blockchain meets edge computing: a distributed and trusted...

1551-3203 (c) 2019 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.

This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TII.2019.2938001, IEEETransactions on Industrial Informatics

JOURNAL OF LATEX CLASS FILES 1

Blockchain Meets Edge Computing: A Distributedand Trusted Authentication System

Shaoyong Guo, Xing Hu, Song Guo, Senior Member, IEEE, Xuesong Qiu, Member, IEEE, Feng Qi *

Abstract—As the great prevalence of various Internet of Things(IoT) terminals, how to solve the problem of isolated informationamong different IoT platforms attracts attention from bothacademia and industry. It is necessary to establish a trustedaccess system to achieve secure authentication and collaborativesharing. Therefore, this paper proposes a distributed and trustedauthentication system based on Blockchain and edge computing,aiming to improve authentication efficiency. This system consistsof Physical network layer, Blockchain edge layer and Blockchainnetwork layer. Through the Blockchain network, an optimizedpractical Byzantine fault tolerance (PBFT) consensus algorithmis designed to construct a consortium Blockchain for storingauthentication data and logs. It guarantees trusted authenticationand achieves activity traceability of terminals. Furthermore,edge computing is applied in Blockchain edge nodes, to providename resolution and edge authentication service based on smartcontracts. Meanwhile, an asymmetric cryptography is designed,to prevent connection between nodes and terminals from beingattacked. And a caching strategy based on edge computing isproposed to improve hit ratio. Our proposed authenticationmechanism is evaluated with respect to communication andcomputation costs. Simulation results show that the cachingstrategy outperforms existing edge computing strategies by 6%-12% in terms of average delay, and 8%-14% in hit ratio.

Index Terms—Blockchain, IoT, edge computing, trusted au-thentication, cryptography, caching strategy

I. INTRODUCTION

AS the rapid development of information and commu-nication technology, IoT technology has been widely

used in modern society [1]. Traditional IoT platforms usuallyadopt cloud computing to handle big data stream generatedby various terminals [2]. However, these centralized platformsare isolated and incompatible from each other, facing difficultywith sharing information among different platforms. Further-more, user privacy can be exposed easily once the centralizedauthority is attacked. Therefore, it is urgent to realize dis-tributed and trusted authentication among IoT platforms.

For establishing trusted IoT platforms and supporting uni-form access models, Blockchain attracts significant attentionsfrom both academia and industry. First proposed by SatoshiNakamoto in 2008 as a decentralized peer-to-peer networkplatform, Blockchain has been one of the most promising

This work is supported by National Key Research and Development Project(No. 2018YFB1800704), and National Natural Science Foundation of Chinaunder Grant (601702048, 61872310).

Shaoyong Guo, Xing Hu, Xuesong Qiu and Feng Qi are with the BeijingUniversity of Posts and Communications, State Key Laboratory of Networkingand Switching Technology, China (email: {syguo, xinghu, xsqiu, qifeng}@bupt.edu.cn).

Song Guo is with the Department of Computing and Research Institute forSustainable Urban Development, Hong Kong Polytechnic University, HongKong (email: [email protected]).

technologies to meet security requirements of IoT networks[3], [4]. It confirms integrity and validity of networks throughcomputational-intensive tasks like Proof-of-Work puzzle.

Although many researchers are dedicated to the applicationof Blockchains, most of the existing Blockchains require alarge amount of computing and storage resources. For ex-ample, Zhe et al. [5] proposed a reputation system for datacredibility assessment, where cars with higher computationcapability acted as miners. Dorri et al. [6] chose gatewaysas miners in Smart Home. However, few works focused onimproving performance of Blockchain system when it works inthe edge. Some studies adopted edge computing for supportingservices in Blockchain networks [7], [8], such as blockchainbased edge-as-a-service framework [9] and edge computingenabled wireless blockchain framework [10]. Therefore, thispaper adopts edge computing for supporting edge authenti-cation service in the Blockchain system. Edge computing isapplied in Blockchain edge nodes to enhance computation andstorage capability.

Existing works adopting Blockchain in various IoT scenar-ios, such as intelligent transportation [11], smart grid [9], [12],smart medical [13] and so on, are mainly designed for securityor privacy. Few studies focused on efficient authentication andcollaborative sharing among different platforms. Therefore, wepropose a distributed and trusted authentication system thatcombines edge computing and Blockchain, to provide efficientauthentication for smart terminals. The system consists ofphysical network layer, Blockchain edge layer and Blockchainnetwork layer. Blockchain network layer works as an underly-ing supportive layer, storing authentication data and logs withan optimized PBFT consensus algorithm. Blockchain edgelayer contains two kinds of edge nodes, in which resolutionedge nodes provide name resolution service, and cache nodesachieve edge authentication service. A cryptography basedon Elliptic Curve Cryptography (ECC) is designed in orderto guarantee edge security. In particular, a caching strategybased on edge computing is proposed to update caching ofBlockchain edge nodes and improve hit ratio.

Main contributions of this paper are summarized as follows:• This paper proposes a distributed and trusted authenti-

cation system with Blockchain and edge computing. Inthe Blockchain network, an optimized PBFT consensusalgorithm is designed for storing authentication data andlogs. It guarantees trusted authentication and achievesactivity traceability of terminals.

• A distributed authentication mechanism is designed byleveraging a dynamic name resolution strategy and ECC.With the name resolution strategy, edge nodes can syn-




Cloud Platform

Smart HomePublic Security Smart Factory Smart City

ApplicationLayer

NetworkLayer

PhysicalLayer

EnvironmentMonitoring

WearingDevices

PerceptualLayer

NetworkLayer

ApplicationLayer

data fusion

securitysharing

resourcemanagement

Data management

Centralized Network Platform for IoT

Challenges:

1. Trust.Lacking mechanism to protect credibility and edge security;

2. Efficiency.Poor capacity in the real - time response and edge processing to meet demands of smart terminals.Environment

MonitoringVideo

SueveillanceWearingDevices

CollectiveTerminals

VehicularTerminals

IsolationImcompatibility

Internet Internet

Fig. 1. IoT architecture

chronize terminal data timely. Meanwhile, the cryptogra-phy can preserve identity confidentiality and communi-cation security among edge nodes and terminals.

• A caching strategy based on belief propagation (BP) al-gorithm is put forward to improve hit ratio and minimizedelay. Compared with traditional caching strategies thatcannot deal with mobile terminals, the strategy relying onsmart contracts can optimize allocation of caching spacedynamically.

The rest of this paper is organized as follows: SectionII reviews the related work. Section III presents the systemmodel. A distributed authentication mechanism introduced inSection IV. Then we propose a caching strategy accordingto BP algorithm in Section V. The experimental results andcorresponding discussions are described in Section VI. SectionVII is the conclusion and future work.

II. RELATED WORK

A. Development of IoT

Integrating a plethora of various sensors, actuators, andsmart meters across a wide spectrum of businesses [16],IoT technology goes through four stages of developments asshown in Fig. 1. Early forms of IoT platforms are highlyisolated, incompatible and proprietary connected islands. Afterthat, centralized processing architectures relying on cloudcomputing are adopted to handle massive data flow, making adifference to the manner of data processing. Peer et al. [17]proposed cloud-based biometric services to provide powerfulstorage and unprecedented processing power. Kohlwey etal. [18] presented a Hadoop-based cloud computing system,which improved matching efficiency in image recognition.

