Content uploaded by Nadeem Javaid
Author content
All content in this area was uploaded by Nadeem Javaid on Dec 01, 2021
Content may be subject to copyright.
Noname manuscript No.
(will be inserted by the editor)
Trustful Data Trading through Monetizing IoT Data
using BlockChain based Review System
Zain Abubaker1
·Asad Ullah Khan1
·
Ahmad Almogren2,∗
·Shahid Abbas1
·
Atia Javaid1
·Ayman Radwan3
·
Nadeem Javaid1,4,∗
1Department of Computer Science, COMSATS University Islamabad, Islamabad, Pakistan
2Department of Computer Science, College of Computer and Information Sciences,
King Saud University, Riyadh, Saudi Arabia
3Instituto de Telecomunicacoes and Universidade de Aveiro, Aveiro, Portugal
4School of Computer Science, University of Technology Sydney, Ultimo, NSW, Australia
∗Correspondence: ahalmogren@ksu.edu.sa (Ahmad Almogren),
nadeemjavaidqau@gmail.com (Nadeem Javaid)
Abstract In this paper, Internet of Things (IoTs) devices are used for sensing
the data through which the device owners earn revenue. Interested users can
purchase data from IoT device owners, according to their demands. However,
users are not confident about the quality of data they are purchasing. More-
over, the users do not rely on the device owner and are not willing to initiate
data trading. Currently, data trading systems have many drawbacks, as they
involve a third party, security and reputation mechanisms. Therefore, in this
paper, IoTs and BlockChain (BC) are integrated to monetize IoT’s data and
provide trustful data trading. A BC based review system to monetize IoT’s
data trading is developed through Ethereum smart contracts. The review sys-
tem encourages the owners to provide authentic data and solves the issues
regarding data integrity, fake reviews and conflicts between entities. Reviews
and ratings are stored in the BC database for providing a guarantee about
the data quality to users. To maintain data integrity, we use an Advanced
Encryption Standard (AES)-256 encryption technique to encrypt data. More-
over, an arbitrator entity is responsible to resolve conflicts between data owner
and users. The incentive is provided to the users and arbitrators to increase
user participation and honesty. Simulations are performed for the validation
of our system. We examine the proposed model using three parameters: gas
consumption, mining time and encryption time.
2 Zain et al.
Keywords Ethereum BC ·Internet of Things ·Message Querying Telemetry
Transport ·Metadata ·Review System.
1 Introduction
Internet of Things (IoTs) is a worldwide network, where devices are having
unique identifiers to communicate and transfer data. Traditional systems use
centralized servers as a communication medium for IoT devices. Due to the
rapid increase in connected devices, The popularity of IoT is rising yearly and
becoming the center of attraction among all industries [1]. It is estimated that
in 2025, the number of IoT devices will increase from 8.5 to 20.4 billion [2].
The rapid increase of IoT applications makes this estimated increase more
evident. This large number of connected devices produces data that is valu-
able for different industries. These devices and their applications make human
life more convenient and comfortable. IoT devices are mostly being used as
a source to generate revenue. However, IoT devices face many issues in their
communication. Network security and data integrity are the major problems
faced by IoT network because the number of connected devices is increasing
day by day [3]. These networks also face the issue of a single point of fail-
ure [2] and are not secure because of a third party involvement. Making IoT
devices secure is a challenging task because the devices face the problem of
energy drain as security operations consume a large amount of energy [4]. The
security operations become difficult to proceed because of limited amount of
energy. Many researchers have highlighted many issues such as providing secu-
rity during data transmission [5], storage over the cloud [6], digital signature
and permission identification [7], [8] in different fields of life. IoT is integrated
with healthcare to collect data ubiquitously to provide in-time services to the
patients [9]. An efficient healthcare system needs ubiquitous computing to pro-
vide services and respond promptly. It also needs efficient management of data
and security features to maintain the patient’s data integrity. Moreover, cloud
technology is integrated with IoT healthcare systems [9] to efficiently manage
the data. Furthermore, IoT devices are the major source to produce a large
quantity of data, therefore, efficient storage systems are necessary to store this
data.
Data security issues are tackled through BlockChain (BC) to efficiently
maintain and secure data [10]. This technology is used in several fields like
IoT [11], smart networks for houses and cities [12], energy management through
automobiles [13], etc. BC leverages many other technologies to achieve secu-
rity, trust and immutability. The main feature of BC is decentralization where
each node holds a copy of ledger. Every block is broadcasted in the network
after transactions are stored in the block after the mining process. Ledger
stores the transaction when an interaction occurs between BC entities. This
transactional data maintained by the distributed ledger cannot be tampered as
every block contains the hash of previous block, making a chain like structure.
Moreover, each block contains the its hash, nonce, timestamp and Merkle root.
Trustful Data Trading through Monetizing 3
Each block is connected to another block through a chain. In our model, the
BC incentive mechanism consists of two steps: crypto-puzzle solving and in-
centive provisioning to a miner, who has solved the puzzle [14]. BC eliminates
the risks associated with a single point of failure and a third party [15] to
provide secure and cost effective solutions [16].
Smart contract functions associated with the BC are triggered when an
event occurs to perform verification [17]. The smart contracts ensure the con-
firmation of agreements between seller and buyer without the involvement of
any third party in a trustless environment [18]. Due to this features of smart
contracts, they are applied in many fields like IoT [19], fifth Generation (5G)
networks [20], Internet of Vehicles (IoVs) [21], courier delivery [22], etc. Due
to the security features of BC, it is applied in many non financial fields like
content delivery [23], decentralized storage [24] and key management [25]. How-
ever, BC comes up with the issues of storage and computational power of the
connected devices. These issues are handled by leveraging the features of BC
and IoT. This integration ensures trust, reduces the computational overhead
of IoT devices, provides cost-effective solutions and eliminates a single point of
failure issue. However, the integration lacks the integrity and security of data
transferred to another party because it is visible to all BC entities. Therefore,
many encryption mechanisms [25,26], and access control mechanisms [27] are
introduced to limit the access of data and to make it secure.
Table 1 Table of Abbreviations
Terms Abbreviations
ABI Application Binary Interface
AES Advanced Encryption Standard
ARX Addition Rotation XOR
BC BlockChain
DES Data Encryption Standard
DACs Distributed Autonomous Corporations
DAG Directed Acyclic Graph
IoTs Internet of Things
IoVs Internet of Vehicles
IPFS Interplanetry File System
MQTT Message Querring Telemetry Transport
PoW Proof of Work
PoD Proof of Delivery
P2P Peer to Peer
RPC Remote Procedure Call
RSA Rivest Shamir Adleman
WSN Wireless Sensor Network
The main aim of the paper is to make IoT’s data trading secure and trust-
worthy. To achieve our objective, BC is integrated with IoT to gain the advan-
tages of both technologies. Along with this, a review system is implemented to
acquire the experience of users who have used the data. In this way, new users
4 Zain et al.
can confidently use the data and can trust the data owner by analyzing the
reviews. The data is encrypted and stored in a Message Quering Telemetry
Transport (MQTT) broker because there is a threat of data being hacked by
the ordinary broker. Therefore, an arbitrator entity is added to handle disputes
between owners and users. Abbreviations used in the manuscript are provided
in Table 1.
