NFT-Based Authentication: Securing IoT Assets in Smart City Infrastructure

In an article published in the journal Nature, researchers introduced a groundbreaking Non-Fungible Token (NFT)-based authentication structure for IoT assets in smart city infrastructure. The innovative architecture digitized devices, enhanced security, and operated independently of centralized entities. Leveraging blockchain, it used Externally Owned Addresses (EOA) for robust digital representation, eliminating the need for additional hardware upgrades like Physical Unclonable Functions (PUF).

Study: NFT-Based Authentication: Securing IoT Assets in Smart City Infrastructure. Image credit: Generated using DALL.E.3
Study: NFT-Based Authentication: Securing IoT Assets in Smart City Infrastructure. Image credit: Generated using DALL.E.3

Background

In the realm of smart city architecture, the integration of IoT-enabled devices poses challenges in security and authentication. Previous research has explored blockchain-based solutions, particularly utilizing NFTs, to enhance device identification and authentication. However, existing efforts often lack consideration for the heterogeneity and constraints of IoT devices and may require additional hardware upgrades, such as PUFs, leading to practical limitations.

This research addressed these critical gaps by proposing an innovative NFT-based authentication structure tailored for smart city infrastructure. The architecture encompassed Owners, Users, fog, and IoT nodes, providing a comprehensive solution for digitizing IoT assets. Notably, it operated independently of centralized entities, fostering a more autonomous and secure infrastructure. Leveraging EOA in blockchain architecture, the study established NFTs as digital representations of smart devices. This adaptation enhanced the portrayal of smart devices, offering a more robust solution compared to the existing ERC721 standard.

A distinctive feature of this proposed architecture was its focus on software-based digital representation and authentication of IoT-enabled smart assets. By eliminating the need for additional hardware upgrades, the study overcame practical challenges associated with PUFs, making the proposed solution more accessible and cost-effective.
To validate the effectiveness of the proposed architecture, the researchers conducted rigorous evaluations, including assessments of security services, efficiency, and latency. Deployments on both private and public ledgers, such as Hyperledger Besu and the Goerli Testnet, provided practical insights into the real-world applicability of the proposed solution.

Methodology

The research methodology is a comprehensive framework that introduced an extended NFT standard for cyber-physical systems (CPSs) in smart cities. It innovatively expanded the ERC721 protocol, enabling the digitization of IoT assets with robust authentication mechanisms. The proposed methodology employed cryptographic primitives, ensuring data integrity and confidentiality. Deployment on both public and private blockchains facilitated real-world evaluations.

The working mechanism involved a smart contract for NFT declaration, associating IoT assets with metadata, and enhancing security without hardware upgrades. The architecture supported multiple smart contracts for diverse CPSs and included an authentication layer using SHAIII encryption. The consensus mechanism, IBFT 2.0, ensured secure user authentication, and the verification and blockchain layer provided essential security services, establishing decentralized identification in CPSs. The methodology achieved its objectives by offering an innovative, secure approach to digitize and authenticate IoT assets, contributing significantly to blockchain-based solutions for IoT in smart cities.

Design and Implementation

Smart contracts, written in Solidity on Remix IDE, were deployed on the Ethereum-based Goerli testnet. Utilizing ERC-721, the architecture enhanced asset representation, introducing novel attributes like User ID (UID), Device ID (DID), and FogID. The modular components accommodated various cyber-physical systems in smart cities. The authentication process involved secure session connections, device mapping, and user authentication through NFT minting.

Gas consumption analysis revealed efficiency, and transaction postings on Goerli demonstrated successful authentication. The proposed design, with pseudo-codes and algorithms, ensured clarity in deploying the architecture across diverse settings. Source code accessibility on GitHub enabled public exploration and deployment on the Goerli testnet, validating the architecture's functionality and security services.

Results and Discussion

The proposed NFT-based architecture demonstrated enhanced security services, including confidentiality, availability, and integrity, filling a gap identified in existing literature. The implementation ensured confidentiality by restricting smart contract access to the owner, validated through failed transactions for unauthorized access attempts. Availability is assured by the owner's exclusive control over smart contract assets. Authorization is reinforced by an "OnlyOwner" modifier, limiting access to approved entities.

The use of the SHA-III encryption protocol in minting functions ensured integrity. Gas consumption analysis on the Goerli testnet revealed efficiency, with the proposed architecture outperforming a PUF-based NFT solution regarding execution cost. The proposed functions exhibited low gas consumption, providing an efficient and secure solution for IoT asset authentication. Time complexity analysis affirmed low latency, with validation on a private blockchain and Goerli testnet supporting the architecture's effectiveness.

Conclusion

In conclusion, this study presented a novel blockchain-based model using NFTs to enhance security in smart city cyber-physical systems. The architecture, built on private and testnet blockchains, integrated robust consensus mechanisms and achieved security objectives, including confidentiality, integrity, availability, and authorization.

The proposed NFT functions demonstrated efficiency, with lower gas consumption compared to existing solutions. Innovative call() functions enhanced time complexity, reducing transaction costs. The architecture aimed to authenticate users and devices through unique NFTs, providing a promising solution for secure and efficient smart city implementations. Future testing in real-world scenarios will further validate its effectiveness.

Journal reference:
Soham Nandi

Written by

Soham Nandi

Soham Nandi is a technical writer based in Memari, India. His academic background is in Computer Science Engineering, specializing in Artificial Intelligence and Machine learning. He has extensive experience in Data Analytics, Machine Learning, and Python. He has worked on group projects that required the implementation of Computer Vision, Image Classification, and App Development.

Citations

Please use one of the following formats to cite this article in your essay, paper or report:

  • APA

    Nandi, Soham. (2023, November 17). NFT-Based Authentication: Securing IoT Assets in Smart City Infrastructure. AZoAi. Retrieved on October 10, 2024 from https://www.azoai.com/news/20231117/NFT-Based-Authentication-Securing-IoT-Assets-in-Smart-City-Infrastructure.aspx.

  • MLA

    Nandi, Soham. "NFT-Based Authentication: Securing IoT Assets in Smart City Infrastructure". AZoAi. 10 October 2024. <https://www.azoai.com/news/20231117/NFT-Based-Authentication-Securing-IoT-Assets-in-Smart-City-Infrastructure.aspx>.

  • Chicago

    Nandi, Soham. "NFT-Based Authentication: Securing IoT Assets in Smart City Infrastructure". AZoAi. https://www.azoai.com/news/20231117/NFT-Based-Authentication-Securing-IoT-Assets-in-Smart-City-Infrastructure.aspx. (accessed October 10, 2024).

  • Harvard

    Nandi, Soham. 2023. NFT-Based Authentication: Securing IoT Assets in Smart City Infrastructure. AZoAi, viewed 10 October 2024, https://www.azoai.com/news/20231117/NFT-Based-Authentication-Securing-IoT-Assets-in-Smart-City-Infrastructure.aspx.

Comments

The opinions expressed here are the views of the writer and do not necessarily reflect the views and opinions of AZoAi.
Post a new comment
Post

While we only use edited and approved content for Azthena answers, it may on occasions provide incorrect responses. Please confirm any data provided with the related suppliers or authors. We do not provide medical advice, if you search for medical information you must always consult a medical professional before acting on any information provided.

Your questions, but not your email details will be shared with OpenAI and retained for 30 days in accordance with their privacy principles.

Please do not ask questions that use sensitive or confidential information.

Read the full Terms & Conditions.

You might also like...
Deep Learning Secures IoT with Federated Learning