Though cloud computing improves computational and stor-age capability in centralized architecture, it performs poorlyin promoting edge processing and protecting data security.Xu et al. [19] reviewed researches on IoT from the industrialperspective, and introduced main technologies for supportingIoT, such as social networks, radio-frequency identification(RFID), cloud computing, etc. They indicated that informationsecurity and privacy protection were two difficult issues in IoTbecause of devices’ mobility and network complexity.

Many novel protocols and networks are applied to ensuresecure authentication in IoT, e. g., cooperative message authen-

tication protocols [20], group-oriented-range-bound authenti-cated key agreements [21], lightweight mutual authenticationprotocols [22], etc. However, they usually lack flexibility andscalability. Therefore, with the prevalent of digital cryptocur-rency, Blockchain is introduced as a promising solution toprovide protected privacy and trusted authentication service.

B. Trusted Authentication Based on BlockchainGenerally, the using of Blockchain can be concluded as 3

types: acting as a distributed ledger, realizing decentralizedstoring, or supporting distributed services relying on smartcontracts. For example, Matev et al. [23] introduced an au-tonomous Blockchain to select the most convenient electricterminal charging station. Li et al. [24] designed a privacy-preserving incentive announcement network that achieved con-ditional privacy for mobile terminals. Khan et al. [25] proposedBlockchain based electrical transactions in microgrid. ThenBlockchain is adopted to support device certificating and real-time monitoring in this paper.

Nevertheless, authentication efficiency is a challenge to besolved in the cloud-based Blockchain network. Tselios etal. [26] regarded Blockchain as a significant security factorfor software defined network (SDN) based cloud computinginfrastructure. Ali et al. [27] focused on solving trust problemin cloud-centric IoT network by smart contracts. Haipeng etal. [28] modeled the interaction between the cloud providerand miners as a Stackelberg game, to optimize resource man-agement and pricing problem. Although dedicated to ensuringdata validity, these works ignore vast costs on energy andcomputation resources. To promote edge processing, edgecomputing is considered as a new computing paradigm.

Utilizing computation and storage capacity of edge com-puting, fixed and mobile terminals can be operated in dis-tributed manners. Zehui et al. [29] analyzed the advantagesof facilitating blockchain applications in future mobile IoTsystem. Mengting et al. [10] proposed a novel mobile edgecomputing enabled wireless blockchain framework, where thecomputation-intensive mining tasks can be offloaded to nearbyedge nodes. However, these works did not consider authen-tication efficiency. Zhonglin et al. [30] proposed a securityauthentication scheme of 5G Ultra-Dense network based onBlockchain and designed a APG-PBFT algorithm. Yongxu etal. [31] constructed a decentralized platform for storing and




trading information in the air-to-ground IoT network. Focusedon data security, collaborative sharing among different IoTplatforms were not discussed in these papers. Anish et al.[12] proposed a blockchain based edge-as-a-service frameworkfor secure energy trading in vehicle-to-grid networks, aimingat improving performance of SDN networks. Wentong et al.[32] designed a Blockchain-based cross-domain authenticationmodel in a distributed environment. But efficiency and limitedresources of the Blockchain were ignored in the process ofcross-domain authentication in [12], [32].

In summary, existing literature for Blockchain systems haveachieved a variety of properties such as anonymity, decentral-ization and system transparency. However, less attention hasbeen paid to achieve efficient authentication among differentIoT platforms. Hence, this paper proposes a distributed andtrusted authentication system based on Blockchain and edgecomputing. With edge computing technology, Blockchain edgenodes can offer name resolution and edge authenticationservice. Meanwhile, a caching strategy is designed to improveauthentication efficiency further.

C. Other Preliminaries

1) Elliptic Curve Cryptography (ECC): As a public keycryptography, ECC ensures security depending on the abilityto compute a point multiplication with a random point, as wellas the inability to figure out a multiplicand given the originalcurve and product points [14].

An elliptic curve E is a plane curve over a prime finitefield Ep, which is defined by the equation: y = x3 + ax+ b.All points on E and infinity point O form a cyclic groupG. Consider two cyclic groups G1 and G2 with the sameprime order q. G1 is an additive cyclic group and G2 is amultiplicative cyclic group. Define e : G1 × G1 → G2 withbasic properties of bilinear map, i. e.,• Non-degeneracy: There exists P,Q ∈ G1 so thate (P,Q) 6= 1.

• Bilinearity: e (P +R,Q) = e (P,Q) · e (P,R) ande (aP, bQ) = e(P,Q)

ab,∀a, b ∈ Z∗q ,∀P,Q,R ∈ G1.

• Computability: It is efficient to computee (P +R,Q) ,∀P,Q,∈ G1.

2) Consensus Algorithm: The consortium blockchain isadopted to establish a trusted authentication system in thispaper. Based on the consortium blockchain, a variety ofconsensus algorithms have been designed as shown in Table I,such like proof of work (PoW), proof of stake (PoS), delegatedPoS (dPoS), casper, proof of elapsed time (PoET) and PBFT[15]. Usually, each can be divided into three parts: verifyingidentity, selecting primary peers and synchronizing data in theBlockchain. To meet the high real-time requirement, the PBFTalgorithm with no token required is applied.

Most alliance members forming the consortium blockchainare trusted and valid, such as governments, service operatorsand big enterprises. Under this circumstance, we proposean optimized PBFT algorithm to improve authentication ef-ficiency, where the primary peer is selected through roundrobin rather than computing complex puzzles. Furthermore,to alleviate storage and computation burden of Blockchain,

tasks of resolving and recording data generated by numerousterminals are conducted by edge nodes. In this way, theconsensus algorithm is executed only for verifying identityand storing authentication logs in the Blockchain, achievingdata traceability and preventing data tampering.

TABLE ICOMPARISON OF CONSENSUS ALGORITHMS

Algorithm PoS DPoS Casper PoET PBFTDecentralized complete complete complete semi semi

Tokens yes yes yes no noEvil number 51% 51% 51% 51% 33%

Performance relativelyhigh high relatively

high high high

Technicalmaturity mature mature not

appliednot

applied mature

III. SYSTEM MODEL

A. Blockchain Hierarchical Architecture

In this paper, a three-layer architecture is proposed tohandle trust and efficiency problems. As shown in Fig. 2,the architecture consists of physical network layer, Blockchainedge layer, and Blockchain network layer. The set of terminalsis denoted by V = {V1, V2, · · · , VM}. Sets of cache nodes andresolution nodes are denoted as Bc = {Bc,1, Bc,2, · · · , Bc,N},Br = {Br,1, Br,2, · · · , Br,O}, respectively. Functions of eachlayer are described as follows:• Physical Network Layer: A large number of fixed and

mobile terminals are used in IoT to realize monitoringand controlling. Taking intelligent transportation as anexample, smart vehicles are equipped with many sensorsthat collect data and transfer to other layers. Hence,terminals raise high standards to real-time responses andedge security due to their mobility and poor accesscontrol mechanism among terminals and edge nodes.

• Blockchain Edge Layer: Blockchain edge nodes containtwo kinds of nodes: resolution nodes and cache nodes.Resolution nodes are responsible for resolving domainname, verifying transaction and committing a block tothe Blockchain network. Cache nodes are used to cacherequired contents for terminals. Through the proposedauthentication system, these edge nodes can provide edgeauthentication service and synchronize authenticationdata timely to monitor terminals’ activity as Blockchainnetwork clients.