Contributions
The main contributions of the proposed system are listed below.
–A reputation system based on BC is proposed for IoT data monetization.
–An incentive mechanism is used to motivate users to provide reviews
–The data security problem is tackled using Advanced Encryption Standard
(AES)-256 encryption scheme.
2 Related Work
This section discusses the existing studies regarding the BC and its applica-
tions in the IoT domain. The critical analysis of the existing works is also
provided.
2.1 Blockchain
BC is a decentralized storage of information that ensures the security of data. It
keeps the records of the sender’s and receiver’s transactions (cryptocurrencies
and bank transactions). In the beginning, researchers thought that it can only
be used for Bitcoin, other cryptocurrencies and money transfers. However, it is
also used in many other fields such as IoT, Wireless Sensor Networks (WSNs)
[28] and for many other business purposes. In [14], the rolling BC concept is
presented and authors use smart cars as WSN nodes. The reliability of the
network is analyzed through the number of nodes. A mathematical model is
provided to present the block and chain structure of the proposed BC. Authors
test the model for a different number of attacks and claim that the proposed
model remains stable. BC uses the Proof of Work (PoW) method to handle and
maintain a new group of interactions called a block. The miners in PoW solve
a cryptographic puzzle to add the block in a BC. This cryptographic puzzle is
very difficult to solve due to which miners join the mining pool to share the
difficulty and gain some profit. In [29], authors study the literature to choose
the block mining strategies. For the result of mining competition, authors
utilize propagation delay and hash rate for puzzle solving. They present a
model for the evolution based strategy of all separate miners as an evolutionary
game. Simulation results show that this model is suitable for the evolution of
mining strategies.
Trustful Data Trading through Monetizing 5
Interoperability is the main focus in the exchange of data in every field
like healthcare, internet of vehicles, etc. In [30], authors focus on two types of
interoperability, which are related to patients and medical institutes. Institu-
tion related interoperability includes the exchange of data based on business
and regulatory incentives. In this scenario, patients can see both their data
and with whom their data is being shared. Patient related interoperability
is patient driven, which bring challenges and security problems. The authors
use five mechanisms to show how BC technology is used in the exchange of
patient related data. In [31], BC networks and Metcalfes law for online social
media are used. The type of networks analyzed by the authors are Bitcoin,
Ethereum and dash networks. The price of currency and the number of users
that are engaged in transactions are used to model the value of the network.
The analyses show that these networks are modeled correctly using Metcalfes
Law. The model proposed by the authors determines the relationship between
the practicality and the number of users in the network.
Due to the increase in data and number of connections associated with the
IoT devices, current smart cities are facing issues of latency, bandwidth, secu-
rity and privacy [32]. To deal with the inefficiencies of the smart cities’ network,
efficient and scalable model is needed. In [12], authors integrate the networking
and BC concepts and propose a hybrid model for smart cities. The proposed
model consists of two parts: the main network and the supporting network.
The model owns the single point access along with decentralized features. This
architecture’s performance is ensured through the PoW mechanism. However,
the edge nodes are not deployed proficiently and caching techniques used for
the edge nodes are also not suitable for the proposed model.
The authors in [17] deal with the reuse of digital research data and ad-
dresses the issue of security concerns of the research community. This com-
munity is not willing to share its data because of security and privacy issues.
In [17], a flexible and secure BC system is proposed for the reuse of data.
In the proposed system, a person who wants to reuse the data will sign an
agreement with the data owner and the record is saved in BC. Furthermore,
trust and security of vehicular network are dependent on the management of
the network. In this perspective, authors in [33] consider a major problem of
trust for the validation of messages in a network. BC technology is adopted
to implement decentralization in vehicular networks. The model that is used
for the verification and validation of messages received by vehicles is Bayesian
inference. This model ranks the vehicles on the bases of messages sent and
received. PoW and proof of stake are used for consensus during the mining
process.
BC is also used for energy trading by different researchers. In [34], an energy
trading model is proposed in which each participant can act as a prosumer
with a surplus amount of energy. Microgrids are the major components of this
system model. Although the scenario is reverted to decentralization, yet there
is a risk of attack that needs to be catered in the future. In [35, 37], the main
problems of BC are highlighted such as storage and computational power of
nodes. The related work is summarized in Table 2.
6 Zain et al.
Table 2 Summary of Related Work
Type of Networks Problems Techniques Limitations
IoT and BC net-
works [12]
Storage and com-
putational power
Argon2 hashing
technique
Inefficient deploy-
ment of edge nodes
IoVs [13] Secure storage of
vehiclar network-
ing data
BC with differ-
ent functions is
designed
Increased traffic
among vehicles and
decreased chan-
nel’s reliability of
cellular network
Peer to Peer (P2P)
network [14]
Rolling BC using
mobile nodes
Two methods are
used to tackle en-
ergy efficiency
Network stability
is increasing attack
density
BC network and
Brooklyn micro-
grid network [15]
Secure trading of
the renewable en-
ergy
Chord algorithm No strategy to re-
sist attacks
Edge comput-
ing [16]
Increasing data on
edge devices
Green BC frame-
work for big data
exchange
Incomplete frame-
work design
BC network [17] Authorization of
digital reuse of
data
Data aggregation
and data liquidity
Presented smart
contract is not
deployed
P2P network [29] Difficulty of the
crypto-puzzle
Incentivized block
mining with PoW
Enhanced pool se-
lection is needed
P2P network [30] Data sharing Data aggregation
and data liquidity
BC to support clin-
ical transaction,
privacy and secu-
rity considerations
and incentivizing
interoperability
Bitcoin, Ethereum,
and Dash networks
[31]
Identifying net-
work value
Metcalfe’s Law More work needs to
be done using more
data as it becomes
available
BC network [33] Trust management
for vehicular net-
work
Bayesian inference
model
No assurance of the
trust management
and privacy preser-
vation
Device to device
cellular net-
work [37]
User access control BC consensus-
based scheme
Generalized non
cooperative sce-
nario for mobile
users
2.2 Blockchain in IoT
BC and IoT are leveraged in different studies to develop applications for hu-
man ease. Automation is achieved through the integration of BC and IoT for
commercial and daily life applications. Industries target secure and trustful
architectures to achieve their goals and provide adaptive systems. The single
point of failure is the major problem caused by centralization in traditional
IoT platforms. Accessibility, confidentiality and integrity issues are also im-
portant concerns related to BC and IoT integration. A single point of failure
is discussed by authors for semantic rule engine [38] and health based IoT
Trustful Data Trading through Monetizing 7
systems [39]. Above mentioned problems of security and integrity in smart
factories are highlighted by the authors in [40]. Structured BC of the type Di-
rected Acyclic Graph (DAG) is used with the PoW mechanism. This type of
BC works more efficiently for industrial IoT platforms. Data authority manage-
ment systems are used to ensure confidentiality and privacy for IoT systems.
