IOTA-Assisted Self-Sovereign Identity Framework for Decentralized Authentication and Secure Data Sharing
The Internet of Things (IoT) demands robust mechanisms for secure communication and trust establishment among connected devices. Traditional Public Key Infrastructure (PKI) solutions face limitations in scalability, centralization and single points of failure. These limitations hinder their effectiv...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10988537/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850031699133464576 |
|---|---|
| author | Assiya Akli Khalid Chougdali |
| author_facet | Assiya Akli Khalid Chougdali |
| author_sort | Assiya Akli |
| collection | DOAJ |
| description | The Internet of Things (IoT) demands robust mechanisms for secure communication and trust establishment among connected devices. Traditional Public Key Infrastructure (PKI) solutions face limitations in scalability, centralization and single points of failure. These limitations hinder their effectiveness in dynamic IoT environments. To address these challenges, this paper introduces a new decentralized authentication protocol for secure identity management and data exchange in IoT, called ISIF (IOTA-Assisted Self-Sovereign Identity Framework). This framework is based on Self-Sovereign Identity (SSI) principles and leverages Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) to enable mutual authentication without relying on centralized authorities. DIDs ensure decentralized identity management and VCs provide verifiable context-specific claims. This dual-layer approach enables robust and attribute-based authentication, which reduces the risk of unauthorized access and improving interoperability in decentralized IoT environments. ISIF employs the IOTA Tangle as a distributed ledger to manage and verify DIDs and VCs. This offers a decentralized, immutable record that supports efficient and tamper-resistant identity management. ISIF ensures that all interactions within the IoT network are securely authenticated and resilient to tampering. The experimental results show that the framework maintains efficient DID generation and VC issuance times even as network size scales, overcoming the bottlenecks inherent in PKI-based systems. Experimental results demonstrate that ISIF maintains efficient DID generation and VC issuance, even as network size scales. Experimental results show that DID generation time increases from 1.85 ms (for 50 nodes) to 10.81 ms (for 250 nodes), while VC issuance time ranges from 2.66 ms to 13.21 ms. Similarly, VC verification time increases from 3.54 ms to 22.27 ms as the network scales. Despite these increases, the overall end-to-end (E2E) delay remains low (0.16–0.33 ms), ensuring efficient real-time authentication. These findings confirm ISIF’s feasibility for large-scale IoT authentication without performance degradation. Furthermore, the IOTA Tangle’s performance in handling varied payload sizes affirms its suitability for managing block generation and retrieval in IoT, ensuring practical processing times that uphold security and decentralization. |
| format | Article |
| id | doaj-art-a20dc4fda9c7425093e5e4c39d0829a1 |
| institution | DOAJ |
| issn | 2169-3536 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-a20dc4fda9c7425093e5e4c39d0829a12025-08-20T02:58:54ZengIEEEIEEE Access2169-35362025-01-0113801918020510.1109/ACCESS.2025.356713710988537IOTA-Assisted Self-Sovereign Identity Framework for Decentralized Authentication and Secure Data SharingAssiya Akli0https://orcid.org/0000-0003-0641-9315Khalid Chougdali1https://orcid.org/0000-0002-1072-0461Engineering Sciences Laboratory, National School of Applied Sciences, Ibn Tofail University, Kenitra, MoroccoEngineering Sciences Laboratory, National School of Applied Sciences, Ibn Tofail University, Kenitra, MoroccoThe Internet of Things (IoT) demands robust mechanisms for secure communication and trust establishment among connected devices. Traditional Public Key Infrastructure (PKI) solutions face limitations in scalability, centralization and single points of failure. These limitations hinder their effectiveness in dynamic IoT environments. To address these challenges, this paper introduces a new decentralized authentication protocol for secure identity management and data exchange in IoT, called ISIF (IOTA-Assisted Self-Sovereign Identity Framework). This framework is based on Self-Sovereign Identity (SSI) principles and leverages Decentralized Identifiers (DIDs) and Verifiable Credentials (VCs) to enable mutual authentication without relying on centralized authorities. DIDs ensure decentralized identity management and VCs provide verifiable context-specific claims. This dual-layer approach enables robust and attribute-based authentication, which reduces the risk of unauthorized access and improving interoperability in decentralized IoT environments. ISIF employs the IOTA Tangle as a distributed ledger to manage and verify DIDs and VCs. This offers a decentralized, immutable record that supports efficient and tamper-resistant identity management. ISIF ensures that all interactions within the IoT network are securely authenticated and resilient to tampering. The experimental results show that the framework maintains efficient DID generation and VC issuance times even as network size scales, overcoming the bottlenecks inherent in PKI-based systems. Experimental results demonstrate that ISIF maintains efficient DID generation and VC issuance, even as network size scales. Experimental results show that DID generation time increases from 1.85 ms (for 50 nodes) to 10.81 ms (for 250 nodes), while VC issuance time ranges from 2.66 ms to 13.21 ms. Similarly, VC verification time increases from 3.54 ms to 22.27 ms as the network scales. Despite these increases, the overall end-to-end (E2E) delay remains low (0.16–0.33 ms), ensuring efficient real-time authentication. These findings confirm ISIF’s feasibility for large-scale IoT authentication without performance degradation. Furthermore, the IOTA Tangle’s performance in handling varied payload sizes affirms its suitability for managing block generation and retrieval in IoT, ensuring practical processing times that uphold security and decentralization.https://ieeexplore.ieee.org/document/10988537/IOTA tangleIoTSSIDIDVC |
| spellingShingle | Assiya Akli Khalid Chougdali IOTA-Assisted Self-Sovereign Identity Framework for Decentralized Authentication and Secure Data Sharing IEEE Access IOTA tangle IoT SSI DID VC |
| title | IOTA-Assisted Self-Sovereign Identity Framework for Decentralized Authentication and Secure Data Sharing |
| title_full | IOTA-Assisted Self-Sovereign Identity Framework for Decentralized Authentication and Secure Data Sharing |
| title_fullStr | IOTA-Assisted Self-Sovereign Identity Framework for Decentralized Authentication and Secure Data Sharing |
| title_full_unstemmed | IOTA-Assisted Self-Sovereign Identity Framework for Decentralized Authentication and Secure Data Sharing |
| title_short | IOTA-Assisted Self-Sovereign Identity Framework for Decentralized Authentication and Secure Data Sharing |
| title_sort | iota assisted self sovereign identity framework for decentralized authentication and secure data sharing |
| topic | IOTA tangle IoT SSI DID VC |
| url | https://ieeexplore.ieee.org/document/10988537/ |
| work_keys_str_mv | AT assiyaakli iotaassistedselfsovereignidentityframeworkfordecentralizedauthenticationandsecuredatasharing AT khalidchougdali iotaassistedselfsovereignidentityframeworkfordecentralizedauthenticationandsecuredatasharing |