• Blockchain Network Layer: The Blockchain networkprovides decentralized services of storing terminal in-formation and creating smart contracts over HyperledgerFabric. Hyperledger Fabric is a customizable consortiumblockchain platform that supports smart contracts called“chaincode”. As a distributed ledger, hyperledger storesauthentication logs orderly with the optimized PBFTalgorithm. Each recorder in the ledger acts as a timeconstraint and a unique cryptographic signature, realizingactivity traceability of terminals.

Brief working of the proposed system is described asFig. 3. Smart contracts are created, defining authentication




B B

B B

B

B

B

Block 1 HeaderHash of Previous

Block Header

Merkle Root

Block 1Transaction

B

B

BlockchainNetwork layer

BlockchainEdge Layer

PhysicalNetwork Layer

Blockchain Node

Blockchain Edge Node

resolution nodecache node

Generate a block in the Blockchain network

Cache node: cache contents for terminals.

Nodes:1. Domain name resolution;2. Maintain a DNS database;

DNS databaseID Public Key Data address

B

Download required contents from cache nodes

Trusted authenticate

Smart Home Industrial Park Automatic FactoryIntelligence Transportation

Resolution node: store authentication logs

Block 2 HeaderHash of Previous

Block Header

Merkle Root

Block 2Transaction

Block N HeaderHash of Previous

Block Header

Merkle Root

Block NTransaction

Fixedterminals

Fixedterminals

Fixedterminals

Mobileterminals

Mobileterminals

FFterter

Mobileterminals

ls

Mobileterminals

Fixedterminals

Fig. 2. System architecture

IoT terminals Blockchain edge nodes Smart contracts

Upload device information

Verify validity

NRegister device in Blockchain

Store device information in Blockchain networks

Generate device IDReceive ID

Broadcast public parameters among

nodes

Produce master signatures based on ECC

Receive ID and master signatures

Submit digital signature based on ECC

Verify terminals identity

Open access to terminals

Adding transaction record in blocks

Receive confirmation

Request for downloading contents

Execute cache strategy

Cache parts of contents in the Blockchain networks

Return file location with lowest latency

Download contents

Update terminal activity

Adding transaction record in blocks

Enter coverage of nodes

Register in Blockchain?

N

N

Download contents?

Y

Y

Y

Download contents? N

Y

Part one: terminal registration

Part two: verification and confirmation

Part three: caching decision

Fig. 3. Authentication process

mechanism and integrating different protocols of IoT platforms[33]. By sending transaction to the address of smart contracts,resolution nodes can access to the smart contract and invokeits function. In terminal registration, terminals can be regis-tered in the nearest cache nodes through the proposed nameresolution strategy. Meanwhile, terminal identity anonymityand communication security can be guaranteed based on thecryptography algorithm.

Illegal and malicious terminals bring threats to data se-curity and privacy confidentiality. In special scenarios likeenterprise intranet, it is forbidden to open access to strangerterminals. Therefore, verification and confirmation on termi-nals are necessary. Through the authentication mechanism,Blockchain edge nodes can provide name resolution and edgeauthentication service, including verifying and confirming. At

last, aiming at minimizing latency of downloading contents, acaching strategy is designed in Section V. To realize real-timemonitoring and protect transaction transparency, authenticationlogs will be stored in the Blockchain network timely.

B. Optimized PBFT Consensus Algorithm

Considering that most alliance peers forming the consortiumblockchain are trusted, an optimized PBFT algorithm is pro-posed, in which the primary peer is selected by round robin.The consensus algorithm is executed for storing authentica-tion data and logs, to support data traceability and promotecertification efficiency.

After receiving authentication results, alliance peers writeauthentication logs into the ledger through the optimized PBFTalgorithm. It is assumed that there are N peers. For each roundof consensus making, a peer will be selected as a speaker,while other peers play as congressmen. The speaker has noinfluence on consensus results, and it is allowed to host theconsensus process for N times.

The speaker Nx is selected by x = (h mod N) + 1, whereh is the current block height. Edge nodes can broadcastauthentication results to alliance peers. Define t to presentthe time interval of generating a block. After t time interval,Nx broadcasts message: pre prepare < v, h, d, Sigx >, to allcongressmen. v means view identity, d is the message digestand Sigx is digest signature of the speaker.

Receiving pre prepare messages from the speaker, a con-gressman, Ni, requires to verify the messages and signatures.If they are proved to be true, Ni broadcasts message: prepare< v, h, d, Sigi > among peers and continues to calculatemessages received from other peers, where Sigi denotessignatures of Ni.

If prepare messages from over 2f + 1 different con-gressmen are received, Ni broadcasts messages: commit <v, h, d, Sigi > among peers. f = |(N − 1)/3|, which standsfor the maximum number of malicious peers. When receivingover f + 1 commit messages, the speaker can confirm that




a consensus is finished and generates a block in the ledger.The authentication logs are broadcast among peers and theirledgers are updated. Otherwise the block will be discarded andnext round consensus will be executed.

Based on the optimized PBFT algorithm, a trusted and fault-tolerant Blockchain system is realized.

IV. DISTRIBUTED AUTHENTICATION MECHANISM

A. Dynamic Name Resolution Strategy

A dynamic name resolution strategy is designed in thispaper. As the foundation of Domain Name System (DNS), itprovides edge authentication and data synchronization service.Both resolution nodes and cache nodes maintain a local DNSdatabase which consists of terminal ID, public key and IPaddress.

Terminals will access Blockchain edge nodes through thesame domain name. And the name resolver of resolutionnodes translates domain name into corresponding IP addressand delivers it to nearby cache nodes. Hence terminals cancertificate in nearby nodes directly with lower delivery latency.Once the terminal’s identity is confirmed by edge nodes, it canaccess to all resources among different platforms from onecertification, achieving Single Sign on (SSO) and Identity andAccess Management (IAM).

Edge nodes usually maintain a local DNS database forregistered terminals to speed up verification. For newly comingterminals which have not registered, nodes will commit a blockin the Blockchain network, gain a unique ID and correspond-ing public key as well. To avoid duplicate recordings, terminalinformation is transmitted to resolution nodes from cachenodes in one-way direction. Then cache nodes synchronizeID and accounts cached in resolution nodes at set intervals.Redundant logs will be stored in resolution nodes, in orderto relieve storing pressure of the Blockchain network andenhance query efficiency.

B. Asymmetric Cryptographic Algorithm Based on ECC

To protect the identity anonymity and communication secu-rity of terminals and Blockchain edge nodes, an asymmetriccryptographic algorithm based on ECC is designed. The algo-rithm consists of four steps: setup, abstract, sign and verify.

1) Setup: Given a secure parameter k, an edge node selectstwo groups G1 and G2 with the same prime order q. Then itchooses a number s ∈ Z∗q as node private key and computesmaster public key PKBE = s · P . The pair of key is usedto encrypt and decrypt messages, preventing malicious ma-nipulation. After that two secure hash functions are selected:H1 : {0, 1}∗ ×G1 → Z∗q , H2 : {0, 1}∗ ×G1 ×G1 → Z∗q .

2) Abstract: According to smart contracts, Blockchain as-signs a unique ID idj for Vj . According to the name resolutionstrategy, Vj can authenticate in the nearby cache node, Bc,n.Bc,n will selects a random number rj ∈ Z∗q . Then formula-tions used to produce master signatures can be calculated:

Rj = rj · P, (1)

hj = H1 (idj ||Rj ||PKBE) , (2)

δj1 = (rj + (hj · s) mod q)−1 · P. (3)

Public parameters {G1, G2, q, P, PKBE , H1, H2, e (P, P )}and cryptographic values in eq. (1)-(3) are broadcast amongnodes, so that they can verify terminals’ identity. With theasymmetric cryptography, Blockchain gurantees data integrityand security in the broadcasting.

