Skip to main content
SpringerLink
Log in

TEDA: a trusted execution environment-and-blockchain-based data protection architecture for Internet of Things

  • Regular Paper
  • Published:
Computing Aims and scope Submit manuscript

Abstract

With the popularity of the Internet of Things (IoT), massive amounts of data are generated every second. By analyzing this data, attackers can launch kinds of attacks for their own profits, such as data tampering, malicious data injection, identity deception etc. To solve these problems, in this paper, we propose a Trusted Execution Environment-and-Blockchain-based data protection architecture (TEDA). In TEDA, edge devices in different IoTs maintain a consortium blockchain to achieve the secure read/write operations and verification of data together with cloud. Besides, to secure the local data processing in edge devices and manage internal light-weight devices, an Intel SGX-based module is designed. Furthermore, a new transaction structure is introduced to protect user’s access pattern. The experimental results show that the space occupancy rates of write and read of TEDA with SGX are 0.84\(\times \) and 1.07\(\times \) than that of TEDA without SGX, and the time occupancy rates of write and read of TEDA with SGX are 0.94\(\times \) and 0.90\(\times \) than that of TEDA without SGX, which indicate TEDA has a good performance.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. He W, Golla M, Padhi R, Ofek J, Durmuth M, Fernandes E, Ur B (2018) Rethinking access control and authentication for the home internet of things (iot). USENIX, 255–272

  2. Zhang S, Rong J, Wang B (2020) A privacy protection scheme of smart meter for decentralized smart home environment based on consortium blockchain. Electr Power Energy Syste 1–10

  3. Zhang B, Mor N, Kolb J, Chan DS, Goyal N (2015) The cloud is not enough: saving iot from the cloud. In: Proceedings of the 7th USENIX Conference on Hot Topics in Cloud ComputingJuly

  4. Orenbach M, Lifshits P, Minkin M, Silberstein M (2017) Eleos: exitless os services for sgx enclaves. The Twelfth European Conference, pp 238–253

  5. Arnautov S, Trach B, Gregor F, Knauth T, Martin A, Priebe C, Lind J, Muthukumaran D, O’Keeffe D, Stillwell ML, Goltzsche D, Eyers D, Kapitza R, Pietzuch P, Fetzer C (2016) Scone: secure linux containers with intel sgx. USENIX, pp 689–703

  6. Kim T, Park J, Woo J, Jeon S, Huh J (2019) Shieldstore: shielded in-memory key-value storage with sgx. In: Proceedings of the 14th EuroSys Conference 2019

  7. Bailleu M, Thalheim J, Bhatotia P, Fetzer C, Honda M, Vaswani K (2019) Speicher: securing lsm-based key-value stores using shielded execution. In: 17th USENIX Conference on File and Storage Technologies (FAST ’19), pp 173–190

  8. Shen M, Liu H, Zhu L, Xu K, Yu H, Du X, Guizani M (2020) Blockchain-assisted secure device authentication for cross-domain industrial iot. IEEE J Sel Areas Commun 942–954

  9. Hu Y, Kumar S, Popa RA (2020) Ghostor: toward a secure data-sharing system from decentralized trust. In: 17th USENIX symposium on networked systems design and implementation (NSDI ’20), pp 851–877

  10. Jangirala S, Das AK, Vasilakos AV (2019) Designing secure lightweight blockchain-enabled rfid-based authentication protocol for supply chains in 5g mobile edge computing environment. IEEE Trans Ind Inform 1–13

  11. Yang H, Liang Y, Yuan J, Yao Q, Yu A, Zhang J (2020) Distributed blockchain-based trusted multi-domain collaboration for mobile edge computing in 5g and beyond. IEEE Trans Ind Inform 7094–7104

  12. Chen Y, Xie H, Lv K, Wei S, Hu C (2019) Deplest: a blockchain-based privacy-preserving distributed database toward user behaviors in social networks. Inf Sci 100–117

  13. Si H, Sun C, Li Y, Qiao H, Shi L (2019) Iot information sharing security mechanism based on blockchain technology. Future Gener Compute Syst 1028–1040