However, in [40], authors do not handle the problems related to the sensor’s
data quality and storage. Single point of failure is problematic for traditional
storage systems. Moreover, the involvement of the third party leads to cost
consuming systems.
Authors in [41] present a BC based system called Sapphire. The object
storage device approach is used to create smart contracts, which act as a
communication medium between BC and IoT devices. To tackle the storage
problem of IoT devices and to manage the computational overhead, only the
important information is transferred. Only the results are provided to the
users and needed application functions are executed to save the computational
power in storage systems. However, the authors do not highlight and tackle
the scalability and security problems. To eliminate human involvement, IoT
devices and networks are used to perform human related tasks and operations.
To complete the desired tasks and operations, IoT network participants need
to communicate. To communicate with the network, share data and perform
tasks, every network participant needs authentication, which is necessary to
secure the system from malicious attacks. Centralized traditional authentica-
tion systems used for IoT are not secure and efficient. Authentication based on
the decentralization concept is done by the authors in [42]. Virtual zones are
used for authentication purposes and BC is used for its known features, such
as security. However, because of the virtual zones, a problem of computational
overhead has arisen, which is not tackled by the authors.
There is a rapid increase in devices connected to IoT networks because
of the demand for IoT applications. The increasing number of devices comes
up with huge security issues. Different studies are conducted to limit access
authority and to provide fine-grained access control mechanisms for security
purposes. In [43], authors present an IoT framework consisting of different
smart contracts for access control. Each contract defines the rules for the
request of data from the user’s side. Different smart contracts are concerned
with different access control methods to control the misbehavior of users and
service providers. Some rules for the access of services are defined and users
have to follow them. Otherwise, users will receive a penalty decision from the
smart contract. The authenticity of the access control framework is done with
the help of a case study. However, cost and computational overhead are not
calculated for a real-world scenario. Moreover, in [44], a secure BC based
mechanism is proposed to provide access control in resource-constrained IoT
networks. It provides authentic access while utilizing the properties of BC
and ensures secure communication between IoT devices. The authors in [45]
highlight a trending solution for social IoVs to assure trust in the network.
They state that by the use of permissionless BC, access to different entities
like roadside units, IPFS and clouds can be governed by smart contracts.
8 Zain et al.
BC is now contributing to reshape commercial and business applications.
Existing literature targets many issues related to the trading of assets among
several users, owners and third parties. In [46], authors highlight different
challenges related to trading in a marketplace. They develop a prototype that
presents BC based system for real world trading of assets. However, the trad-
ing of real world assets with transparency, accountability and security are the
major challenges. The BC based prototype minimizes the transaction irre-
versibility risk to achieve secure registrations and reliable history of records.
This prototype is used to trade vehicles among different parties. The imple-
mentation is done using object oriented software engineering approach. How-
ever, user’s trust and scalability are not ensured as it is a prototype based
BC system. Due to the advancement in the IoT, data is increasing on daily
basis. The data of IoT devices can be traded as assets and demands security
for exchange. Developing IoT data trading platforms is challenging because of
the security and privacy issues of data [47]. Furthermore, a central party is
needed to keep the track of transactions.
The authors in [48] discuss that integration of IoT and BC can provide
secure trading of data by providing data integrity and immutability. This
integration provides trust between users and owners of data. In [49], authors
review the problems regarding data storage in databoxes for the users to use
data according to their desires. Metadata is stored in databoxes. Using this
metadata, users can request their desired data. The IoT device data is needed
to be stored in databases from where users can access the data. There is a
threat regarding these databases, where data can be hacked or misused. To
securely trade and share IoT data, this data must be encrypted to save it
from being attacked. Information or data can be hacked during transmission
over the network or from the server. Encryption is an operation to shield
information and data from malicious attacks. Different encryption algorithms
are used for different security levels depending upon the system’s demands.
The authors in [50] analyze AES, Data Encryption Standard (DES), 3DES,
Rivest Shamir Adleman (RSA) and blowfish to compare them on the bases of
their strengths and weaknesses. They concluded on the bases of their results
that blowfish performance is best in terms of time and memory. AES performs
well when the system demands the integrity of the data. 3DES performance is
good in terms of network bandwidth. BC and IoT are leveraged to get the max-
imum advantages like security, storage and trustful communication along with
encryption mechanisms to secure data over the network. In [25, 27], authors
use different encryption techniques for BC based IoT platforms. Proxy re-
encryption and attribute based cryptosystem encryption techniques are used
to encrypt data and provide fine-grained access control. In [51], authors present
the BC based IoT design to eliminate the third party for secure data sharing.
Moreover, end-to-end data is encrypted to eliminate the access of data from
the third party. Data is encrypted using the AES encryption technique. How-
ever, the system is not implemented to represent the overhead on the actual
IoT system.
Trustful Data Trading through Monetizing 9
In [52], a permissioned BC based IoT system is presented for user’s iden-
tification and secure asset transactions. The identification key of any user is
encrypted and sent to the other user who wants to purchase its asset. Keys
are encrypted to ensure that any fraudulent user is not involved in our sys-
tem to transfer assets. In [53, 55], authors present the BC based IoT integrity
frameworks to eliminate frauds and malicious attacks regarding data transfer
between two authentic parties. As BC is concerned with security and authen-
tication to maintain data integrity. So, authors use encryption techniques like
Addition Rotation XOR (ARX) cipher and double encryption to encrypt data.
In [56], authors present the BC based data sharing and service provisioning
mechanisms in IoTs. Efficient IoT business models are necessary for the busi-
ness activities of today’s world. Traditional IoT E-Business models rely on the
third party for exchanging data and money. Moreover, these systems are not
able to cope with internal failures and external attacks. These systems are not
cost-effective and secure because they rely on a third party. In [57], the authors
present a business model for the IoT based business community to earn rev-
enue through data trading. This system introduces Distributed Autonomous
Corporations (DACs), which are helpful in trading assets and services. This is
an IoT and BC based system developed using smart contracts. It is a decen-
tralized system, which is resistant to security attacks. It eliminates the third
party and provides automated trustful transfer of payments. However, the au-
thors do not consider encryption of paid data and the system lacks integrity
of data. They do not ensure the quality of data and reputation of the data
owner due to which the system lacks trust between owner and users for data
trading.
2.3 Critical Analysis
BC is known for its major features such as security, privacy, immutability,
transparency, etc. Many researchers work to implement this technology in dif-
ferent domains to achieve trustful, scalable, secure and decentralized systems.