Then Vj can obtain (Rj , δj1) from Bc,n and checks whethere (δj1, Rj + hj · PKBE) equals to e (P, P ). When the equa-tion is satisfied, Vj can confirm reliability of received messagesand ensure that the ‘block’ recording information has been‘chained’ in Blockchain networks. It is noted that these param-eters should be kept confidentially as they play an importantrole in generating terminal signatures and verifying identity.

3) Sign: When Vj moves into the coverage of Bc,i, DDNSresolves its IP address and changes the certificating nodes. Vjneed to get identified through delivering the digital signature.Selecting a random number xj ∈ Z∗q as the private key, Vjcalculates the correspondingly public key, PKj = xj · P .Given a message m and public parameters, we have

Xj = H2 (idj ||PKj ||Rj ||PKBE ||m) , (4)

δj2 = (Xj · (rj + hj · s mod q) + xj)−1 · P. (5)

4) Verify: (Xj , δj2) will be uploaded to Bc,i from Vj assignatures. Upon receiving data, Bc,i verifies terminal iden-tity via judging if e (δj2, Xj · (Rj + hj · PKBE) + PKj) =e (P, P ). If the equation is hold, Bc,i will deliver the authen-tication results to the resolution node, which commits a blockin the Blockchain network with consensus reaching accordingto the optimized PBFT algorithm. Examining equation can bededuced as below:

e (δj2, Xj · (Rj + hj · PKBE) + PKj)

= e((Xj · (rj + hj · s) + xj)

−1 · P ,(Xj · (rj + hj · s) + xj) · P )

= e(P, P )(Xj ·(rj+hj ·s)+xj)

−1·(Xj ·(rj+hj ·s)+xj)

= e(P, P ).

(6)

As demonstrated in [34], the decentralized nature ofBlockchain can make distributed denial-of-service (DDoS)attacks against specific entities ineffective, since each alliancepeer forming the consortium blockchain can verify data va-lidity based on consensus algorithm. Furthermore, with theproposed cryptography defined in smart contracts, messagessent from terminals or edge nodes are encrypted. The inabil-ity of computing Nonce given ECC results makes it nearlyimpossible for attackers to compute correct digital signatures.Therefore, the system is trusted and DDoS-prevented.

C. Attack Model

There are several common attacks in the distributedand trusted authentication system employing the consortiumBlockchain. And the following assumptions are used in theanalysis of four possible attacks:• Supported by governments, banks or large enterprises,

peers in the consortium Blockchain are trusted and un-forgeable.




• Alliance peers and edge nodes are curious about the realidentity of smart terminals for gaining more profits.

• To improve response speed, smart terminals may intendto refuse authentication in the Blockchain edge nodes.

• Attackers enable to eavesdrop authentication results sentfrom terminals and tamper contents. They may access tothe network through forging identity of terminals or edgenodes maliciously and destroy the system.

1) Denial of Service with False Signatures: The denialof service (DoS) with false signature is one of the mostcommon attacks where data transferred from edge nodes tothe Blockchain may be compromised by attackers. Specifically,attackers will eavesdrop authentication results transferred fromedge nodes and sign them with their false signatures. Afterthat attackers deliver the true authentication results with falsesignature to the consortium Blockchain. The polluted messageswill be regarded as unreliable messages and be discarded bythe alliance peers, even though the authentication results arevalid.

2) Forgery Attack: On one hand, attackers can forge iden-tity of terminals to access to the edge nodes, intending toobtain confidential contents or pollute authentication data. Toproduce a valid identity, a random number Err is selectedand corresponding public key is computed PKErr = Err ·P .Through computing or eavesdropping parameters used in fol-lowing equations, forgery digital signatures can be calculated:

XErr = H2 (idj ||PKErr||Rj ||PKBE ||m) , (7)

δErr = (XErr · (rj + hj · s mod q) + xj)−1 · P. (8)

On the other hand, attackers can forge identity of edgenodes to steal or modify terminal information and distroy theauthentication mechanism. To conduct forgery attacks, theyneed to eavesdrop messages delivered by the legal Blockchainedge nodes and compute ECC pairing mentioned above. Thenmassages may be tampered and delivered to the Blockchainor terminals with forgery signatures.

3) Man-in-the-Middle Attack: Man-in-the-middle attack isan attack that happens during message transmission betweenterminals and edge nodes, where attackers eavesdrop, interceptand manipulate information. Attackers may attempt to performa man-in-the-middle attack using several approaches as below:

(1) Attackers block messages delivered from terminals tonodes, and then modify them before sending, acting as illegalterminals;

(2) Attackers block messages delivered from nodes toterminals, and then modify them, acting as malicious nodes;

4) Threats of privacy leakage: Attackers attempt to extractthe real identity of terminals via eavesdropping multiple mes-sages sent from the same terminals or edge nodes. If theymake true, the system will face the threats of privacy leakage.

V. CACHING STRATEGY BASED ON BELIEF PROPAGATIONALGORITHM

A. Caching Model

It is assumed that the total number of contents that canbe requested by terminals is Q. The contents are divided

into H content groups (CG), which is denoted by F ={f1, f2, . . . , fH}. Without the loss of generality, all contentshave the same size of s. Considering that some contents maybe requested more frequently than others, they are modeledto have different popularities. Generally, the popularity ofcontents follows Zipf distribution [36]. The popularity thatcontent q is requested can be modeled by:

eq =1/qτ∑Qa=1 1/a

τ, 0 < τ < 1. (9)

Vj can download contents from cache nodes or Blockchainnetworks. Assume that the dedicated bandwidth Wi is allo-cated from Bc,i to terminals. For simplification, Blockchainnetwork supplies a fixed download rate of R0, which is lowerthan downloading rate supported by cache nodes. Define Pias transmission power of Bc,i, and σ2

j denotes noise power ofVj . According to [35], path-loss between Bc,i and Vj can bemodeled as d−αi,j , where di,j is the distance between them andα is path-loss exponent. fi,j represents coefficient of Rayleighfading between Bci and Vj . To eliminate interference amongchannels distributed from cache nodes to terminals, all thedownlink channels are independent and identically distributed.

To describe relations between nodes and terminals, nodesand contents, terminals and contents, respectively, three matri-ces are defined correspondingly, denoted as Li,j = [li,j ]N×M ,Ci,j = [ci,j ]N×Q, Ri,j = [ri,j ]M×Q, where

li,j =

{1, if Vj is within coverage of Bc,i ,0, otherwise,

ci,j =

{1, if Bc,i has cached fj ,0, otherwise,

ri,j =

{1, if Vi requests for fj ,0, otherwise.

(10)

To evaluate efficiency of the caching strategy, hit ratio isused to present probability that edge node caches fk thatterminals need. Hit ratio of Bc,i is:

hiti =

∑j

li,j ·∑k

ci,k · rj,k∑j

li,j. (11)

B. Data Delivery Delay

When a terminal expects to download contents from higherlayers, it faces three options and tolerates correspondingdelivery delay. We give analysis of all options in next parts.