  14. Kochovski P, Gec S, Stankovski V, Bajec M, Drobintsev PD (2019) Trust management in a blockchain based fog computing platform with trustless smart oracles. Future Gener Comput Syst 747–759

  15. Ali M, Nelson J, Shea R, Freedman MJ (2016) Blockstack: a global naming and storage system secured by blockchains. In: 2016 USENIX annual technical conference (USENIX ATC ’16), pp 181–194

  16. Narula N, Vasquez W, Virza M (2018) zkledger: privacy-preserving auditing for distributed ledgers. USENIX, pp 65–80

  17. Fan K, Bao Z, Liu M, Vasilakos AV, Shi W (2020) Dredas: decentralized, reliable and efficient remote outsourced data auditing scheme with blockchain smart contract for industrial iot. Future Gener Comput Syst Int J Esci 665–674

  18. Li L, Liua J, Changa X, Liu T, Liu J (2020) Toward conditionally anonymous bitcoin transactions: a lightweight-script approach. Inf Sci 290–303

  19. Zhou Z, Wang B, Dong M, Ota K (2019) Secure and efficient vehicle-to-grid energy trading in cyber physical systems: integration of blockchain and edge computing. IEEE Trans Syst Man Cybern Syst 1–15

  20. He S, Tang Q, Wu CQ, Shen X (2020) Decentralizing iot management systems using blockchain for censorship resistance. IEEE Trans Ind Inform 715–727

  21. Kalapaaking AP, Khalil I, Atiquzzaman M (2022) Blockchain-enabled and multisignature-powered verifiable model for securing federated learning systems. IEEE Trans Internets Things. https://doi.org/10.1109/JIOT.2023.3289832

    Article  Google Scholar 

  22. Matetic S, Wust K, Schneider M, Kostiainen K, Karame G, Capkun S (2019) Bite: bitcoin lightweight client privacy using trusted execution. In: 28th USENIX Security Symposium, pp 783–800

  23. Oleksenko O, Trach B, Krahn R, Martin A, Fetzer C, Silberstein M (2018) Varys: protecting sgx enclaves from practical side-channel attacks. In: 2018 USENIX annual technical conference (USENIX ATC ’18), pp 227–239

  24. Dave A, Leung C, Popa RA, Gonzalez JE, Stoica I (2020) Oblivious coopetitive analytics using hardware enclaves. In: EuroSys ’20: proceedings of the fifteenth European conference on computer systems

  25. Zhao W, Lu K, Qi Y, Qi S (2020) Mptee: bringing flexible and efficient memory protection to intel sgx. In: EuroSys ’20: proceedings of the fifteenth European conference on computer systems, pp 1–15

  26. Anati I, Gueron S, Johnson S (2013) Innovative technology for cpu based attestation and sealing. In: In Proceedings of the 2nd international workshop on hardware and architectural support for security and privacy

  27. Corporation I (2014) Intel®software guard extensions programming reference. In: 329298-002us Edition

  28. Zcash. https://z.cash (2017)

Download references

Author information

Authors and Affiliations

  1. School of Cyberspace Science and Technology, Beijing Institute of Technology, No. 5, South Street, Beijing, 100081, Asia, China

    Jun Zheng, Shengjun Wei & Changzhen Hu

  2. School of Computer Science and Technology, Beijing Institute of Technology, No. 5, South Street, Beijing, 100081, Asia, China

    Hui Xie & Zhengyuan Zhang

Authors
  1. Hui Xie
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jun Zheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zhengyuan Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Shengjun Wei
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Changzhen Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shengjun Wei.

Ethics declarations

Conflict of interest

The authors have no competing interests to declare that are relevant to the content of this article.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Xie, H., Zheng, J., Zhang, Z. et al. TEDA: a trusted execution environment-and-blockchain-based data protection architecture for Internet of Things. Computing 106, 939–960 (2024). https://doi.org/10.1007/s00607-023-01253-y

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00607-023-01253-y

Keywords

Mathematics Subject Classification

Search

Navigation