In the past decade, modernization of Information and Communication Technology (ICT), Edge Computing (EC), and Smart Cities has attracted significant academic interest due to its diverse applications in the fields of healthcare, transportation, agriculture, and defense. EC offers numerous advantages, including faster and more efficient services, lower latency, improved data processing, managed bandwidth consumption, scalable, real-time decision-making, security, reduced network congestion, and increased resilience. Despite these benefits, EC networks face persistent challenges, particularly related to security and privacy concerns. Addressing these security challenges requires strong authentication mechanisms, which demand extra resources like processing power and memory, often surpassing the limited capabilities of lightweight edge devices compared to cloud systems. This highlights the critical need for securing edge nodes and ensuring user privacy before real-world deployment and data transfer. User and edge device authentication is vital to prevent external and internal Impersonation and Reflection attacks that threaten system integrity and confidentiality. This paper presents a BlockChain based Authentication technique for Edge Networks (BCAuthEN) that utilizes a Consortium Blockchain (CB) with key agreements for biometric authentication, incorporating a Fuzzy Extractor (FE) to secure user biometrics and passwords. In addition, BCAuthEN offers multifactor and continuous authentication by monitoring user behavior and biometrics. BCAuthEN has been formally verified through Real-Or-Random (RoR) modeling and AVISPA tool, proving its effectiveness in enhancing privacy, and security. The proposed technique ensures robust security by preventing attackers at the potential entry points (edge nodes). In addition, BCAuthEN reduces computation cost, communication overhead and improves throughput. BCAuthEN provides strong resilience by achieving high detection accuracy and reduces false positives against impersonation and reflection attacks. Results have shown that BCAuthEN improves communication costs and reduces overhead by 10% and 7%, respectively, as compared to the recent biometric and key-based user authentication techniques.

中文翻译：

---

一种基于区块链的安全身份验证技术，用于在基于边缘的智慧城市网络中确保用户隐私


在过去十年中，信息和通信技术 （ICT）、边缘计算 （EC） 和智慧城市的现代化因其在医疗保健、交通、农业和国防领域的多样化应用而引起了学术界的极大兴趣。EC 具有许多优势，包括更快、更高效的服务、更低的延迟、改进的数据处理、托管带宽消耗、可扩展的实时决策、安全性、减少网络拥塞和增强的弹性。尽管有这些好处，但 EC 网络仍面临持续的挑战，尤其是与安全和隐私问题相关的挑战。应对这些安全挑战需要强大的身份验证机制，这需要额外的资源，如处理能力和内存，与云系统相比，这通常超出了轻量级边缘设备的有限功能。这凸显了在实际部署和数据传输之前保护边缘节点和确保用户隐私的关键需求。用户和边缘设备身份验证对于防止威胁系统完整性和机密性的外部和内部模拟和反射攻击至关重要。本文提出了一种基于区块链的边缘网络身份验证技术 （BCAuthEN），该技术利用具有生物识别身份验证关键协议的联盟链 （CB），并结合模糊提取器 （FE） 来保护用户生物识别和密码。此外，BCAuthEN 通过监控用户行为和生物识别技术提供多因素和持续身份验证。BCAuthEN 已通过实随机 （RoR） 建模和 AVISPA 工具的正式验证，证明了它在增强隐私和安全性方面的有效性。 所提出的技术通过在潜在的入口点（边缘节点）防止攻击者来确保强大的安全性。此外，BCAuthEN 还降低了计算成本、通信开销并提高了吞吐量。BCAuthEN 通过实现高检测准确性来提供强大的弹性，并减少针对模拟和反射攻击的误报。结果表明，与最近的生物识别和基于密钥的用户身份验证技术相比，BCAuthEN 降低了通信成本，并将开销分别降低了 10% 和 7%。