1) Delay to Connected Cache Nodes: Vj is within thecoverage of Bc,i. If Bc,i has cached fk, Vj is able to downloadfk directly from Bc,i. The transmission rate between Vj andBc,i can be calculated based on Signal to Interference PlusNoise ratio (SINR) [35],

Ri,j =Wi log

1 +f2i,j · d

−αi,j · Pi∑

k∈V/if2k,j · d

−αk,j · Pk + σ2

j

. (12)

Delivery delay from Bc,i to Vj is:

deli,j =s

Ri,j. (13)




2) Delay to Other Cache Nodes: If fk is not available inBc,i, Vj can fetch contents from Bc,k through Bc,i. Let Di,k

and bwi,k denote the distance and average bandwidth betweenthese nodes, respectively. Transmission delay from Bc,k toBc,i can be calculated:

delBi,Bk=

s

bwi,k·Di,k. (14)

Given weight factor βi,j related to network core congestion,transmission latency from other edge nodes to Vj is:

deli,j = β · (deli,j + delBi,Bk) . (15)

3) Delay to the Blockchain Network: If fk is not cached inany nodes, Vj has to submit requests to Blockchain networks.For simplification, the Blockchain network is regarded as(N + 1)th node, denoted as BN+1. Given weight factor γ,delay from Blockchain networks to Vj is:

delN+1,j = γ ·(s

R0

). (16)

Above all, we can calculate the transmission delay that Vjneed to download contents from higher layer as follows:

Delj =N+1∑i=1

Q∑k=1

rj,k · ci,k · li,j · deli,j . (17)

To minimize the average delay of all terminals, the opti-mization problem model can be formulated as:

minimize Del (C) = 1M

∑j

Delj ,

s.t.

∑j

ci,j · s ≤ Capi,∀Bi ∈ B,∀Vj ∈ V∑i

li,j = 1

L ∈ {0, 1}N×M ,C ∈ {0, 1}N×Q

(18)

where Capi is the cache capacity of Bc,i. Total caching sizeshouldn’t exceed capacity of storage space of nodes. Theproblem is an integer programming problem, which is NP-hard. It can be optimized with Belief Propagation algorithm.

C. Algorithm Based on Belief Propagation Model

Standard BP model arrives at the scheduling decision byestimating marginal information of a certain joint probabilitydistribution function [36]. Compared with other algorithmsolving optimization problems, such like greedy maximalweight matching or CSMA-type method [37], [38], approx-imate BP algorithm has lower complexity and faster iterationspeed. According to BP algorithm, a utility function is definedby F (C) = −Del (C). And the optimization problem is:

maximum F (C) . (19)

Let µ > 0 and the probability distribution is defined:

p (C) =1

Zexp (µF (C)) ,∀Bc,i ∈ B, ∀Vj ∈ V, (20)

where Z is a partition function of µ and a normalizationconstant. According to large deviation, it’s proved that ifµ → ∞, p (C) concentrates to the maximum of F (C) with

B1 B2 B3

V1 V2 V3 V4 V5 V6 V7 V8 V9

Blockchain edge nodes Terminals

Fig. 4. Factor Graph

suitable condition. Let E (C) be the marginal expectation ofC. E (C) can be calculated once p (C) is given.

limµ→∞

E (C) = argmaxC

F (C) . (21)

Therefore, BP algorithm provides us an optimized approachthat we can recover a good approximate maximization ofoptimization problem from estimating marginal expectation ofprobability distribution.

To compute marginal distributions, a factor matrix G =(V,E) is established in Fig. 4. Vertices V consists of N trans-mitter nodes TX associated with edge nodes, and M receivernodes RX associated with terminals. An edge, (i, j) ∈ E,means that Bc,i has influence on Vj . cki implies that Bihas only stored fk. BP algorithm iteratively passes beliefswhich show estimates of marginal distributions along the edgesof graph. We define pi→j (t, ·) and pj→i (t, ·) to representbelief messages passing from TX to RX and from reversetransmission direction in the t-th round. Therefore, pi→j (t, ci)and pj→i (t, ci) mean values of beliefs received in Bc,i.Procedures of applying BP algorithm for maximizing marginaldistribution are as follows:

1) Initialization: Set t = 0 and let pi→j (t, ci) ,∀ (i, j) ∈ Ebe initial distribution on ci. pi→j (t, ci) ,∀ (i, j) ∈ E can bethe popularity distribution of contents, E.

2) Mobile terminal nodes updating: In the t − th itera-tion, Vj updates belief message pj→i (t, ci) that be sent toBc,i according to beliefs received from other nodes exceptfor Bc,i, denoted by k ∈ B 6= i. With marginal distributionck ∼ pk→j (t, ck) ,∀k ∈ B 6= i, we update:

pj→i(t, c∗i,n

)= E

{exp

(µFj

(c∗i,n, ch,∀h ∈ B 6= i

))}.(22)

3) Blockchain edge node updating: In the t − th iteration,Bc,i updates belief message pi→j (t+ 1, ci) to be sent to Vj ,which is based on beliefs obtained from mobile terminals in-fluenced by Bc,i except for Vj , represented by k ∈ B (i) 6= j.Set 1

Zias normalization factor, and we have:

pi→j(t+ 1, c∗i,n

)=

1

Zi

∏k∈V 6=j

pk→i(t, c∗i,n

). (23)

4) Final decision: After T iterations, the algorithm isstopped and a selection of ci is made by Bc,i. So the finalestimation for marginal distribution of ci is:

Pr (ci) =1

Zi

∏k∈B

pk→i (T, ci). (24)




Based on final decision, a maximization of optimizationproblem can be estimated. Edge nodes can make cachingdecisions by selecting maximum posterior probability Pr (ci).In this way, the caching matrix Ci,j = [ci,j ]N×Q can be de-termined and average delay can also be calculated. Therefore,an approximately optimization for minimum delivery delay isdetermined based on Belief Propagation algorithm.

VI. SECURITY AND PERFORMANCE

A. Security Analysis

In this section, attack models defined in Section 3 areevaluated and analyzed correspondingly. The following pre-conditions are used in the security analysis:• Attackers may be legal objects in the trusted authentica-

tion system, or illegal objects.• For any x, y, if one of x or y is unknown, then H(x||y)

is unknown.• Any private information, including secure parameters

in cryptography, public parameters shared among edgenodes and ECC pairings, is unknown for attackers.

• Terminal information and digital signatures are unknownfor attackers.

1) Prevention of Denial of Service with False Signature:According to the name resolution strategy, authenticationresults will be broadcast among Blockchain edge nodes.If attackers block authentication messages delivered fromBlockchain edge nodes to the Blockchain and sign them withfalse signatures, alliance peers will detect polluted messagesand discard them with the optimized PBFT algorithm. Afterthat, the blocked messages will be resubmitted by a randomresolution node in next rounds and the consensus algorithmcan be executed for N times if failed. Therefore, DoS withfalse signature can only make true when massages from alledge nodes are blocked, which is difficult because of thewidespread of edge nodes. Hence, the proposed authenticationmechanism can prevent DoS with false signature.

2) Mutual Authentication: Prevention of terminal forgery:Based on ECC, it is computationally infeasible to calculatecorrect key Rj in eq. 7-8 for attackers even if eavesdroppingtransmission messages. Therefore, if illegal terminals submitrequests with false signatures, their requests will be rejectedby edge nodes since e (δj2, Xj · (Rj + hj · PKBE) + PKj)and e (P, P ) are unequal in eq. 6.

Prevention of edge node forgery: To forge identity of nodes,attackers have to compute private keys and public parametersgenerated by ECC, which is also computationally infeasibleas explained in terminal forgery.

To sum up, the distributed and trusted authentication systemachieves mutual authentication and prevents forgery attacks.

3) Prevention of Man-in-the-Middle Attack: In man-in-the-middle attack, attackers must forge identity of edge nodes orterminals, while forgery attack is proved to be prevented asmentioned above. If they transfer messages without modifying,then the attack has no influence on the authentication system.

