An Efficient Privacy and Anonymity Setup on Hyperledger Fabric for Blockchain-Enabled Internet of Things (IoT) Devices

Abstract

The rise in IoT (Internet of Things) devices poses a significant security challenge. Maintaining privacy and ensuring anonymity within the system is a sought-after feature with inevitable trade-offs, such as scalability and increased complexity, making it incredibly challenging to handle. To tackle this, we introduce our proposed work for managing IoT devices using Hyperledger Fabric. We integrated our system on the blockchain with a closed-circuit television (CCTV) security camera fixed at a rental property. The CCTV security camera redirects its feed whenever a new renter walks in. We have introduced the web token for authentication from the renter to the owner. Our contributions include an efficient framework architecture using key invalidation scenarios and token authentication, a novel chain code algorithm, and stealth addresses with modified ring signatures. We performed different analyses to show the system’s throughput and latency through stress testing. We have shown the significant advantages of the proposed architectures by comparing similar existing schemes. Our proposed scheme enhances the security of blockchain-enabled IoT devices and mitigates the single point of failure issue in the existing scheme, providing a robust and reliable solution. Our future work includes scaling it up to cater to the needs of the healthcare system.

1. Introduction

The Internet of Things (IoT) system is a complex environment where multiple entities and devices interact. These systems are centralized and trust-dependent [1]. They interconnect numerous devices to exchange and update data for various applications in a smart city, smart home, smart car, healthcare, and other environments [2]. As the usage of IoT has become widespread, there have been attempts to replace the existing centralized access control methods with distributed ones [3]. One of the major challenges in replacing centralized systems is security [4].

The technological industry and information security have evolved quickly and developed exponentially [5]. Many new devices are surfacing daily, and security features must be investigated. Security and privacy are two primary concerns that must be implemented for data protection against different attacks [6]. Privacy is one of the system’s top priorities, and this feature attracts more studies to focus on it. Maintaining the anonymity of users across all platforms is another challenge when it comes to security. Privacy is about the controlled sharing of information. It can exist along a spectrum, allowing varying levels of disclosure. At the same time, anonymity represents the end of the privacy spectrum, where no identifying information is disclosed, and the individual remains wholly concealed.

With the introduction of blockchain in 2008 through Bitcoin by Satoshi Nakamoto, it is now used in various fields beyond cryptocurrencies and payment verification systems [7]. Because of its decentralized architecture and transparency, it is used in healthcare [8], transportation [9], and education areas [10]. Systems that require a third party as a key player, cost a lot, and have access to all the data are now shifting their focus to this area [11]. As a distributed ledger technology, blockchain is widely used in trusted resource management [12]. Blockchain-based computing resource trading is established to guarantee security and privacy [13]. Smart contracts are an attractive feature that has increased research in various areas. In [14], the authors propose a blockchain-independent smart contract infrastructure suitable for resource-constrained IoT devices.

Hyperledger Fabric is built on the principles of blockchain technology, with an open architecture that allows for modification of the consensus mechanism to enhance performance [15]. The modular approach of Hyperledger Fabric allows users to make the system according to their desired needs and add functionalities that help achieve the desired results. It is a permissioned blockchain architecture that allows only the participants to register through the Membership Service Provider (MSP). The certificate authority issues a certificate during the process. The private data collection (PDC) feature helps create channels among the blockchain participants according to the desired privacy. Unlike a public blockchain, this feature removes the overhead of creating separate channels. Like public blockchain, many mobile IoT devices are implemented in Hyperledger Fabric for authentication. In [16], the authors propose authenticating mobile IoT devices using Hyperledger Fabric as a broker, making the system more scalable and manageable.

Much research is carried out in the healthcare field using Hyperledger Fabric. In [17], the authors propose a patient-centric architectural framework for enhancing healthcare management during COVID-19. The solution tracks COVID-19 patients and mitigates the risk of patient data loss by maintaining privacy and security. An efficient chain code for access control in the Hyperledger Fabric system is proposed in [18]. Another healthcare monitoring system based on IoT-blockchain architecture on the Hyperledger framework is presented in [19]. Surveillance systems use Hyperledger Fabric due to its enhanced privacy features. In [20], the authors propose a data verification system for CCTV surveillance cameras in smart cities. They present a system that guarantees the trustworthiness of the stored recordings, allowing the authorities to validate whether a video has been altered. A decentralized approach for secure and sustainable networks with distributed video footage from vehicle-mounted cameras in smart cities is proposed in [21]. The authors combine vehicle cameras, blockchain technology, and certification authority to ensure video data’s secure and sequential storage, protecting it against tampering and unauthorized access. In [22], the authors propose a two-level blockchain system for digital crime evidence management. The system separates the evidence into hot and cold blockchains.