In [12], authors propose a hybrid distributed architecture for smart cities. The
authenticity of the proposed model is guaranteed using the PoW scheme. How-
ever, the system model lacks the efficient deployment of edge nodes. In [36],
authors present a framework to provide access control and secure data sharing
for artificial intelligence operations. Behaviourchain and Datachain are also
utilized for secure data sharing and access control. Any BC platform could
be used to develop the system, which shows the adaptability of the proposed
system. In [40], the BC system is proposed for industrial IoT to address the
issues of scalability, privacy and security for smart factory scenarios. PoW
mechanism, on the basis of credit approach, is proposed to increase the power
consumption for dishonest nodes. A data authority system is used to provide
data privacy along with considering the system’s performance. The proposed
solution provided for the smart factories is adaptive enough to be applied in
various IoT applications. In [42], authors aim to achieve security of the net-
10 Zain et al.
work, where devices can communicate in a completely secure manner. This
model is able to deal with requested security requirements and is resilient to-
wards security attacks. Authors claim that this approach is adaptable enough
to be applied in different IoT contexts and scenarios. Concluding remarks in-
clude that BC is an emerging domain and still needs improvements to be able
to achieve security and privacy requirements.
Comparison between proposed scenario and existing schemes is provided
in the Table 3.
Table 3 Comparison with Existing Work
References Reputa-
tion
Data
Qual-
ity
Data
Secu-
rity
Decentral-
ization
Incentive
Mecha-
nism
Identif-
ying
Fake
Re-
views
Dispute
Han-
dling
PoD of
digital
as-
sets [58]
7 7 7 3 3 7 3
IoT data
mon-
etiza-
tion [59]
7 7 7 3 7 7 7
Review
sys-
tem [60]
3 3 7 3 7 7 7
Proposed
Scenario
3 3 3 3 3 3 3
3 Problem Statement
Proof of Delivery (PoD) is an important aspect related to digital content,
especially that involves the exchange of payments. Traditional PoD systems are
centralized and are not secured because they rely on an external third entity.
In [58], the authors present a BC system based on PoD of digital assets using
smart contracts. However, there is no mechanism to ensure the reputation of
the digital content-owner and the quality of the content that are provided
to consumers. Hence, the system ignores the trust level maintenance between
users and owners. Moreover, the encryption of digital content is not considered
for the security of digital content.
The aims of service provisioning and generating revenue from IoT devices
face several challenging problems. In [59], authors describe a secure and cost
effective system. This system eliminates the ownership of single authority and
human intervention. The problems regarding IoT data trading are elaborated
as follows.
Trustful Data Trading through Monetizing 11
–Security: Previously, IoT data trading does not involve the trading princi-
ples designed by the device owner. The set of rules regarding data trading
are also not well structured.
–Cost Effectiveness: Development of an automatic system to earn revenue
to make a cost-effective system.
–Centralized Governance: In a network, the large number of devices con-
nected to a centralized governance creates a bottleneck. In case of failure
or attack, the system will crash and bear the worst outcomes.
Authors in [59] implement a decentralized BC system using smart contracts.
However, they do not highlight the problems of data quality and reliability of
IoT device owners. Data trading is more convenient when users fully trust the
data owner. Traditional IoT data trading systems lack a reputation system.
Reputation or review systems are needed to provide the previous record of
IoT data owners to data users. Trust maintenance between users and owners
is ignored in this study. Moreover, both users and owners do not consider any
encryption scheme to send encrypted data during transmission. Also, there is
no mechanism to handle conflicts and disputes among the buyers, sellers and
MQTT brokers. IoT devices for data sharing are facing a lot of security and
data integrity issues.
Conventional access management strategies are not able to deal with these
challenges because of their complex and noncredible access control manage-
ment. In [27], the authors present an attribute based scheme for BC and IoT
integration along with access control management. Secure communication is
ensured by encrypting session keys using the AES-128 encryption technique.
In [60], a review system is presented to provide guarantee and trust to data
users about the data they are willing to use. New users can trust the data
quality after fetching the stored reviews from BC. However, sometimes users
are not willing to provide reviews. So, an incentive mechanism is needed to
motivate the users to provide reviews. However, a problem of fake reviews is
identified in [60], which affects the system’s performance or manipulates the
reputation of the owner.
In this regard, to address the above-mentioned problems, a BC based solu-
tionis presented for automated review systems and monetization of IoT data.
The review system eliminates the trustlessness of data users about the data
quality and reputation of the data owner. This system ensures the reputation
of the IoT device owners. An automatic payment system is provided without
the interference of a third entity. A lightweight messaging protocol MQTT is
used for trustful communication between device owners and users. IoT device
owner sets the usage principles for device data. By taking motivation from [27],
an encryption technique is also applied in the proposed scenario. The owner
encrypts the data of an IoT device through AES-256 to achieve security and
then sends it to the MQTT broker. Interested users, who want to access IoT
data will have to be authorized. Smart contracts send the decryption key to the
user. In this way, BC provides security for the monetization of IoT data. An
incentive mechanism is provided to motivate users to provide reviews about
12 Zain et al.
data. The arbitrator is also added to handle disputes and conflicts between
owners and users.
4 Data Quality
In this paper, data quality refers to the evaluation of data through different
perspectives. When users and owners of data perform trading on the bases of
some policies, users expect that the data is real and will have the following
properties.
–Completeness: Data includes all the values and attributes expected by the
users.
–Accuracy: Data values are real, correct and accurate or calculated by as-
sumptions.
–Credibility: The data is appropriate and presenting the believability, which
it is supposed to present.
–Timeliness: Data is updated according to time.
–Integrity: Consistency and correctness of data are ensured during its life-
cycle.
5 The Proposed System Model
This study is an extension of the work done in [62]. This study is motivated
by the studies in [59,60] to present a BC based automated systems maintain-
ing reviews about data to gain the trust of data users. The smart contracts
associated with the system eliminate the risk of fraud and late deposits for
IoT monetization. An open source Ethereum BC system is used because it is
easily accessible by the users. This platform works as a virtual machine and
provides cryptocurrency payments. The proposed BC review system includes
IoT device owners, review system, smart contracts, arbitrator, users, IoT de-
vices and MQTT brokers [59]. In the beginning, the owner defines some sets
of rules for device data using Solidity language and creates a smart contract.
Data is encrypted by the owner using AES-256 encryption technique that is
more secure as compared to other encryption techniques [63]. BC maintains
the reviews about the data and reputation of the owner are provided by old
users. New users of the system can fetch the reviews and ratings about the
data from BC. Users’ interaction with the smart contract is necessary if they
want to access the desired data and reviews. Users analyze the reviews about
data they want to use to verify the quality of data. All the users have to pay
for data exchange and accessing the reviews about data.
As BC transaction execution requires excessive time and cost to fetch the
data, encrypted data is held by the MQTT broker. Data is accessed from the
broker with minimum computational cost. BC holds the metadata to achieve
security. The owner after encrypting the data sends it to the MQTT broker
for storage. Then owner sends the private key of the encrypted data to smart
Trustful Data Trading through Monetizing 13
contract. When a smart contract is triggered by any user, that user receives
the unique token. This token is also provided to the MQTT broker for authen-
tication when the user requests the data from the broker. IoT devices publish
their data onto the MQTT broker by making use of the MQTT protocol (as
shown in Figure 1). The cloud hosted with MQTT broker allows the lightweight
messaging between publisher and subscriber. MQTT protocol provides authen-
ticity, scalability and accessibility with low latency to all users. This protocol
is suitable for IoT devices because of their resource constrained environment.