4) Conditional Privacy Preserving: On one hand, termi-nals communicate with edge nodes through digital signatures(Xj , δj2) generated by eq. 4-5, rather than the real identity idj .

0

186 379 545 777 980 1172

1378

1563

1756

1952

0

231 484 749 993 1254

1495

1751

1998

2272

2505

0

500

1000

1500

2000

2500

3000

0 5 10 15 20 25 30 35 40 45 50Aut

hent

icat

ion

time

(ms)

Number of authenticated terminals

6 peers 10 peersFig. 5. Authentication time with different number of authentication terminals

Fig. 6. Distribution of authentication time

The difficulty of computing idj given (Xj , δj2) and P preventsattackers to extract real identity of terminals from multiplemessages. On the other hand, privacy preserving is conditionalsince edge nodes need to record terminal information andsynchronize transaction logs timely, in order to verify identityand trace data.

B. Simulation Results and Analysis

The proposed system is evaluated with Matlab and Hyper-ledger Fabric.

1) Performance Evaluation of Trust Authentication: Hy-perLedger Fabric uses docker container technology to runChaincode that contains the system application logic. The veri-fication environment in this paper is carried out in HyperledgerFabric version 1.4 of docker 18.06 container in ubuntu 16.04.Several nodes are virtually hosted on a single server machine,acting as alliance peers and reaching agreements with PBFTconsensus algorithm. Each node is 2.0 GHz 8-vCPUS. VMsare interconnected through 1 Mbps virtual LAN cards. Theproposed cryptography is used and typical orderer is deployedas a single ordering service.

Fig. 5 shows that authentication time increases with ter-minal amounts rising from 5 to 50, under different numberof peers deployed. The reason is that as terminal amountsrises, their authentication requests wait longer to be handledby edge nodes. Fig. 6 shows distribution of authenticationtime with different peers. When peers number, N , is 6, theaverage latency is about 39 ms, and latency grows to 50 msapproximately when N is 10. According to PBFT consensusalgorithm, more alliance peers in the network can improvesecurity and fault-tolerant ability, at the cost of increasingauthentication time of reaching consensus.

Communication cost: The communication cost is computedin the process of authentication. Initially, a terminal calculatesthe hash value which takes 80 bits (32 bits of identity, 32 bits




TABLE IICOMMUNICATION AND COMPUTATION COSTS FOR BLOCKCHAIN

Authentication Module Cost[Units]Random number generator (16 bits) 0.5 ms

Hash function (SHA-256 with input 160 bits) 3 msECC pairing (176 bits) 10 ms

ECC point multiplication (160 bits) 4 msECC point addition (160 bits) 2 ms

Node verifying 1 msPBFT consensus commitment 11 ms

TABLE IIISIMULATION PARAMETERS

Parameters[Symbols] Value[Units]Path loss exponent,α 4

Transmission power,P 6 WattNoise power,σ2

j 10−10 WattBandwidth, W 20 MHz

Size of each content,s 10 MBCache capacity of BE,Capi 10 GB

Zipf parameter, τ 0.6Amounts of contents, Q 10000

of node identity, and 16 bit nonce value). Then the transactionis initialized through hash function which gives the outputof 160 bits. And ECC pairing is produced in a size of 176bits. At last, the final message digest for the terminal iscomputed using SHA-256 which outputs the digest of 256 bits.Therefore, the overall communication cost for a terminal to beauthenticated is 256 + 176 + 16 + 160 = 608bits, consistingof message digest, ECC pairing, time-stamp and transactions.

Computation cost: Random number generator, hash functionand ECC pairing are executed once. ECC point multiplicationand addition are conducted twice. When peer amount is 6,verifying and PBFT consensus commitment costs 1 ms and15 ms, respectively. The overall computation cost for an au-thentication is about 0.5+3+10+4∗2+2∗2+1+11 = 37.5ms.

2) Performance Evaluation of Caching strategy: Assumethat Blockchain edge nodes distribute with intensity of λB ,which represents the number of edge nodes per square kilome-ters. For simplification, all nodes have the same transmissionpower and channel fading coefficients. According to [39],parameters used in the simulation are set and list in Table. III.We study different scenarios where terminals submit requestsfor downloading contents with following methods:• Popular caching [40]: According to the popularity distri-

bution of files, k most popular contents should be cachedto each edge nodes.

• Random caching [40]: The random caching strategy onedge nodes is that nodes ought to choose k contentsrandomly and cache into their capacity.

• BP caching: according to the proposed caching strategybased on Belief Propagation algorithm, edge nodes makecache decisions to improve allocation efficiency.

In simulation, experiments are conducted with differentparameters. The proposed strategy is performed comparedstrategies based on popular caching and random caching interms of average delivery delay and hit ratio.

Fig. 7 shows changes of average delay and hit ratio withdifferent maximum tolerance of smart terminals, ranging from

Average delay with different terminal amounts

100 150 200 250 300 350 400 450 500

Maximum amounts of smart terminals

0

0.5

1

1.5

2

2.5

3

3.5

4

4.5

Av

era

ge

de

lay

(se

c)

Random cachingPopular cachingBP caching

Hit ratio with different terminal amounts

100 150 200 250 300 350 400 450 500

Maximum amounts of smart terminals

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

Hit

Ra

tio

Random caching

Popular caching

BP caching

Fig. 7. Average delay and hit ratio with different amounts of terminals

0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9

Zipf parameter

1.5

2

2.5

3

3.5

4

4.5

5

Av

era

ge

de

lay

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

1

Hit

ra

tio

Popular cachingRandom cachingBP cachingPopular cachingRandom cachingBP caching

Fig. 8. Average delay and hit ratio with different Zipf parameters

100 to 500. Following rising of terminals, value of delay inBP caching increases gradually. Curves of popular cachingand random caching fluctuate with amounts changing. Amongthem random caching strategy has the biggest latency. Ad-ditionally, with terminals getting denser, latency of popularcaching is closer to that of BP caching. Reasons are thatlimited by caching capacity of edge nodes, strategy based onBelief Propagation algorithm tends to cache popular contentsto meet demands of majority terminals. Therefore, BP cachingand popular caching are converged to a similar result. In termsof hit ratio, hit ratio of BP caching is close to 1 in thebeginning and decreases with amount rising. Values of randomcaching fluctuate at a low level. For popular caching, the hitratio undulates in a small scope. And as terminals gettinglarger, it is converged to result of BP caching.

Fig. 8 shows changes of average delay and hit ratio withdifferent Zipf parameters, ranging from 0.1 to 0.9. The resultdemonstrates that the proposed algorithm can obtain the high-est hit ratio compared with strategies based on popular cachingand random caching. Besides, the hit ratio keeps increasingwhen the parameter of Zipf distribution increases. It is becausethat the percentage of requests for popular content goes upwith Zipf parameters rising. Then replicas of the popularcontent in cache of edge nodes can satisfy more requests. Andhit ratio of popular caching gets higher for the similar reasons.

