DID） management methods face multiple challenges， including linkage attacks， privacy leakage， and regulatory conflicts. There is an urgent need for a new scheme that can protect user privacy while meeting regulatory requirements. A DID scheme was proposed to address these issues. In the scheme， an identity system combining a main identifier and multiple pseudonymous identifiers was adopted， a dual-credential model was designed， thereby integrating plaintext credentials and encrypted credentials， and commitment and Zero-Knowledge Proof （ZKP） technologies were utilized to ensure the security of sensitive attributes and identity data. Furthermore， pseudonym mechanisms were applied to achieve unlinkability of identity information and defend against Sybil attacks effectively. Experimental results show that compared to the schemes such as WeIdentity， the proposed scheme reduces the credential generation time and proof generation time by 23% and 19%， respectively， demonstrating significant advantages in performance. It can be seen that the proposed DID scheme enhances user identity privacy protection， reduces identity leakage risks， and balances privacy protection with regulatory requirements， providing a solution for DID management in IoT environment.

Key words: blockchain, privacy protection, Zero-Knowledge Proof (ZKP), identity management, Internet of Things (IoT)

摘要：

在当前物联网（IoT）环境中，分布式身份（DID）管理方法面临链接攻击、隐私泄露和监管冲突等多重挑战，亟须一种能保护用户隐私，同时兼顾监管需求的新方案。针对上述问题，提出一种DID方案。该方案采用主标识符和多个假名标识符相结合的身份体系，设计双凭证模型，以结合明文凭证与加密凭证，并利用承诺和零知识证明（ZKP）技术确保敏感属性和身份数据的安全性。此外，通过假名机制实现身份信息的非链接性，并有效地防御Sybil攻击。实验结果表明，与WeIdentity等方案相比，所提方案在凭证生成时间和证明生成时间上分别缩短了23%和19%，在性能方面具有显著优势。可见，所提DID方案提升了用户身份隐私保护水平，减轻了身份泄露风险，并在隐私保护与监管需求之间实现了平衡，为IoT环境中的DID管理提供了一种解决方案。

关键词: 区块链, 隐私保护, 零知识证明, 身份管理, 物联网

CLC Number:

TP311.1

Sheping ZHAI, Pengju ZHU, Rui YANG, Jiayiteng LIU. Blockchain-based identity management system for internet of things[J]. Journal of Computer Applications, 2025, 45(9): 2873-2881.

翟社平, 朱鹏举, 杨锐, 刘佳一腾. 基于区块链的物联网身份管理系统[J]. 《计算机应用》唯一官方网站, 2025, 45(9): 2873-2881.

Figures/Tables 8

Fig. 1 DID format

Fig. 2 System architecture of GeneralDID

Tab. 1 Comparison of scheme functions

功能	Sovrin	WeIdentity	CanDID	GeneralDID
身份隐私	√	√	√	√
凭证隐私	×	×	√	√
凭证嵌套验证	×	×	×	√
凭证身份不可链接	×	×	√	√

Fig. 3 Comparison of credential generation time， proof generation time and proof time among different schemes