Hyperledger Fabric is also used in the energy sector to maintain privacy and security in the smart grids. In [23], the authors propose a secure data aggregation scheme for smart grids. They present a decentralized and secure data aggregation method to protect individual consumption data’s privacy, integrity, authentication, and confidentiality. In [24], the authors conducted a comprehensive empirical study to understand validator peers in Hyperledger Fabric and to improve the energy efficiency of permissioned blockchains using FPGAs. Hyperledger Fabric is consistently used in land registrations and rental agreements. In [25], the authors developed a system that facilitates secure and transparent land transactions from planning to certificate issuance and integrates the management of land sales, significantly reducing the need for intermediaries. A residential smart rental platform, compliant with GDPR and based on blockchain technology, is designed to facilitate secure rental contracts and payments for landlords and tenants in [26].

Online voting systems have been implemented on Hyperledger Fabric to ensure anonymity. In [27], the authors tackle some of the drawbacks and limitations of current systems and assess some well-known blockchain frameworks to build a blockchain-based electronic voting system. A similar system has been proposed in [28], where authors focus on the security and reliability of the online voting systems through Hyperledger Fabric. In [29], the authors propose a method for transmitting transaction data encrypted by homomorphic encryption through a secure channel and recording it on the blockchain after the voting. Most studies focus on either privacy [30] or anonymity [31]. In [32], the authors propose an architecture that addresses privacy and anonymity. They adopt the K-anonymity method to construct a unified request to hide the location information of electric vehicles (EVs) based on undirected graphs. However, this scheme has a limitation due to the use of a consortium blockchain, where there are controlling nodes to verify and validate the transactions. In this scheme, attackers can obtain the location coordinates of EVs, although it is difficult to distinguish which EV coordinate belongs to them.

Hyperledger Fabric technology deployment in IoT systems is becoming common nowadays. Since our system works for both privacy and anonymity and is distributed, we have used this to cater to our needs. Scalability is an essential feature for any system, and due to Hyperledger Fabric’s modular approach, our system is very scalable. The feature of private data collection helped us group different users on different channels without creating individual channels. Since our system is private, a membership service provider adds a scanner to our system. Because of this, no unauthorized person can enter the system, thus cushioning the concerns about destabilizing blockchain. The chain code and endorsement policies realize the real-world scenarios that strengthen our system.

We present a Hyperledger Fabric design for a CCTV security camera rental system. Our work’s key contributions are outlined below:

• Our framework devises a novel chain code algorithm to ensure the system’s seamless operation. The endorsement policies are designed with real-world scenarios in mind.
• Our system uses a single key to invalidate the previous keys at once. Due to the modular approach of Hyperledger Fabric, our system is much more scalable than the previously developed system.
• The system introduces the token concept for authentication purposes to mitigate the single point of failure in the existing system, as the token can be regenerated if lost.
• The system ensures anonymity by adding an extra layer of security over the previously modified ring signatures. We add stealth addresses to our scheme to enhance the anonymity of both the user and the recipient.

The remainder of this paper is organized as follows: Section 2 reviews the related work. Section 3 explains the proposed framework architecture. Section 4 discusses experimental analyses and comparisons, while Section 5 concludes the paper with future research directions.

2. Related Works

Since the inception of Hyperledger Fabric, various studies have been conducted in various fields. Some studies are related to preserving privacy and maintaining anonymity in the system. Since privacy is everyone’s major desire, this area has been touched upon more than anonymity. Other than surveillance systems, privacy and anonymity have been focused on health care, voting systems, and smart grids.