MQTT broker collects the data from IoT devices related to some specific topic.
BC holds the metadata and its respective reviews. Interested users send the
subscription messages to subscribe the data. Users must have an initial de-
posit in their accounts to subscribe and access the data and reviews. Users
after analyzing the reviews and data can request the MQTT broker to provide
access to encrypted data. When user trigger the access function, the smart
contract checks whether the users have a proper subscription for data or not.
When users make an access request, the MQTT broker also receives the user’s
information, including its unique token. The broker then authenticates the
users by comparing the token received from the smart contract and the token
received from the users. When users invoke the access function, the MQTT
broker authenticates users through the contract and delivers the data to the
subscribed users. Then, the smart contract sends the private key to the user to
decrypt the data. MQTT broker is connected with the IoT devices and users
through MQTT’s Application Programming Interface (API). When users ac-
cess the data successfully, money is transferred from the users’ account to the
owners’ account. After using data, users provide reviews for the data and get
the reward.
To motivate users, an incentive mechanism is used to motivate the users to
provide reviews for the data. The owner of the system decides to add an arbi-
trator with some limited privileges. Arbitrator and owner create an agreement
including some rules and principles regarding tasks, incentive and honesty. The
arbitrator will become active for the specified tasks. The user, after download-
ing and decrypting the data, claims that there is a bug in the file. Arbitrator
along with the owner consensus downloads the same file on their system. If
there is a problem in the file, the arbitrator will report the owner, who trig-
gers the smart contract to refund the amount to the user. Fake reviews are
identified using the IBM analyzer, which identifies the tone and mood (anger,
disgust, sadness) of the users who register the reviews.
5.1 System Model Components
This section consists of a detailed discussion about the system model’s compo-
nents. In Ethereum BC, every participating entity holds the Ethereum address
for its identification. The smart contract’s interaction with all the entities is
described below.
14 Zain et al.
Heading
Heading
Heading
Heading
Heading
Heading
Review System for IoT Data Monetization
MQTT Broker
Owner Side
Ethereum Blockchain
Review System
User
MQTT Connection MQTT Connection
Request and Submit
Reviews
Device Owner
IoT Device
JS Services Request Data
Register
Modify
Search
Owner Defines Rules
Send Encrypted Data Send Encrypted Data
Decrypt Data
Provide Incentive on Submitting
Reviews
Encrypt Data
Arbitrator
Handle Disputes
Fig. 1 The Proposed Review System for Monetization
–Owner: Firstly, the owner creates the IoT device smart contract containing
terms and rules. The terms and rules include the rating for the topics
according to the information sensitivity and the topic length. As MQTT
broker is responsible to store data, so, rates are settled in an agreement
with the MQTT broker. Access time is also defined, which depends upon
the ethers present in the user’s account. The owner after encrypting data
sends it to the broker and private key to the smart contract. In the proposed
system, the user has to deposit money to the smart contract before making
any transaction. When a user receives the desired data, the deposit function
is triggered by the smart contract and the money is transferred from the
user’s account to the owner’s account.
–IoT Device Contract: It holds the main logic of the proposed system, which
comprises of the following postulates.
–Who will have to deposit money?
–Which specific actions require money to be present in the customer’s
account?
–For how much time users could make use of data?
Trustful Data Trading through Monetizing 15
–When user token will be sent to the MQTT broker?
–When users can access reviews and data?
–When money will be transferred to the owner’s account?
–MQTT Broker: The user, after analyzing the reviews, requests the data
from the MQTT broker. The broker after the request of the user, it au-
thenticates the user token and if it is found valid; the broker provides data
to the user.
–Review System: After the deployment of the contract, the user will choose
an account to write the reviews for the data being used. Smart contract
and javascript functions are called if the user is interested to access, write
or modify the reviews.
–User: It is the main entity, allowed to interact with the system to get the
desired output. Users can only perform the desired tasks, such as sub-
scribe, access data, submit a review, register and modify the review. The
decryption key is also provided to the user to decrypt the data after it is
downloaded.
–Arbitrator: It is added in the system to handle disputes and conflicts be-
tween user and owner of the data. An incentive is provided to the arbitrator
for dispute management. Some privileges are provided to the arbitrator for
data downloading by the owner.
6 Review System for IoT Data Monetization using Smart Contract
The working of the smart contract functions is elaborated in this section and
is shown in algorithm 1. Smart contract code is composed using the Solidity
language. The review system is developed to maintain the reputation of the
data owner. The proposed system keeps the reviews and ratings for the data
held in the MQTT broker. The users provide their experience and rating after
accessing the data. The working of the system model is shown in Figure 2.
–AddTopic(): Firstly, the owner of the device creates a smart contract using
the constructor of the IoTContract. The owner then initiates the registra-
tion process to register the broker and topics in the contract. AddTopic()
function is used by the owner to add new topics.
–Deposit(): Users deposit money to the contract using the Deposit() function
after accessing the data.
–Subscribe(): Proper subscription is needed by the user before accessing the
data.
–IsReviewExist(): This function is used by the users to know about the
existence of the review against the data they are willing to access. This
function returns null if the review does not exist.
–GetReviews(): After subscribing the data, the user triggers the GetReview()
to access the review for subscribed data. The data structure in which re-
views are saved as a string value is “dt −ratings”.
16 Zain et al.
Legends
1. Define Rules
5. Token and Key
6. Send User Token and Key
2. Add Data
8. Provide Access
10. Successful Download
12. Set Reviews
17. Payment Deposited
Device Owner
7. Access
11. Update Subscription
Encrypt IoT Data
Decrypt Data
IoT Device MQTT Broker
User Smart Contract
Owner Arbitrator
16. Provide Incentive
13. Handle Dispute
9. Data Content
3. Deposit Payment
4. Subscribe and Request
15. Provide Incentive
Fig. 2 The Proposed System Model for Providing Incentive and Solving Disputes.
–GetRatings(): Using this function, users can request the existing ratings
about the subscribed data. The data structure in which ratings are saved
as a string value is “dt −ratings”.
–Access(): Users are granted access to the subscribed data when the Ac-
cess() is triggered and all conditions are fulfilled. When the user triggers
this function, the smart contract validates for proper subscription and de-
posits money in user’s account. Then the user access the data according
to the usage time, which depends upon the number of ethers in the user’s
account. When an amount in the account is used, the user is disconnected
automatically. A separate token is granted to every user, which is also
Trustful Data Trading through Monetizing 17
provided to the MQTT broker for authentication. Each token is unique
because of the sequence of different variable values. These variables are the
owner and user address, topic identity and the number of times an access
request is sent.
–GetDataContent(): If a customer needs a copy of data instead of online
access, it can trigger this function to download the data off-chain. Cus-
tomers will receive the decryption key, so they can decrypt the data after
it is downloaded. Users must have enough balance in their accounts to
download the data.
–UpdateSubscription(): This function is triggered when the user is discon-
nected before the granted access time or the account balance is used. The
customer’s account ethers are abated depending upon the access time. After
the successful operation, money is transferred from the customer’s account
to the owner’s account.