On the contrary, average delay of the proposed strategydeclines. Since a larger proportion of the popular contentsarises, nodes are tended to cache popular contents. In this way,more terminals that request for the contents can download files




5 10 15 20 25 30

Cache size of edge nodes(GB)

1.5

2

2.5

3

3.5

4

4.5

5

Av

era

ge

de

lay

(se

c)

BP caching

Popular caching

Random caching

Fig. 9. Average delay with different cache capacity of nodes

5 10 15 20 25 30

Size of contents(MB)

0

2

4

6

8

10

12

Av

era

ge

de

lay

(se

c)

BP caching

Popular caching

Random caching

Fig. 10. Average delay with different size of contents

from connected nodes or nearby nodes with lower latency.In Fig. 9, we study the average delay of different algorithmswith different cache capacity of nodes. When the cache sizeincreases, a larger proportion of content delivered over thenetwork can be stored. Therefore, average latency of allstrategies declines with capacity growing. However, the BPcaching strategy can still obtain the smallest delay comparedwith other strategies. The reason is that BP caching strategycan allocate cache capacity efficiently based on the analysis ofcontent distribution among nodes and geological distributionof mobile terminals.

Fig. 10 describes that average delay increases as the size ofcontents grows. That is because terminals need to spend moretime on downloading contents from nodes with size growing.Additionally, limited by cache capacity of edge nodes, a fewerproportion of content can be stored in nodes. In this way,average delay rises influenced by bigger contents. And valueof BP caching strategy is the lowest among all strategies.

VII. CONCLUSION AND FUTURE WORK

In this paper, a distributed and trusted authentication systemcombining edge computing and Blockchain is proposed torealize efficient authentication and information sharing amongdifferent IoT platforms. In the system, a hierarchical au-thentication architecture is established, consisting of physicalnetwork layer, Blockchain edge layer and Blockchain networklayer. With the optimized PBFT consensus algorithm, theBlockchain stores authentication data and logs, guaranteeingtrusted authentication and achieving activity traceability ofterminals. To provide name resolution and edge authentication

service, a distributed mechanism based on name resolutionstrategy and ECC is proposed. Evaluation on attack modelsproves that the mechanism is attack-prevented and fault-tolerant. Furthermore, we proposed a caching strategy basedon BP algorithm which can realize cooperation among edgenodes and minimize downloading latency. In simulation, theauthentication mechanism is evaluated in terms of communica-tion and computation costs, demonstrating that the mechanismis applicable. Simulation results also prove that the proposedcaching strategy has a higher hit ratio and lower deliverylatency than other caching strategies based on popular cachingand random caching.

In future work, we will apply this system to the blockchainbased data sharing Platform for pilot verification, to furtheroptimize performance and availability.

REFERENCES

[1] LEVINE, D. “IIoT Challenges and Promises.” Machine Design, vol. 88,no. 7, pp. 20-23, July 2016.

[2] H. Cai, B. Xu, L. Jiang, at al.“IoT-Based Big Data Storage Systemsin Cloud Computing: Perspectives and Challenges” in IEEE Internet ofThings Journal, vol. 4, no. 1, pp. 75-87, Feb 2017

[3] Z. Zheng, S. Xie, H. Dai, et al. “An Overview of Blockchain Technology:Architecture, Consensus, and Future Trends,” 2017 IEEE InternationalCongress on Big Data, Honolulu, HI, 2017, pp. 557-564.

[4] Nakamoto S. “Bitcoin: a peer-to-peer electronic cash system [Online],”available: https://bitcoin.org/bitcoin.pdf, 2009

[5] Z. Yang, K. Zheng, K. Yang, et al. “A blockchain-based reputationsystem for data credibility assessment in vehicular networks.” 2017 IEEE28th Annual International Symposium on Personal, Indoor, and MobileRadio Communications (PIMRC), Montreal, QC, 2017, pp. 1-5.

[6] A. Dorri, S. S. Kanhere, R. Jurdak, et al, “Blockchain for IoT securityand privacy: The case study of a smart home,” 2017 IEEE InternationalConference on Pervasive Computing and Communications Workshops(PerCom Workshops), Kona, HI, 2017, pp. 618-623.

[7] W. Shi, S. Hui, C. Jie, et al. “Edge Computing-An Emerging ComputingModel for the Internet of Everything Era.” Journal of ComputingResearch and Development, vol. 54, no. 5, pp. 907-924, 2017.

[8] A. C. Baktir, A. Ozgovde and C. Ersoy. “How Can Edge ComputingBenefit from Software-Defined Networking: A Survey, Use Cases andFuture Directions.” IEEE Communications Surveys and Tutorials, vol.19, no. 4, pp. 2359-2391, June 2017.

[9] P. K. Sharma, M. Chen and J. H. Park, “A Software Defined Fog NodeBased Distributed Blockchain Cloud Architecture for IoT,” in IEEEAccess, vol. 6, pp. 115-124, 2018.

[10] M. Liu, F. R. Yu, Y. Teng, et al. “Computation Offloading and ContentCaching in Wireless Blockchain Networks With Mobile Edge Comput-ing,” in IEEE Transactions on Vehicular Technology, vol. 67, no. 11,pp. 11008-11021, Nov 2018.

[11] Chaudhary R, Jindal A, Aujla, et al. “BEST: Blockchain-based secureenergy trading in SDN-enabled intelligent transportation system,” Com-puters and Security, vol. 85, pp. 288-299, August 2019.

[12] Jindal. A, Aujla. GS, Amar. N. “SURVIVOR: A blockchain basededge-as-a-service framework for secure energy trading in SDN-enabledvehicle-to-grid environment,” Computer Networks, vol, 153, pp. 36-48,April 2019.

[13] F. Tang, S. Ma, Y. Xiang, et al. “An Efficient Authentication Schemefor Blockchain-Based Electronic Health Records,” IEEE Access, vol. 7,pp. 41678-41689, March 2019.

[14] S. Cha, J. Chen, C. Su, et al, “A Blockchain Connected Gateway forBLE-Based Devices in the Internet of Things,” in IEEE Access, vol. 6,pp. 24639-24649, 2018.

[15] Y. Yao, X. Chang, J. Mii, et al. “BLA: Blockchain-Assisted LightweightAnonymous Authentication for Distributed Vehicular Fog Services.”IEEE Internet of Things Journal, vol. 6, no. 2, pp. 3775-3784, April2019.

[16] S. Andreev, O. Galinina, A. Pyattaev, et al. “Understanding theIoT connectivity landscape: a contemporary M2M radio technologyroadmap[J].” IEEE Communications Magazine, vol. 53, no. 9, pp. 32-40,Sep 2015.




[17] P. Punithavathi, S. Geetha and S. Shanmugam. “Building cloud-basedbiometric services,” 2017 IEEE International Conference on CloudComputing in Emerging Markets (CCEM), Bangalore, 2017, pp. 35-38..

[18] A. Dorri, S. S. Kanhere, R. Jurdak, et al. “Blockchain for IoT securityand privacy: The case study of a smart home,” 2017 IEEE InternationalConference on Pervasive Computing and Communications Workshops(PerCom Workshops), Kona, HI, 2017, pp. 618-623.

[19] L. D. Xu, W. He and S. Li. “Internet of Things in Industries: ASurvey[J].” IEEE Transactions on Industrial Informatics, vol. 10, no.4, pp. 2233-2243, Nov 2014.

[20] W. Shen, L. Liu, X. Cao, et al. “Cooperative Message Authentication inVehicular Cyber-Physical Systems [J].” IEEE Transactions on EmergingTopics in Computing, vol. 1, no. 1, pp. 84-97, June. 2018.

[21] H. Chien. “Group-Oriented Range-Bound Key Agreement for Internetof Things Scenarios [J].” IEEE Internet of Things Journal, vol. 5, no. 3,pp. 1890-1903, June 2018.

[22] N. Li, D. Liu and S. Nepal. “Lightweight Mutual Authentication for IoTand Its Applications [J].” IEEE Transactions on Sustainable Computing,vol. 2, no. 4, pp. 359-370, Oct. 2017.