In [33], the authors propose a design for the blockchain-based management of video surveillance systems. The proposed system involves trusted internal managers in the blockchain network. Figure 1 shows the proposed architecture. The video’s metadata are recorded on the blockchain’s distributed ledger to block data forgery. In this architecture, the video is first encrypted and then stored. Then, a license is created within the blockchain, and that license is used to export the video. The private database of the blockchain manages the video’s decryption key; therefore, the internal managers cannot leak it unauthorizedly. The internal managers also manage and export videos safely by exporting the license issued within the blockchain. The authors utilize the private data collection feature of Hyperledger Fabric, which collects, commits, and queries private data without creating individual channels. The membership service provider is used to make the network private. This scheme has security limitations as it uses internal managers. Though the system is well managed, and the internal managers need authorization to manage the decryption key, there is no concrete evidence that it cannot be breached. Furthermore, there may be a chance of hacking the video’s decryption key.

In [34], the authors present a trustworthy and secure house rental system using blockchain and smart contracts. The authors propose blockchain with smart contracts to mitigate data security, third-party dependence, fraudulent agreements, payment delays, and ambiguous contracts. The proposed system works on Hyperledger’s off-chain and on-chain transactions. Based on mutual understanding, off-chain communication carries out the rental contract between the tenant and the landlord. On-chain communication includes deposit and rental payments, digital key generation, and contract dissolution. This system ensures immutability and no dependence on third parties but lacks extensive protection for privacy. No concept of anonymity is used in the system; thus, the system lacks critical security parameters.

Smart grid systems have been using blockchain technology for a long time due to the inherent advantages of privacy and security. In [35], the authors propose incorporating privacy and transparency into blockchain-based smart grid operations. They introduce a new method to balance privacy, transparency, accountability, and verifiability. They utilized cryptographic tools to reach this objective, incorporating secure multiparty computations and verifiable secret sharing within the distributed components of a multichannel blockchain and its associated smart contracts. The system implements demand response to enhance efficiency by measuring demand and supplying energy accordingly. Furthermore, the authors address potential accidental crashes by ensuring the solution suits low-performance IoT devices. They also maintain customer privacy by using different channels with the grid operator. Figure 2 shows the demand workflow with a blockchain-based energy management system. This system uses blockchain with different channels to maintain customer privacy. Instead of using separate channels, if Hyperledger Fabric had been used, the PDC feature could have been utilized for channel creation without creating individual channels. Furthermore, Hyperledger Fabric’s modular approach could have reduced the computational complexity of different consensus algorithms used in the public blockchain network.

In [36], a framework for a secure privacy and anonymity system for blockchain-enabled IoT devices is proposed. The system proposed is called SPAS. This original SPAS architecture is the basis for the proposed improvement in this paper. Figure 3 shows the basic architecture of SPAS. In this framework, the CCTV security camera feed is redirected to the renter when renting a property. At the same time, the old keys of the CCTV security camera are invalidated, and the feed to the owner is stopped. The owner generates the temp_ID for the renter and sends it on their mobile phone, and the renter verifies that temp_ID on the web portal. Though this system provides extreme security and anonymity by using modified ring signatures, some limitations still exist. The single point of failure issue with the mobile service and the temp_ID getting hacked if the mobile phone is stolen remains unsolved.

This paper presents our efficient privacy and anonymity setup on Hyperledger Fabric based on the original SPAS architecture presented in [36]. Our proposed system maintains privacy and anonymity while meeting the basic needs of no dependence on third parties, less computationally extensive schemes, and immutable transactions. The modular approach of Hyperledger Fabric allows us to add different entities and incorporate our core entities with them. This system is comparable to any mentioned systems for security enhancement.

3. Proposed System

Privacy and anonymity have become the desired features of almost every existing system. Our system focuses on CCTV security camera feed, which requires a substantial level of privacy for the user and maintains anonymity altogether. In this system, the CCTV security camera feed can be viewed either by the owner of the property or the renter who acquires the property one at a time. There can be several scenarios where this system can be applied, which include neighborhood watch programs where a community organization owns a network of CCTV security cameras placed strategically throughout a neighborhood and provides access to these cameras for a small fee. Another scenario is construction project rentals, where a construction equipment rental company owns CCTV security cameras designed to monitor construction sites. They rent out these CCTV security cameras to various construction companies on a project-to-project basis, providing real-time surveillance to enhance site security. All three scenarios, including our focused system, have a common thing: the desire for privacy and anonymity.