–Refund(): This function is triggered when the user disconnects before the
granted access time and account money is not utilized. Another case to
refund the money is when the arbitrator finds that the user is provided
with the corrupted file.
–SetReviews(): After using data, users can register their reviews using this
function. Users is provided with an incentive for registering reviews. Review
registration and review added in the system are done by the users.
Algorithm 1: Review System for IoT Data Monetization
1Device owner creates smart contract using IoTContract ;
2Broker and topics are registered;
3New topics are added using AddTopic();
4User deposit money by Deposit();
5/*Rare reviews and Dis data*/;
6if (R→R)then
7User access Rusing GetReviews();
8User gets existing rating using GetRatings();
9if (User is subscribed and ethers are present) then
10 Access() allows user to access D;
11 if (Customer needs copy of D)then
12 GetDataContent() is triggered;
13 Dis downloaded offchain;
14 else
15 Online access is given to user;
16 end
17 User gives its Rusing SetReviews();
18 end
19 else
20 return null;
21 end
18 Zain et al.
6.1 Handling Fake Reviews and Disputes
The owner using the AddTopic() pushes data to the MQTT broker. Users after
using this data will provide reviews about the data that is stored in BC. When
users provide reviews about data, there is a probability that either reviews are
fake or biased. Fake reviews could be provided by any user or any competitor
party to destroy the reputation of the data owner. To tackle the issue of fake
reviews, a smart contract is created to make the system’s performance better
in case of negative reviews. The owner can block the fake users’ accounts after
their identification. We have used the Revain platform to filter out fake reviews
through the IBM Watson analyzer [64]. In this way, the system is made secure
and reliable from fake identities and reviews. The following steps are used to
identify the fake reviews (also shown in algorithm 2).
–IBM Watson analyzer is used to analyze the tone and mood (anger, disgust
and sadness) of users providing reviews. Moreover, neural network and data
mining techniques are used to check the quality of reviews. If the quality of
the reviews is not acceptable, they are rejected in the first step. Accepted
reviews are forwarded to the next step.
–The filtration process is performed to maintain authentic reviews for the
system while discarding others. Reviews are stored in BC ensuring their
immutability.
–Verification for the authenticity of reviews is provided using the Merkle
tree hash algorithm. A group of hashes is linked together to create a hash
to reach the root hash. To check the review’s mutability, only the root
hash is checked. If the root hash is altered, it means the review has been
changed. The private key of the customer is used to verify the authenticity
of the review.
–When reviews are saved in the BC, users will get an incentive for their time
and effort. Users who do not provide a review about data are not provided
with the incentive.
6.2 Dispute Solving
If users claim that they are unable to download the data provided by the
system, their claim is considered. On the other hand, if users download the
data and find that file is corrupt, they can report it to the owner. If any of the
case results in the user’s dissatisfaction. Therefore, the arbitrator will be active
in this case and request the user’s token from the owner to download the data
from the MQTT broker. The arbitrator will download the data to verify the
validity of the user’s claim. If the user’s claim is valid and the arbitrator finds
missing or corrupted data, Refund() will be invoked and ethers are refunded
to the user. If the arbitrator’s download is successful and data is complete
and accurate, the user’s claim is falsified and a successful transaction will take
place.
Trustful Data Trading through Monetizing 19
Algorithm 2: Handling Fake Reviews
1Data is pushed to MQTT broker using AddTopic();
2/*Rare reviews and Dis data*/;
3User provides Rabout D;
4Tone and Mode of a user are analyzed by IBM Watson analyzer;
5if (Tone and Mode are acceptable) then
6Quality of Ris checked using a neural network;
7if (Quality of Ris accpetable) then
8Rare incorporated;
9else
10 Rare discarded;
11 end
12 else
13 Rare discarded;
14 end
15 if (Merkle root hash == hash stored on BC) then
16 Rare verified;
17 else
18 Rare not verified;
19 end
20 All the users that provide true reviews get incentive;
7 Simulations Results and Discussion
The computational complexity of any transaction in Ethereum BC is ana-
lyzed by the amount of gas used during the transaction execution. Gas is of
fundamental importance and calculated through the gas units consumed for
transactional operation. When any request arrives, smart contracts are exe-
cuted and as a result, a transaction occurs. State of the BC is always modified,
when any transaction occurs. The cost and gas of any transaction are directly
proportional to the smart contract’s size and complexity. Sending data to BC
needs cost, which is named as transaction cost. The smart contract having
more lines of code will consume more gas to execute. Transaction cost of any
transaction is calculated using equation 1 [60].
T otalC ostGwei =GasUsed ×GasCost (1)
Equation 1 shows the total amount of gas consumed by the functions defined in
the smart contract. The price given in Gwei represents the gas cost. For the cost
of smart contract functions, we have taken the default unit price of 10 Gwei.
Different amount of gas is consumed by every function in the smart contract.
Costs of smart contract functions for the proposed system are given in Table
4. The cost is too much high, the reason is that the mining fee in the BC is
very high. It is due to the reason of demand and supply, the miners validate
transactions of a block after every ten minutes. And when the transactions
that have to be validated exceeds the block size (1 MB) then miners choose
those transactions that can reward them with higher transaction fees. [61].
HTML code is used to connect the javascript code with the web interface.
Application Binary Interface (ABI) and bytecode value are belonged to the
20 Zain et al.
Table 4 The Cost of Smart Contract Functions
Functions Gas Used (Gwei) Cost (Ethers) Cost (USD)
TopicAdded() 92091 0.00092091 0.15103
Deposit() 23663 0.00023663 0.03880732
Subscribe() 13145 0.00131452 0.21558128
Access() 70000 0.0007 0.1148
GetReviews() 24476 0.00024476 0.04014064
GetDataContent() 23115 0.00023115 0.0379086
Refund() 18352 0.00018352 0.03009728
SetReviews() 59362 0.00059362 0.0973537
javascript code. Mining servers and smart contracts communicate through the
Web3 API. To execute the transaction requested by the user, the Javascript
functions call the functions defined in the smart contracts. Javascript func-
tions receive the input when any interaction occurs between the user and the
web interface. After successful block mining, the output is displayed on the
web interface. For the proposed system, the geth interface uses the Remote
Procedure Call (RPC) protocol to run the mining server. HTML and CSS are
used to design web pages and Node.js is used to connect web pages with the
web browser. The transaction cost used when IoT device owner triggers the
AddTopic() is $0.15103. When topics are added to the MQTT broker, users
can subscribe to the topics of their interest. The Subscribe() consumes the
gas of $0.21558128. To deposit ether, Deposit() is triggered, which consumes
the gas of $0.03880732. After the deposit, the user can submit the review
and data access request. The resulting transactions need the cost of $0.1148
and $0.04014064, respectively. Afterward, users are allowed to download data,
if they want. When GetDataContent() is executed, it consumes the gas of
$0.0379086. If the user invokes the Refund() or SetReview() functions, these
operations will require the cost of $0.03009728 and $0.09735368, respectively.
