Wu Jing, Bian Zeteng, Gao Hongmin, Wang Yuzhe
China Mobile Information Technology Co., Ltd., Beijing 100876, China.
Beijing University of Posts and Telecommunications-China Mobile Communications Group Co., Ltd. Joint Institute, Beijing 100876, China.
Sensors (Basel). 2025 Aug 7;25(15):4854. doi: 10.3390/s25154854.
With the explosive growth of Internet of Things (IoT) devices, massive amounts of heterogeneous data are continuously generated. However, IoT data transactions and sharing face multiple challenges such as limited device resources, untrustworthy network environment, highly sensitive user privacy, and serious data silos. How to achieve fine-grained access control and privacy protection for massive devices while ensuring secure and reliable data circulation has become a key issue that needs to be urgently addressed in the current IoT field. To address the above challenges, this paper proposes a blockchain-based data transaction and privacy protection framework. First, the framework builds a multi-layer security architecture that integrates blockchain and IPFS and adapts to the "end-edge-cloud" collaborative characteristics of IoT. Secondly, a data sharing mechanism that takes into account both access control and interest balance is designed. On the one hand, the mechanism uses attribute-based encryption (ABE) technology to achieve dynamic and fine-grained access control for massive heterogeneous IoT devices; on the other hand, it introduces a game theory-driven dynamic pricing model to effectively balance the interests of both data supply and demand. Finally, in response to the needs of confidential analysis of IoT data, a secure computing scheme based on CKKS fully homomorphic encryption is proposed, which supports efficient statistical analysis of encrypted sensor data without leaking privacy. Security analysis and experimental results show that this scheme is secure under standard cryptographic assumptions and can effectively resist common attacks in the IoT environment. Prototype system testing verifies the functional completeness and performance feasibility of the scheme, providing a complete and effective technical solution to address the challenges of data integrity, verifiable transactions, and fine-grained access control, while mitigating the reliance on a trusted central authority in IoT data sharing.
随着物联网(IoT)设备的爆炸式增长,大量异构数据不断产生。然而,物联网数据交易和共享面临着诸多挑战,如设备资源有限、网络环境不可信、用户隐私高度敏感以及严重的数据孤岛问题。如何在确保数据安全可靠流通的同时,对海量设备实现细粒度的访问控制和隐私保护,已成为当前物联网领域亟待解决的关键问题。为应对上述挑战,本文提出了一种基于区块链的数据交易和隐私保护框架。首先,该框架构建了一个集成区块链和IPFS的多层安全架构,并适应物联网的“端-边-云”协同特性。其次,设计了一种兼顾访问控制和利益平衡的数据共享机制。一方面,该机制使用基于属性的加密(ABE)技术,对海量异构物联网设备实现动态和细粒度的访问控制;另一方面,引入博弈论驱动的动态定价模型,有效平衡数据供需双方的利益。最后,针对物联网数据机密性分析的需求,提出了一种基于CKKS全同态加密的安全计算方案,该方案支持对加密传感器数据进行高效统计分析而不泄露隐私。安全分析和实验结果表明,该方案在标准密码学假设下是安全的,能够有效抵御物联网环境中的常见攻击。原型系统测试验证了该方案的功能完整性和性能可行性,为解决数据完整性、可验证交易和细粒度访问控制等挑战提供了一个完整有效的技术解决方案,同时减轻了物联网数据共享中对可信中央权威机构的依赖。