This section is organized as follows: Section 3.1 briefly introduces Hyperledger Fabric technology. Section 3.2 will describe the basic architecture of our proposed system. While presenting the overall architecture of our system, we will detail our approach to preserving privacy and avoiding a single point of failure. In Section 3.3, we described the detailed flow of SPAS-H working. This includes a step-by-step workflow of the system and an algorithm. In Section 3.4, we propose an additional anonymity layer over the modified ring signatures for key management in the form of stealth addresses.

3.1. Overview of Hyperledger Fabric

Hyperledger Fabric is a blockchain platform that requires permission to access and has a modular architecture. This allows for the development of blockchain-based applications, solutions, and networks. Some key aspects of Hyperledger Fabric include a permissioned network, modular architecture, chain code (similar to a smart contract in a public blockchain), channel support (enabling private communication and transactions among multiple parties within a subset of a network), endorsement policy (defining the required criteria for a transaction to be considered valid), and ledger features such as world state and transaction log. Additionally, it supports pluggable consensus algorithms, allowing network participants to select the most suitable consensus mechanism for their specific case.

3.2. Basic Architecture of the Proposed System

Since this system extends our previous system from public blockchain to Hyperledger Fabric, we call our system Secure Privacy and Anonymity Setup on Hyperledger (SPAS-H). Hyperledger Fabric’s modular nature helped us utilize its features to our desired requirements. The permissioned network feature helped us limit the anonymous users in the network and have scalability in control. Due to channel support in the fabric, our system enhances confidentiality among the participating entities. As our system requires several conditions to be satisfied before access is granted, the endorsement policies of fabric come into play as the policies can be customized based on the requirements, ensuring the proper validation and authorization of transactions. Other features, which include limiting the dependence on the third party for central operations, access of every node to the entire database, and its history and immutability, are the inherent features of blockchain technology utilized in this system, too.

A combination of different components makes up our SPAS-H system. These components work together to give the system the desired results. These include the following:

• CCTV security camera: Device for outputting the video feed.
• Owner: The one who owns the property. One owner can own multiple properties in multiple buildings, each with a single CCTV security camera.
• Renter: The one who rents the property and receives the CCTV security camera feed.
• Security agency: It is responsible for deploying CCTV security cameras at owners’ properties. The security agency also has a blockchain network that contains transactional information for all registered owners and renters.
• Web portal: This is where the validation and authorization work occurs, both at the owner’s and renter’s end.
• SPAS-H API is the interface between the entities and the Hyperledger Fabric network, used by the owners and renters and authenticated by the membership service.
• Keys management: The key generation platform is where the entities involved generate the key pairs. This enhances the anonymity feature of our system by incorporating multiple security layers. A single key at one time and key invalidation are important parts of the system.
• Chain code: It defines the rules that govern the transactions.
• Blockchain network: Private blockchain network based on Hyperledger Fabric.

Figure 4 shows the architecture of SPAS-H. Different types of flows are indicated in different colors. Also, on-blockchain and off-blockchain communication, a key feature of our advanced system, is carried out throughout. The security agency deploys the CCTV security camera and waits for the public key, which is then sent to the property owner. The camera feed is directed toward the owner. Communication between the owner and renter is carried out through the SPAS-H interface via blockchain, which includes the money transfer. Further, on-blockchain communication exists between the owner and the SPAS-H interface and between the renter and the SPAS-H interface. The owner and renter also communicate off-blockchain with the web portal for authentication purposes, which comes under the umbrella of information flow. The CCTV security camera communicates with the SPAS-H interface off-blockchain to transfer public key information to the renter.

The property owner originates the system by giving the listing to the security agency. The listing contains the owner’s vacant properties, which can be rented out. The security agency deploys CCTV security cameras at the vacant properties. The security agency has a private blockchain network deployed on Hyperledger Fabric containing multiple channels, each with multiple peers. These peers are the endorsers and committers in the system and the owners or renters of some properties. The owner and renter register through the membership service provider and obtain the certificate from the certificate authority. Then, they generate their public and private keys through symmetric key encryption and enter the public keys and remaining detailed information in the SPAS-H and the chain code. After this, redirecting the CCTV security camera feed from the owner to the renter occurs. Before this, the money is transferred to the owner, and the transaction is encrypted through a modified ring signature and masked by a stealth addresses to hide the identity of both the owner and the renter.