To analyze the gas consumption of our smart contract functions, we have
performed simulations. We have made comparison on the bases of two types of
costs as discussed above; for smart contract’s functions. Figure 3 presents the
results of four functions: Subscribe(),AddTopic(),Deposit() and GetReviews().
The execution and transaction costs incurred by the subscribe() are the highest
among other functions. Before subscribing the topic, users must have money in
their accounts. When users subscribe the topic, their information is stored in
the BC to avoid any misuse from user’s side. If both conditions are valid, then
users can subscribe for a topic. Subscribe() holds the major logic of the smart
contract. User authentication is also done through subscribe(). Due to these
reasons, this operation has more cost. AddTopic(),Deposit() and GetReviews()
functions’ cost depends upon length of data, amount of money and function
logic.
Figure 4 shows the results for gas consumption when the user wants to
access data, register reviews, refund money and get data. The execution and
transaction costs incurred by the access function are the highest among other
functions. When Access() is triggered, the smart contract checks the condition
Trustful Data Trading through Monetizing 21
Dep osit Subsc ri be Ad d To pi c Get Revi ew s
0
20000
40000
60000
80000
100000
120000
Gas Consu mp ti on
Exe cut ion Gas
Tra nsa ct io n Ga s
Fig. 3 Gas Consumption for Smart Contract Functions
Acc ess Get Dat a Set Revi ew s Refu nd
0
10000
20000
30000
40000
50000
60000
70000
Gas Consu mp ti on
Execut ion Gas
Tra nsa ct ion Gas
Fig. 4 Gas Consumption for Smart Contract Functions
of proper subscription; either it is true or not. The smart contract provides
unique tokens to the users. When users make other transactions, these tokens
are used for authentication. The cost of GetDataContent() is related to the size
of data and SetReview() cost depends upon the review string length. Refund()
cost depends upon the money refunded from contract to user. These functions
incur different costs and gas consumption depending upon their inputs and
outputs.
In Figure 5, the results are shown for the user interaction to deposit money,
access ratings and checking the review existence. This figure also presents the
gas consumption when the smart contract is triggered to update subscription
time. For the detailed overview of the transaction and execution of gas con-
sumption, Ethereum yellow paper is referred [65]. Figure 6 shows that the
amount of gas consumed for different lengths of review string. It also depicts
22 Zain et al.
Get Rat ing s Upd at e Get Dep osit Re vie wEx ist
0
5000
10000
15000
20000
Gas Consu mp ti on
Execut ion Gas
Tra nsa ct ion Gas
Fig. 5 Gas Consumption for Smart Contract Functions
that when review string length is increased, gas consumption is also increased.
When the length of the review string is 32 characters, 3200 Gwei gas is con-
sumed because gas consumption increases directly with the increase in string
length.
In Figure 7, mining time is presented against different string input lengths.
It shows that the length of the review and time required for mining are not
related to each other. At maximum and minimum string input lengths, the
time required for mining has different behavior. The time required for mining
is greater and it is less for smaller string input lengths. It is concluded that
mining time is not dependent on the string input length; however, it is related
to the condition of the network and the choice of the miner. The transaction of
detailed review registration has more gas consumption due to the reason that
all the details are sent to the smart contract. Most of the network resources like
bandwidth and energy are consumed while sending data to the smart contract.
Figure 8 shows the encryption and decryption time for Affine Cipher, AES-
128, AES-256 and 3DES, the encryption time for these techniques is 17.16 ms,
8.68 ms, 10.77 ms and 15.7 ms, respectively. 3DES has gained the highest
execution time to encrypt and decrypt data. AES-128 is fast and consumed
the minimum time as compared to other encryption techniques. AES is a
symmetric block cipher algorithm (the same key is used for encryption and
decryption), having a size of block with 128 bits. The algorithm uses the
key lengths of 128, 192 and 256-bits. Ciphertext and plaintext are generated
through 14 rounds for a 256-bit key and 10 rounds for a 128-bit key. The array
of bytes are arranged in a 4*4 order matrix, named as a state. Columns and
rows are filled up with the data bytes and in all rounds, four transformations
are performed to convert plaintext into ciphertext. Encryption and decryption
times mainly depend upon the key size, plaintext, block size and mode of
transformation. AES-256 has a good impact on the performance of the system
in terms of security. It uses a 256-bit key to encrypt data. It is fast and
Trustful Data Trading through Monetizing 23
String Length as Trx Input Value
43 820 37
60,000
80,000
100,000
120,000
140,000
Gas Amount
Fig. 6 Gas Consumption for String Input Length
Fig. 7 Mining Time For String Input Length
secure because the hacker needs 2256 combinations to break the encrypted
message. There is a tradeoff between execution time and the security level of
the encryption techniques. We have analyzed the encryption and decryption
time of the aforementioned techniques. We need a secure technique, that is
why AES-256 is selected for our scenario.
The execution time for AES-128 encryption and decryption is less than
AES-256 because of the 128-bit key length. Affine cipher has taken more time
than AES-256 and AES-128 because it is slow in the encryption and the de-
cryption of the data. It comprises two elements of keys and encrypts them
by first multiplying one part of the key with plaintext and then adding the
24 Zain et al.
second part to it. On the other hand, performance of 3DES is very low and
has taken more time for encryption and decryption as compared to the other
techniques. 3DES is the type of DES, which converts and breaks the message
into blocks of 64 bits. 3DES takes more time as compared to DES because it
is expanded to three more different keys. It takes more time because it uses
three step encryption process. It is not secure because it is not resistant to
brute force attacks. In addition the owner sends the decryption key to the
smart contract instead of storing it in the block, which in return is sent to the
user for decryption.
Fig. 8 Encryption and Decryption Time
8 Security Analysis
The smart contract is a self-executing script that ensures the agreement be-
tween the unknown entities without the involvement of any third party. It
shows that smart contracts play an important role in the operateability of the
BC network [66]. Moreover, the code in the smart contract can not be modi-
fied. If it is written having vulnerabilities and errors, the overall performance
of the network is badly affected. A well known attack, named as decentralized
autonomous organization was performed on the Ethereum network in June
2016, which results in the loss of 3.6 million ethers [67]. Therefore, consid-
erable attention should be given to smart contracts for their inspection to
remove vulnerabilities and to make them suitable for the proposed model or
network. We perform security analysis of our smart contracts using an open-
source analysis tool, known as Oyente. The purpose of Oyente is to identify
and remove vulnerabilities in the smart contract and to make it bug-free, which
results in mitigation of risks [68]. Figure 9 shows the vulnerabilities report of
our smart contracts. It is depicted that all the results are “false”, which shows
that our contract is secured against all possible vulnerabilities and attacks. All
the possible attacks and vulnerabilities are explained as follows.
