Although managing resources in edge computing, especially within the rapidly evolving Internet of Medical Things (IoMT) environments, presents considerable challenges such as scalability and optimization, edge computing does help alleviate the computational demands on centralized systems. To effectively utilize edge nodes and minimize latency during authentication, it is essential to explore alternative research paradigms focusing on resource allocation strategies that can adapt to real-time workloads. However, the diversity in IoMT devices—manufactured by various companies with different data formats and communication protocols—poses significant challenges. Ensuring seamless device interoperability, maintaining edge node connectivity, and managing consortium blockchain networks are key research hurdles. Furthermore, developing open standards and protocols for interoperability across various IoMT systems, while integrating edge computing platforms with blockchain technology, is vital for achieving widespread adoption.
### Blockchain Edge-Based Authentication Techniques
In recent years, blockchain-based authentication methods designed for edge computing have gained significant attention due to the necessity of managing device hierarchies and securing distributed networks, particularly within the scope of edge computing and the Internet of Things. Decentralized Identity (DID) systems have emerged as a promising alternative to traditional centralized authorities, allowing entities to maintain control over their own identities. Experts have proposed utilizing blockchain as a trust layer for managing DIDs and their associated cryptographic credentials. For instance, research has demonstrated that permissioned blockchains like Hyperledger Indy can effectively register and validate DIDs, making them particularly advantageous in resource-limited IoT environments. This technology facilitates secure communication between devices at the IoT edge. To support devices with limited processing capabilities, several studies have explored the integration of lightweight cryptographic algorithms into DID systems, ensuring that blockchain-based authentication remains viable even for low-power devices.
### Chaincode and Multi-Factor Authentication
Chaincode has been extensively studied as an independent, programmable entity for enforcing authentication policies at the edge. Using platforms like Ethereum, researchers have developed protocols that enable edge devices to authenticate themselves through interactions with chaincode. A significant advancement in this area is the automation of multi-factor authentication techniques, where chaincode validates various credentials, including public keys, biometric tokens, and session-specific one-time passwords (OTPs). On the other hand, blockchain-based edge authentication systems have also been scrutinized to address privacy concerns associated with secure multi-authentication processes, incorporating Zero-Knowledge Proofs for Authentication. This technology allows an entity to prove its identity and attributes without exposing underlying data, which is crucial in sensitive domains such as healthcare and finance. By minimizing data exposure, research has indicated that protocols based on Zero-Knowledge Proofs can enhance authentication processes in edge systems. For example, a blockchain-based approach for authenticating wearable health devices has been proposed in various studies.
### Hybrid Authentication Methods
Hybrid authentication techniques employ multiple methods—such as biometrics, public key infrastructure, token-based hierarchies, and traditional password systems—to create a flexible and secure layered environment. These methods aim to combine the strengths of individual mechanisms while mitigating their weaknesses, making them particularly suitable for complex and diverse settings such as enterprise infrastructures, edge networks, and Internet of Things systems. Hybrid authentication has gained traction in IoT networks, characterized by devices with limited resources and large-scale deployments. Researchers have investigated approaches that merge behavioral data for both device and user authentication with lightweight cryptographic methods. For example, systems have been developed where biometric factors, such as fingerprints, are utilized for session continuation, while Public Key Infrastructure (PKI) is employed for initial authentication.
In edge computing scenarios, where security concerns arise from decentralized systems and the need for low-latency operations, hybrid authentication techniques are particularly relevant. Experts have highlighted the benefits of using device-based IDs along with federated authentication in edge systems. For instance, an edge device may first authenticate using a conventional username and password combination, followed by local verification performed by an edge server using a hardware token. Additionally, the integration of blockchain technology with attribute-based encryption for secure access control presents another viable option, providing an additional security layer that requires users to authenticate with blockchain-verified credentials, ensuring that only individuals with the appropriate attributes can decrypt data at the edge.
### Preliminaries
This section begins with a critical evaluation of the data and hierarchy used to illustrate this innovative hybrid design, utilizing five well-established state-of-the-art datasets for training and assessing the proposed methodologies. The datasets, which are fully open-source and publicly accessible, include: 1. “IoT-Blockchain Data” proposed by Kaggle, which comprises over 100 cycles per file determined by ten columns; 2. The “Support Datasets for Blockchain” initiative from Data.gov and Google, which features ten tables, resulting in more than 200 iterations; 3. A “Healthcare Blockchain Dataset” recommended by the Library of Research Guide, which relies on 100 columns/tables, amounting to over 10,000 iterations.
### Blockchain Hyperledger with NuCypher Threshold Re-Encryption Mechanism
The Hyperledger Indy-enabled consortium blockchain serves as a hybrid framework for secure data management among authorized users. A mathematical explanation of its primary design and implementation processes, particularly concerning the proposed IoMT authentication framework, follows. The authorized stakeholders within the network include patients, healthcare providers, IoMT device manufacturers, and regulatory agencies. Each stakeholder is identified through a distinct proxy pair, with a reliable certificate authority verifying their identities.
The framework employs a hybrid approach for stakeholder registration and device authentication, utilizing a shared proxy for devices with limited resources. To manage critical data exchanges, the NuCypher Threshold Proxy Encryption is employed, facilitating secure communication. Advanced Practical Byzantine Fault Tolerance (APBFT) is utilized by Hyperledger Indy to achieve consensus among network participants. A lead node suggests a block containing transactions, which stakeholders then validate. If at least two-thirds of stakeholders agree on the block’s validity, it is committed to the blockchain.
### Blockchain Hyperledger-Enabled Chaincode
Chaincode is deployed on the Hyperledger Indy network to automate the processes of authentication and data exchange. Each contract or code operates as a deterministic function, translating input data into output information. During the authentication process, stakeholders undergo a registration and validation sequence, where IoMT devices and healthcare providers interact to grant access based on policy requirements.
### Edge-Cloud Connectivity
In this framework, the edge is represented as a set of nodes prepared to integrate with data processing and cloud dispatch. Each edge node performs lightweight computations for IoMT devices, and the computational latency for authentication at an edge node can be assessed. Additionally, the immutability of transactions within the Hyperledger Blockchain is ensured by the NuCypher Proxy, which generates proxies based on a threshold re-encryption-enabled hierarchy. Ultimately, the decentralized nature of the system guarantees that the failure of any single stakeholder does not jeopardize the integrity of the network.