3.3. The Flow of the SPAS-H Working

Like SPAS, SPAS-H also works in three phases: deploying CCTV security cameras, renting property, and expiring the contract. The deployment and expiration of contracts mainly remain the same with minor amendments. The phase of renting property has extensive changes that strengthen privacy preservation in SPAS-H as it adds a new layer of security. Furthermore, compared to SPAS, SPAS-H removes the concept of receiving temp_ID and communication on mobile phones, thereby limiting the chances of temp_ID getting hacked by anyone and the single point of failure regarding mobile service outage.

When renting begins, the renter selects a property from SPAS-H and registers it on the blockchain. They then generate a token for authentication on the web portal. This JSON Web Token (JWT) token is used for web authentication, authorization, and information exchange. It grants access to specific routes, services, and resources. In the case of SPAS-H, the token authorizes the renter to access the CCTV security camera feed. The token verifies the renter’s identity and intent to rent the property from the owner. Once generated, the token is sent to the owner via the SPAS-H interface for authentication on the web portal. This process adds an extra layer of security to the system, eliminating the need for temporary ID generation and mobile phone verification.

After the token authentication, the owner adds details of the renter with the CCTV security camera, and the procedure is carried forward through the Hyperledger Fabric endorsement procedure, abiding by the defined endorsement policy in the system set by the property owner. This endorsement policy is different for different properties, as some properties might need the endorsement of all peers while others may require semi-agreement of the peer. This depends on factors that are outside the scope of our current work. Figure 5 shows the flow of SPAS-H, and the workflow explanation is as follows.

1.  

Property listing: The property owner lists all the properties with the security agency. This includes all the vacant and occupied properties, which will help the future renters choose.

2.  

The process of CCTV security camera deployment and the feed commencement

2.1.  

The security agency installs CCTV security cameras at all properties and asks the CCTV security camera to generate the key pair.

2.2.  

The CCTV security camera generates key pairs (public and private keys) through key management, which uses asymmetric key encryption.

2.3.  

The security agency transfers the CCTV security camera public key to the owner.

2.4.  

The owner generates their key pairs.

2.5.  

The owner uses their private key to access the CCTV security camera feed. The CCTV security camera starts streaming the video feed to the owner.

3.  

The process of the owner joining SPAS-H and the blockchain network

3.1.  

The security agency asks the owner to join SPAS-H and the blockchain network.

3.2.  

The owner signs up for SPAS-H and logs in using their ID and password.

3.3.  

The owner joins the blockchain network of the security agency through a membership service provider, and the certificate authority issues the certificate. The owner now bears the SPASH ID, blockchain address, and certificate.

3.4.  

The owner enters their details in the chain code and saves them in the SPAS-H database. SPAS-H maps the owner’s information against their properties.

4.  

The process of the renter joining SPAS-H and the blockchain network

4.1.  

The renter signs up for SPAS-H and logs in using their ID and password.

4.2.  

The renter can view the available properties on SPAS-H and select their preferred one.

4.3.  

The renter joins the blockchain network of the security agency through a membership service provider, and the certificate authority issues the certificate. The renter now bears the SPAS-H ID, blockchain address, and a certificate.

Algorithm 1 redirects a CCTV security camera feed from the owner to the renter, and it does not include the Hyperledger endorsement process.

Algorithm 1: CCTV security camera feed redirection to renter.
	Definitions:			Oi ∈ O: set of Owners
				Ri ∈ R: set of Renters
				Ci ∈ C: set of Contracts
				Pi ∈ P: set of Properties of Owners
				SA: Security Agency
	Input:			Blockchain address, public key, and token
	Output:			CCTV camera feed redirection
1	Initialization:			SC.Expiry ← false
2	SC.duration = renter defined;				/* according to the renter requirement */
3	SA.CCTV_access ← false
4	SA.CCTV_key = generate()
5	Send Oi [Pi ] → SA
6	foreach Property Pi, Owner Oi do
7		Send Oi [BC_addr, pub_key] to SA
8		SA.Pi ← NULL
9	end
10	foreach Renter Ri after choosing property Pi ∈ P do
11		Generate token from web portal
12		return Ri .token
13	end
14	foreach Renter Ri after generating token do
15		Send Ri [BC_addr, pub_key, SPAS-H_ID, token] to Oi
16		Oi verifies token on web portal
17		if Oi .token equals Ri .token then
18			Oi .Pi .CCTV == Ri .SPAS-H_ID
19			Set SA.CCTV_access == true
20			Set SC.expiry == true
21			SC.duration ← getRentDuration()
22			return SA.CCTV_key to Ri
23		end
24	end

