The Internet of Things (IoT) is the network of connected computing devices that have the ability to transfer valued data between each other via the Internet without requiring human intervention. In such a connected environment, the social IoT (SIoT) has become an emerging trend where multiple IoT devices owned by users support communication within a social circle. Trust management in the SIoT network is imperative as trusting the information from compromised devices could lead to serious compromises within the network. It is important to have a mechanism where the devices and their users evaluate the trustworthiness of other devices and users before trusting the information sent by them. The privacy preservation, decentralization, and self-enforcing management without involving trusted third parties are the fundamental challenges in designing a trust management system for SIoT. To fulfill these challenges, this article presents a novel framework for computing and updating the trustworthiness of participants in the SIoT network in a self-enforcing manner without relying on any trusted third party. The privacy of the participants in the SIoT is protected by using homomorphic encryption in the decentralized setting. To achieve the properties of self-enforcement, the trust score of each device is automatically updated based on its previous trust score and the up-to-date tally of the votes by its peers in the network with zero-knowledge proofs (ZKPs) to enforce that every participant follows the protocol honestly. We evaluate the performance of the proposed scheme and present evaluation benchmarks by prototyping the main functionality of the system. The performance results show that the system has a linear increase in computation and communication overheads with more participants in the network. Furthermore, we prove the correctness, privacy, and security of the proposed system under a malicious adversarial model.

中文翻译：

---

社交物联网去中心化自我执行信任管理系统


物联网 (IoT) 是连接计算设备的网络，能够通过互联网在彼此之间传输有价值的数据，而无需人工干预。在这样的互联环境中，社交物联网（SIoT）已成为一种新兴趋势，用户拥有的多个物联网设备支持社交圈内的通信。 SIoT 网络中的信任管理势在必行，因为信任来自受感染设备的信息可能会导致网络内严重受损。重要的是要有一种机制，让设备及其用户在信任其他设备和用户发送的信息之前评估其他设备和用户的可信度。隐私保护、去中心化和不涉及可信第三方的自我执行管理是设计SIoT信任管理系统的根本挑战。为了应对这些挑战，本文提出了一种新颖的框架，用于以自我执行的方式计算和更新 SIoT 网络中参与者的可信度，而无需依赖任何受信任的第三方。 SIoT 参与者的隐私通过在去中心化设置中使用同态加密来保护。为了实现自我执行的特性，每个设备的信任分数会根据其之前的信任分数以及网络中对等点的最新投票结果，通过零知识证明（ZKP）自动更新，以强制每个参与者诚实地遵守协议。我们评估所提出方案的性能，并通过对系统的主要功能进行原型设计来提出评估基准。 性能结果表明，随着网络参与者的增多，系统的计算和通信开销呈线性增加。此外，我们在恶意对抗模型下证明了所提出系统的正确性、隐私性和安全性。