[23] M. Pustiek, A. Kos and U. Sedlar, “Blockchain Based AutonomousSelection of Electric Vehicle Charging Station,” 2016 InternationalConference on Identification, Information and Knowledge in the Internetof Things (IIKI), Beijing, 2016, pp. 217-222.

[24] L. Li, J. Liu, L. Cheng, et al. “CreditCoin: A Privacy-PreservingBlockchain-Based Incentive Announcement Network for Communica-tions of Smart Mobile terminals [J].” IEEE Transactions on IntelligentTransportation Systems, vol. 19, no. 7, pp. 1-17, July 2018.

[25] Khan S, Khan R. “Multiple Authorities Attribute-Based VerificationMechanism for Blockchain Mircogrid Transactions [J].” Energies, vol.11, no. 5, 2018.

[26] C. Tselios, I. Politis and S. Kotsopoulos, “Enhancing SDN security forIoT-related deployments through blockchain,” 2017 IEEE Conference onNetwork Function Virtualization and Software Defined Networks (NFV-SDN), Berlin, 2017, pp. 303-308.

[27] S. Ali, G. Wang, M. Z. A. Bhuiyan, et al. “Secure Data Provenancein Cloud-Centric Internet of Things via Blockchain Smart Contracts,”2018 IEEE SmartWorld, Guangzhou, 2018, pp. 991-998.

[28] H. Yao, T. Mai, J. Wang, et al. “Resource Trading in Blockchain-Based Industrial Internet of Things,” IEEE Transactions on IndustrialInformatics, vol. 15, no. 6, pp. 3602-3609, June 2019.

[29] Z. Xiong, Y. Zhang, D. Niyato, et al. “When Mobile Blockchain MeetsEdge Computing,” IEEE Communications Magazine, vol. 56, no. 8, pp.33-39, Aug 2018.

[30] Z. Chen, S. Chen, H. Xu, et al. “A Security Authentication Scheme of5G Ultra-Dense Network Based on Block Chain,” in IEEE Access, vol.6, pp. 55372-55379, 2018.

[31] Y. Zhu, G. Zheng and K. Wong, “Blockchain-Empowered DecentralizedStorage in Air-to-Ground Industrial Networks,” in IEEE Transactions onIndustrial Informatics, vol. 15, no. 6, pp. 3593-3601, June 2019.

[32] W. Wang, N. Hu and X. Liu, “BlockCAM: A Blockchain-Based Cross-Domain Authentication Model,” 2018 IEEE Third International Confer-ence on Data Science in Cyberspace, Guangzhou, 2018, pp. 896-901.

[33] K. Christidis and M. Devetsikiotis, “Blockchains and Smart Contractsfor the Internet of Things,” in IEEE Access, vol. 4, pp. 2292-2303, 2016.

[34] B. Rodrigues, L. Eisenring, E. Scheid, et al. “Evaluating a Blockchain-based Cooperative Defense,” 2019 IFIP/IEEE Symposium on IntegratedNetwork and Service Management (IM), Arlington, VA, USA, 2019, pp.533-538.

[35] H. S. Jo, Y. J. Sang, P. Xia, et al. “Heterogeneous cellular networks withflexible cell association: A comprehensive downlink SINR analysis,”IEEE Trans. Wireless Communication, vol. 11, no. 10, pp. 3484-3495,Oct 2012.

[36] Rangan S, Madan R. “Belief Propagation Methods for Intercell Interfer-ence Coordination in Femtocell Networks[J].” IEEE Journal on SelectedAreas in Communications, vol. 30, no. 3, pp. 631-640, April 2012.

[37] L. Jiang and J. Walrand, “A distributed CSMA algorithm for throughputand utility maximization in wireless networks,” in Proc. 46th Ann.Allerton Conf. on Commun., Control and Comp., Monticello, IL, Oct2008.

[38] C. Joo, X. Lin, and N. Shroff, “Understanding the Capacity Regionof the Greedy Maximal Scheduling Algorithm in Multihop WirelessNetworks,” IEEE/ACM Trans. Netw., vol. 17, no. 4, pp. 11321145, April2009.

[39] J. Li, Y. Chen, Z. Lin, et al. “Distributed Caching for Data Disseminationin the Downlink of Heterogeneous Networks,” in IEEE Transactions onCommunications, vol. 63, no. 10, pp. 3553-3568, Oct 2015.

[40] Y. Hao, M. Chen, L. Hu, et al. “Energy Efficient Task Caching andOffloading for Mobile Edge Computing,” in IEEE Access, vol. 6, pp.11365-11373, 2018.

Shaoyong Guo received his B.S. degree in informa-tion and computing science from Hebei Universityin 2008, and the Ph.D. degree in computer sci-ence and technology from the Beijing University ofPosts and Telecommunications in 2013. He draftsan International standard as the first accomplisherand participates in three other International/industrystandards. His research interests include blockchainapplication technology, mobile edge computing, andInternet of Things (IoT) in energy Internet. Dr. Guowas the recipient of two Provincial and Ministerial

Second Prizes, one First Prize of the Power Innovation, and one Second Prizeof Communication Society. Email: [email protected].

Xing Hu received her B.S. degree in Communi-cation Engineering from the Beijing University ofPosts and Telecommunication, in 2014. And she iscurrently pursuing her MA.Sc. degree in the StateKey Laboratory of Networking and Switching Tech-nology, Beijing University of Posts and Telecommu-nications, Beijing, China. Her main research interestlies in edge computing, Blockchain and Internet ofThings (IoT) in energy Internet, including resourceallocation and application of the Blockchain. Email:[email protected].

Song Guo received his PhD degree in computerscience from University of Ottawa. He is currentlya Full Professor with the Department of Comput-ing, Hong Kong Polytechnic University. His cur-rent research interests include big data, cloud andedge computing, mobile computing, and distributedsystems. Prof. Guo was a recipient of the 2019TCBD Best Conference Paper Award, the 2018 IEEETCGCC Best Magazine Paper Award, and six otherBest Paper Awards from IEEE/ACM conferences.He was an IEEE Communications Society Distin-

guished Lecturer. He has served as an Associate Editor of IEEE TPDS, IEEETCC, IEEE TETC, etc. He also served as the general and program chair fornumerous IEEE conferences. He currently serves in the Board of Governorsof the IEEE Communications Society. Email: [email protected]

Xuesong Qiu received the Ph.D. degree from theBeijing University of Posts and Telecommunica-tions, Beijing, China, in 2000. He is currently aProfessor, a doctoral supervisor, and the deputy di-rector of the State Key Laboratory of networking andswitching technology, and vice president of NetworkTechnology Research Institute of Beijing Universityof Posts and Telecommunications, China. He waseditor of the two ITU-T standards and 4 industrystandards of China. He has published more than 200academic papers. He won twice the national scien-

tific and technological progress prize of china. His major research interestsinclude network and service management, information and communicationtechnology of smart grid. Email: [email protected].

Feng Qi is a Professor of Beijing University of Postsand Telecommunications, engaged in scientific re-search, teaching, and standardization research in in-formation and communication. His research interestsinclude communications software, network manage-ment, and business intelligence. He has won 2 Na-tional Science and Technology Progress Awards. Hehas also written more than 10 ITU-T internationalstandards and Industry Standards. He is served asvice chairman of the ITU-T Study Group 4 andStudy Group 12. Email: [email protected].

blockchain meets edge computing: a distributed and trusted...

Documents