After the initialization and the generation of the CCTV security camera’s key pair, the owner is asked to enter the details in the smart contract, shown in Lines 6–9. After choosing the property listed by the owner, the renter generates a web token, as shown in Lines 10–13. From Lines 14–16, the renter sends their details to the owner; it contains the web token along with the blockchain address, the public key, and the SPAS-H ID. The owner after receiving details, verifies the web token first on the web portal. Lines 14–23 show the after-work of the token authentication. If the token is authenticated, the owner maps the CCTV security camera ID with the renter’s SPAS-H ID and asks the renter about the rental duration. To this point, the CCTV security camera feed is directed toward the owner. After the rental duration is entered by the renter, the CCTV security camera is asked to generate new key pairs, which stops the CCTV security camera from feeding to the owner. The renter receives the CCTV security camera’s new public key and receives the feed redirected to them.

5.  

Web token generation process

5.1.  

The renter utilizes the web portal to create a JSON Web Token.

5.2.  

The renter enters their details in the chain code, including their blockchain address and certificate. The renter also saves the generated token on SPAS-H for the selected property.

6.  

Web token authentication process

6.1.  

SPAS-H notifies the owner about any information entered regarding their property.

6.2.  

The property owner requests and receives the web-generated token from the potential renter through SPAS-H.

6.3.  

The owner uses a web portal to authenticate the token and validate whether the renter is a verified renter or an adversary who wishes to harm the property. The authentication process, initiated by the renter and completed by the owner, is an added layer of security in the system and is logically correct. If the owner generates the token, they must wait indefinitely for the renter to select their property and authenticate the token.

7.  

The process of rental duration confirmation

7.1.  

The owner looks up SPAS-H, the information mapped against their property, and gets the renter’s SPAS-H ID. The owner maps the renter’s SPAH-H ID with the CCTV security camera ID.

7.2.  

The owner queries the renter about the rental duration.

7.3.  

After entering the rental duration, the renter deposits the rent and asks SPAS-H for the CCTV security camera key after generating their key pairs through key management.

8.  

The process of updating the ledger and adding blocks to the blockchain network

8.1.  

SPAS-H sends a CCTV security camera feed redirection proposal to the endorsing peer.

8.2.  

The endorsing peer runs the chain code to simulate the CCTV security camera redirection to the renter proposal.

8.3.  

After executing the chain code, the endorsing peer sends the proposal response to SPAS-H.

8.4.  

SPAS-H submits transactions to the ordering service. The ordering service generates a block of transactions and then sends the block to the committing peer.

8.5.  

The committing peer validates each transaction, verifies the endorsement policy, and then commits the block to the blockchain. The endorsement policy for SPAS-H is described briefly below in

Table 1. Endorsement policy.

Configuration	A building of two floors; each floor has three houses
Peer nodes	floor1 house1 (f1h1), floor1 house2 (f1h2), floor1 house3 (f1h3) floor2 house1 (f2h1), floor2 house2 (f2h2), floor3 house3 (f2h3)
Orderer node	Orderer
Endorsement Policy	3/3 from the same floor and 2/3 from other floors Consider a property selected on floor 1 The endorsement policy will be: [(f1h1.f1h2.f1h3). ((f2h1.f2h2)|(f2h1.f2h3)|(f2h2.f2h3))]

.

9.  

The process of the CCTV security camera generating new keys

9.1.  

After updating the ledger, SPAS-H requests the public key from the CCTV security camera.

9.2.  

The CCTV security camera generates new key pairs and sends the public key to SPAS-H. The old CCTV security camera key is invalidated, and the video feed to the owner is discontinued.

10.

The process of initiating the CCTV security camera feed for the renter

10.1.

SPAS-H sends the CCTV security camera’s public key to the renter. The renter generates their key pairs and uses their private key to access the video feed.