Fig. 4 Generation time of plaintext credential and commitment credential

Fig. 5 Block generation time and submission time under different consensus nodes

Fig. 6 Storage space consumption

Fig. 7 Validation time for credentials

References 23

[1]	范平志，李里，陈欢，等. 面向大规模物联网的随机接入：现状、挑战与机遇［J］. 通信学报， 2021， 42（4）：1-21.
	FAN P Z， LI L， CHEN H， et al. Random access for massive Internet of things： current status， challenges and opportunities ［J］. Journal on Communications， 2021， 42（4）：1-21.
[2]	苗可. 针对物联网设备攻击的研究［J］. 物联网技术， 2024， 14（8）：73-75.
	MIAO K. Research against attacks on IoT devices［J］. Internet of Things Technologies， 2024， 14（8）：73-75.
[3]	段佳莉，孙羽宁，胡静娴，等. 基于物联网标识技术的保护装置身份识别与信息管理方法［J］. 电力科学与技术学报， 2021， 36（6）： 204-210.
	DUAN J L， SUN Y N， HU J X， et al. Identification and information management method of protection device based on internet of things identification technology ［J］. Journal of Electric Power Science and Technology， 2021， 36（6）：204-210.
[4]	李馥娟，马卓，王群. 区块链系统身份管理机制研究综述［J］. 计算机工程与应用， 2024， 60（1）：57-73.
	LI F J， MA Z， WANG Q. Survey on identity management in blockchain systems ［J］. Computer Engineering and Applications， 2024， 60（1）： 57-73.
[5]	袁和昕，刘百祥，阚海斌，等. 基于区块链和去中心不可否认属性签名的分布式公钥基础设施方案［J］. 中国科学：信息科学， 2022， 52（6）：1135-1148.
	YUAN H X， LIU B X， KAN H B， et al. Distributed public key infrastructure scheme based on blockchain and decentralized undeniable attribute-based signature［J］. SCIENTIA SINICA Informationis， 2022， 52（6）： 1135-1148.
[6]	宋智明，余益民，王贵文，等. 基于区块链智能合约的数字身份可验证凭证零知识认证和管理架构［J］. 信息安全学报， 2023， 8（1）：55-77.
	SONG Z M， YU Y M， WANG G W， et al. Zero-knowledge authentication and management architecture of verifiable certificate of digital identity based on smart contracts of blockchain［J］. Journal of Cyber Security， 2023， 8（1）： 55-77.
[7]	徐智诚，李响，毛剑，等. 分布式架构中的Sybil攻击及防御综述［J］. 西安电子科技大学学报， 2021， 48（1）：39-49.
	XU Z C， LI X， MAO J， et al. Overview of Sybil attacks and defenses in the distributed architecture ［J］. Journal of Xidian University， 2021， 48（1）： 39-49.
[8]	何建江，陈玉玲. 基于DLIN加密的可监管联盟链隐私保护方案［J］. 计算机工程， 2023， 49（6）：170-179.
	HE J J， CHEN Y L. DLIN encryption-based auditable privacy-preserving scheme for consortium blockchain ［J］. Computer Engineering， 2023， 49（6）： 170-179.
[9]	贾淼，姚中原，祝卫华，等. 零知识证明赋能区块链的进展与展望［J］. 计算机应用， 2024， 44（12）： 3669-3677.
	JIA M， YAO Z Y， ZHU W H， et al. Progress and prospect of zero-knowledge proof enabling blockchain ［J］. Journal of Computer Applications， 2024， 44（12）： 3669-3677.
[10]	AYDAR M， AYVAZ S， CETIN S C. Towards a blockchain based digital identity verification， record attestation and record sharing system ［EB/OL］. ［2024-08-05］. .
[11]	WANG F， DE FILIPPI P. Self-sovereign identity in a globalized world： credentials-based identity systems as a driver for economic inclusion ［J］. Frontiers in Blockchain， 2019， 2： No.28.
[12]	LUNDKVIST C， HECK R， TORSTENSSON J， et al. Uport： a platform for self-sovereign identity ［R/OL］. ［2024-08-01］..
[13]	COOPER D， SANTESSON S， FARRELL S， et al. Hyperledger Indy： distributed ledger purpose built for decentralized identity［EB/OL］. ［2024-07-25］. .
[14]	WINDLEY P J. Sovrin： an identity metasystem for self-sovereign identity ［J］. Frontiers in Blockchain， 2021， 4： No.626726.
[15]	ShoCard， Inc. ShoCard with ShoCoin tokens whitepaper： identity management verified using the blockchain ［R/OL］. ［2024-08-03］..
[16]	GARMAN C， GREEN M， MIERS I. Decentralized anonymous credentials ［C］// Proceedings of the 2014 Network and Distributed System Security Symposium. Reston， VA： Internet Society， 2014： 1-15.
[17]	SONNINO A， AL-BASSAM M， BANO S， et al. Coconut： threshold issuance selective disclosure credentials with applications to distributed ledgers ［C］// Proceedings of the 2019 Network and Distributed System Security Symposium. Reston， VA： Internet Society， 2019： 1-15 .
[18]	ISAAKIDIS M， HALPIN H， DANEZIS G. UnlimitID： privacy-preserving federated identity management using algebraic MACs［C］// Proceedings of the 2016 ACM on Workshop on Privacy in the Electronic Society. New York： ACM， 2016： 139-142.
[19]	MARAM D， MALVAI H， ZHANG F， et al. CanDID： can-do decentralized identity with legacy compatibility， Sybil-resistance， and accountability ［C］// Proceedings of the 2021 IEEE Symposium on Security and Privacy. Piscataway： IEEE， 2021： 1348-1366.
[20]	Baidu. Baidu DID ［EB/OL］. ［2024-07-21］. .
[21]	BELCHIOR R， PUTZ B， PERNUL G， et al. SSIBAC： self-sovereign identity based access control ［C］// Proceedings of the IEEE 19th International Conference on Trust， Security and Privacy in Computing and Communications. Piscataway： IEEE， 2021： 1935-1943.
[22]	LI Q， XUE Z. A privacy-protecting authorization system based on blockchain and zk-SNARK ［C］// Proceedings of the 2020 International Conference on Cyberspace Innovation of Advanced Technologies. New York： ACM， 2020： 439-444.
[23]	WeBank Company Limited. WeIdentity ［EB/OL］. ［2024-08-14］. .