10.2.

The CCTV security camera feed is redirected to the renter.

Several control mechanisms are employed to safeguard the blockchain network from potential collapse due to the continuous invocation of chain code. These control mechanisms include attribute-based access control, role-based access control, and reputation-based access control. Additionally, the use of distributed identity server control, where users are registered first, can contribute to the resilience and stability of the blockchain network. A total of five entities are involved in SPAS-H which perform their roles and processing. Figure 6 shows the activity diagram of SPAS-H with all five entities.

3.4. Maintaining Anonymity

In the original SPAS, the key management part of the scheme involved the owner, the renter, and the CCTV security camera, generating a key pair to be used for different operations. After the keys were generated, anonymity was maintained by using modified ring signatures [37,38] to mask the identities of both the owner and the renter. In SPAS-H, we built on the scheme used in the original SPAS by adding an additional layer of security, thereby enhancing the value of maintaining anonymity in the system.

In SPAS-H, we added an additional layer of identity masking, specifically for the recipient of the transaction, using stealth addresses [39]. The addition of stealth addresses ensures strong end-to-end anonymity in the system, a feature desired by almost everyone. Unlike conventional public addresses, stealth addresses provide unique, one-time addresses for every transaction. Monero also utilizes stealth addresses along with ring signatures to enhance user anonymity. The fundamental mathematical formulation of stealth addresses remains the same as [40].

When a sender initiates a transaction using a stealth address, the recipient can derive their private key to claim the funds securely without disclosing their public address. This method helps protect user identities and transaction details from prying eyes on the blockchain network. By incorporating stealth addresses into transactions, cryptocurrency users can enjoy increased privacy, confidentiality, and security. Using stealth addresses represents a valuable tool for safeguarding sensitive information and ensuring higher anonymity in blockchain transactions. Figure 7 shows the abstract workflow of stealth addresses.

The sender wants to send money to the receiver, so they first generate the stealth address of the original sending address. After this, the money is sent to all potential receivers. Upon receiving the message, the receivers use their private keys to decrypt it. Only the intended person can decrypt it and claim the money, while the others discard the transaction.

4. Discussion and Analysis

Our proposed scheme focuses on preserving privacy and maintaining anonymity. To achieve privacy, we used a novel chain code algorithm that employs one key at a time without reuse and generates a new key at every redirection of the camera feed. For anonymity, we used stealth addresses with modified ring signatures from the original SPAS architecture. These mechanisms help mitigate security threats such as double usage, single point of failure, blockchain collapse, and system hacking. Moreover, we addressed the scalability issue by using the modular approach of Hyperledger Fabric, which allows for the addition of modules as needed.

During the implementation phase, we encountered various challenges. One of the challenges was integrating on-blockchain and off-blockchain communication. We addressed this challenge with the emergence of oracles, which are third-party services that fetch data from external sources and feed it into the blockchain. Another challenge was using stealth addresses with modified ring signatures. We overcame this challenge by leveraging mathematical modeling of ring signatures and stealth addresses, combining them to achieve our desired goal. Lastly, combining both privacy and anonymity setups posed another challenge, which we addressed through extensive experimentation.

4.1. Implementation

The permissioned nature of Hyperledger Fabric makes it an excellent tool for companies to use internally without the fear of outside manipulation. A CPU with 4 GB of RAM was deployed to host the private blockchain network. Using Fabric version 2.5.7, an endorser peer, a single orderer, and two committer peers were established. These nodes share a common channel for instantiating the developed chain code. Hyperledger is highly configurable through its modular design and use of chain codes. Chain code drives the functionality of the blockchain, acting as the logic for the blockchain and being the fundamental aspect of the proposed solution. Unlike many blockchains that require smart contracts to be written in domain-specific languages, Hyperledger Fabric allows them to be written in general-purpose programming languages like Java, Go, and Node.js. The developed chain code is written in Node.js.

4.2. Transactional Analysis

We conducted transactional analysis by stress testing the system, varying the number of operations per second. We closely monitored the impact on throughput and latency. Transaction latency is a crucial network-wide measure of the time taken for a transaction’s effect to be usable across the network. Figure 8 illustrates a consistent decrease in network transaction latency, indicating that our system performs better as it scales to handle a higher number of operations per second. This adaptability also ensures that the overall performance remains stable even when multiple channels, such as additional renters and CCTV security cameras, are added to the system.