Blockchain-based identity management system for internet of things

基于区块链的物联网身份管理系统

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 8

References 23

Related Articles 15

Recommended Articles

Metrics

[1]	Wei SHE, Tianxiang MA, Haige FENG, Zhao TIAN, Wei LIU. Blockchain covert communication method based on contract call concealment [J]. Journal of Computer Applications, 2025, 45(9): 2865-2872.
[2]	Bohan ZHANG, Le LYU, Junchang JING, Dong LIU. Genetic algorithm-based community hiding method in attribute networks [J]. Journal of Computer Applications, 2025, 45(9): 2817-2826.
[3]	Wei GAO, Lihua LIU, Bintao HE, Fang’an DENG. Research advances in blockchain consensus mechanisms and improvement algorithms [J]. Journal of Computer Applications, 2025, 45(9): 2848-2864.
[4]	Di WANG. P-Dledger： blockchain edge node security architecture [J]. Journal of Computer Applications, 2025, 45(8): 2630-2636.
[5]	Jintao SU, Lina GE, Liguang XIAO, Jing ZOU, Zhe WANG. Detection and defense scheme for backdoor attacks in federated learning [J]. Journal of Computer Applications, 2025, 45(8): 2399-2408.
[6]	Lina GE, Mingyu WANG, Lei TIAN. Review of research on efficiency of federated learning [J]. Journal of Computer Applications, 2025, 45(8): 2387-2398.
[7]	Yan YAN, Feifei LI, Yaqin LYU, Tao FENG. Secure and efficient frequency estimation method based on shuffled differential privacy [J]. Journal of Computer Applications, 2025, 45(8): 2600-2611.
[8]	Haiyang PENG, Weixing JI, Fawang LIU. Blockchain-based data notarization model for autonomous driving simulation testing [J]. Journal of Computer Applications, 2025, 45(8): 2421-2427.
[9]	Shuo ZHANG, Guokai SUN, Yuan ZHUANG, Xiaoyu FENG, Jingzhi WANG. Dynamic detection method of eclipse attacks for blockchain node analysis [J]. Journal of Computer Applications, 2025, 45(8): 2428-2436.
[10]	Lixiao ZHANG, Yao MA, Yuli YANG, Dan YU, Yongle CHEN. Large-scale IoT binary component identification based on named entity recognition [J]. Journal of Computer Applications, 2025, 45(7): 2288-2295.
[11]	Yuxuan CHEN, Haibin ZHENG, Zhenyu GUAN, Boheng SU, Yujue WANG, Zhenwei GUO. Blockchain sharding mechanism in asynchronous network based on HoneyBadgerBFT and DAG [J]. Journal of Computer Applications, 2025, 45(7): 2092-2100.
[12]	Xiaoyang ZHAO, Xinzheng XU, Zhongnian LI. Research review on explainable artificial intelligence in internet of things applications [J]. Journal of Computer Applications, 2025, 45(7): 2169-2179.
[13]	Li’e WANG, Caiyi LIN, Yongdong LI, Xingcheng FU, Xianxian LI. Digital content copyright protection and fair tracking scheme based on blockchain [J]. Journal of Computer Applications, 2025, 45(6): 1756-1765.
[14]	Xin SHAO, Zigang CHEN, Xingchun YANG, Haihua ZHU, Wenjun LUO, Long CHEN, Yousheng ZHOU. Vehicular digital evidence preservation and access control based on consortium blockchain [J]. Journal of Computer Applications, 2025, 45(6): 1902-1910.
[15]	Gaimei GAO, Miaolian DU, Chunxia LIU, Yuli YANG, Weichao DANG, Guoxia DI. Privacy protection method for consortium blockchain based on SM2 linkable ring signature [J]. Journal of Computer Applications, 2025, 45(5): 1564-1572.