Read latency is the time between when the read request is submitted and when the reply is received. Figure 9 shows the read latency of our system has decreased, indicating a reduction in response time as the number of operations increases. Both latency measures demonstrate an overall reduction as the system scales up, showcasing its ability to adapt to larger systems in the future.

Transaction throughput is the rate at which valid transactions are committed by the blockchain in a defined period. This is not the rate at a single node but is committed at all nodes of the network. Figure 10 shows the transaction throughput of the system which remains constant no matter how much the operations are run per second.

Read throughput is a measure of how many read operations are completed in a defined period, expressed as reads per second. Figure 11 shows the increasing read throughput of the system demonstrating its efficiency and resilience in overburdened environments. This shows that when dealing with very large systems and an increasing number of operations, the system is capable of performing as required.

Some qualitative analysis is carried out between SPAS and SPAS-H to show the precedence of SPAS-H. For privacy comparison, the parameters chosen are confidentiality, proof complexity, and verification efficiency index. Figure 12 shows the privacy level comparison. The measure of confidentiality is encryption strength, proof complexity, proof size, and verification efficiency. SPAS-H excels in confidentiality and verification efficiency due to its stronger encryption and greater scalability through its use of Hyperledger Fabric. Additionally, SPAS-H has higher proof complexity as it employs multiple encryption schemes.

For anonymity analysis, we compared SPAS and SPAS-H systems for anonymity level, traceability resistance, and smart contract integration. Figure 13 shows the anonymity level comparison. The parameters used to measure anonymity level are unlinkability and pseudonymity. Transaction privacy is the parameter for traceability resistance, while functionality and use cases are the parameters for smart contract integration. SPAS-H is considered better in terms of anonymity level and traceability resistance due to its use of stealth addresses, but it is the same as SPAS in terms of smart contract integration.

4.3. Comparative Analysis

We give a comparative analysis of SPAS-H with other schemes mentioned in Section 2. The compared parameters include privacy, anonymity, authentication, smart contract usage, key usage, and confidentiality. Below is

Table 2. Comparative analysis.

Categories	BVM	Smart Grids	SPAS	SPAS-H
Privacy	achieved	achieved	achieved	achieved
Anonymity	partially achieved	partially achieved	achieved	achieved
Authentication	no	no	use of temp id	use of web token
Smart Contract	yes	yes	yes	yes
Key Usage	reused	reused	always new	always new
Confidentiality	low	low	low	high

showing the comparative analysis. The purpose of this comparison is to demonstrate which scheme fully or partially achieves the specified parameters. It is crucial to illustrate that our proposed architecture accomplishes the desired features when compared to existing schemes. This is attributed to the generation of new keys each time the tenant changes, ensuring privacy, the use of tokens for authentication, and the implementation of stealth addresses to ensure anonymity.

5. Conclusions

The SPAS-H system is an innovative solution that addresses privacy and anonymity concerns within the existing framework. It effectively mitigates challenges associated with traceability and linkability. Our system employs a sophisticated mechanism incorporating web token authentication, stealth addresses, and modified ring signatures. This unique combination enhances our scheme’s resilience in preserving individuals’ anonymity. The architecture’s applicability extends beyond its current implementation, finding relevance in various IoT domains where privacy-sensitive data are at risk. In smart homes, the architecture safeguards data from IoT devices, such as facial and voice recognition, by securely storing it on the blockchain.

Furthermore, the practical implications of this architecture are truly inspiring, especially in the automotive sector. Smart contracts enable smart car parking and fuel payments, ensuring the confidentiality of identity-sensitive and monetary transactions. A significant contribution of our research is the introduction of a new chain code algorithm, notably characterized by the web token authentication architecture that enhances the efficiency of our system. The scalability of our system to diverse fields reliant on sensitive data, where preserving anonymity is crucial, underscores the versatility and relevance of our approach. Hyperledger Fabric opens the doors modularly, making it easier to scale up the system. Beyond IoT, the architecture has potential implementation in the pharmaceutical industry, particularly in scenarios involving the development and distribution of drugs through wholesalers, dispensers, and end customers.