Trustful Data Trading through Monetizing 25
8.1 Time Dependency
This attack is performed by miners. Every block in the BC is generated with a
timestamp. The timestamp indicates the time of generation of any particular
block. The attacker miner attacks the block and tries to change its timestamp
for its interest. This attack can not be performed in our smart contract because
the PoW consensus algorithm is used in our system model. When any attacker
miner tries to change the timestamp of any of the block, this timestamp must
be validated by other nodes in our BC network. Moreover, a local copy of
the ledger is present at every miner node, any change is quickly identified in
the network. It is the reason that the time dependency attacks can not be
performed in our smart contracts.
Review.sol
Arbitration.sol
Fig. 9 Security Analysis by Oyente
8.2 Concurrency Bug
The concurrency bug is a synchronization issue that occurs when two or more
functions of the smart contract are called or triggered at the same time [69].
This results in an undesired outcome that affects the overall performance of
the BC network. This bug is not present in our smart contracts as shown
in figure 9. The reason is that all the functions in our smart contracts are
triggered one after another and therefore, there is no chance of concurrency
bugs in our BC network.
8.3 Reentrancy Bug
The reentrancy attack is one of the most common attacks in smart contracts.
In this attack, the attacker node calls an adversary or faulty function again and
26 Zain et al.
again in a recursive manner. So, only this function is called and other functions
are failed to execute. This affects the performance of the smart contract, which
ultimately results in deadlock in the BC network.
8.4 Call Stack Attack
In this type of attack, a contract is prepared by an adversary. This contract
calls itself, again and again, such that the call limit reaches. In this way,
another smart contract can not be called, this attack is known as a call stack
attack. The security analysis of our smart contract shows that an adversary
can not perform such an attack in our smart contract.
9 Conclusion and Future Work
In this paper, a review system based on BC for IoT data trading is presented.
The proposed system maintains reviews, ensures the reliability of data qual-
ity as well as the reputation of the device owner. Data integrity is ensured
by providing metadata and reviews about the data. The system is secured
from malicious behavior of any BC entity because reviews are visible to every-
one. Trustful automated payments are guaranteed through the smart contract.
Data stored in the MQTT broker is made secure through the AES-256 en-
cryption technique. The encryption time for Affine Cipher and 3DES is 17.16
ms and 15.7 ms, respectively. There is a tradeoff between encryption time and
security level of AES-128 and AES-256. We have selected the AES-256 encryp-
tion technique for our scenario because of the security level concerns of the
system. Fake reviews are filtered out using IBM Watson Analyzer. Moreover,
the arbitrator is added to the system to handle conflicts and disputes in the
system. An incentive is provided to users after providing reviews for the data
because of their time, effort and honesty. One issue with the proposed system
model is that IoT devices operate in hostile and resource constrained environ-
ments and are deployed in remote areas. It is the reason that the IoT devices
can not perform efficient communication, which affects the performance of the
network.
In the future, we will make use of cross-chain technology to ensure efficient
communication between IoT devices. Moreover, we will develop a system to
identify fake comments from different datasets such as Amazon, eBay and
different movie datasets. We aim to provide a comparison between different
feature selection methods and sentiment classification algorithms for detecting
fake reviews to tackle the manipulation and collusion issues. Furthermore, to
solve the issue of high mining cost, we will propose an incentive mechanism
for miners in which the availability of a large number of miners is ensured,
which results in less fee of the mining process.
Trustful Data Trading through Monetizing 27
Data Availability Statement
The data that support the findings of this study are available on request from
the corresponding authors.
Author Contributions
Ahmad Almogren and Ayman Radwan have implemented and written the
section, “security analysis”. They also contributed in reviewing the whole
manuscript. Zain Abubakar and Asad Ullah Khan conducted the Compari-
son between proposed scenario and existing schemes, which is provided in the
Table 3. And wrote Algorithm 1: Review System for IoT Data Monetization.
They also contributed in reviewing the whole manuscript. Shahid Abbas and
Asad Ullah Khan re-designed the “Proposed Review System for Monetiza-
tion” (Fig. 1). Atia Javaid implemented the blockchain system. All work is
done under the supervision of Nadeem Javaid.
Acknowledgement
This work is supported by King Saud University, Riyadh, Saudi Arabia, through
Researchers Supporting Project number RSP-2021/184. The work of author
Ayman Radwan is supported by FCT / MEC through Programa Opera-
cional Regional do Centro and by the European Union through the Euro-
pean Social Fund (ESF) under Investigador FCT Grant (5G-AHEAD IF/FCT-
IF/01393/2015/CP1310/CT0002).
References
1. Talha Naeem Qureshi, Nadeem Javaid, Almogren, Ahmad, Asad Ullah Khan, Hisham
Almajed, and Irfan Mohiuddin, 2021. An adaptive enhanced differential evolution
strategies for topology robustness in internet of things. International Journal of Web
and Grid Services.
2. Perera, C., Zaslavsky, A., Christen, P. and Georgakopoulos, D., 2014. Sensing as a ser-
vice model for smart cities supported by internet of things. Transactions on Emerging
Telecommunications Technologies, 25(1), pp.81-93.
3. Talha Naeem Qureshi, Nadeem Javaid, Ahmad Almogren, Zain Abubaker, Hisham
Almajed, Irfan Mohiuddin, 2021. Attack resistance based topology robustness of scale-
free internet of things for smart cities. International Journal of Web and Grid Services.
4. Xie, R., He, C., Xie, D., Gao, C. and Zhang, X., 2018. A secure ciphertext retrieval
scheme against insider kgas for mobile devices in cloud storage. Security and Commu-
nication Networks. pp.1-7, doi: 10.1155/2018/7254305.
5. Fan, L., Lei, X., Yang, N., Duong, T.Q. and Karagiannidis, G.K., 2016. Secure multiple
amplify-and-forward relaying with cochannel interference. IEEE Journal of Selected
Topics in Signal Processing, 10(8), pp.1494-1505.
6. Shen, J., Gui, Z., Ji, S., Shen, J., Tan, H. and Tang, Y., 2018. Cloud-aided lightweight
certificateless authentication protocol with anonymity for wireless body area networks.
Journal of Network and Computer Applications, 106, pp.117-123.
28 Zain et al.
7. Tao, M., Ota, K., Dong, M. and Qian, Z., 2018. AccessAuth: Capacity-aware security
access authentication in federated-IoT-enabled V2G networks. Journal of Parallel and
Distributed Computing, 118, pp.107-117.
8. Chen, J., He, K., Yuan, Q., Xue, G., Du, R. and Wang, L., 2016. Batch identification
game model for invalid signatures in wireless mobile networks. IEEE Transactions on
Mobile Computing, 16(6), pp.1530-1543.
9. Xu, B., Da Xu, L., Cai, H., Xie, C., Hu, J. and Bu, F., 2014. Ubiquitous data access-
ing method in IoT-based information system for emergency medical services. IEEE
Transactions on Industrial informatics, 10(2), pp.1578-1586.
10. Jiang, L., Da Xu, L., Cai, H., Jiang, Z., Bu, F. and Xu, B., 2014. An IoT-oriented
data storage framework in cloud computing platform. IEEE Transactions on Industrial
Informatics, 10(2), pp.1443-1451.
11. Yu, B., Wright, J., Nepal, S., Zhu, L., Liu, J. and Ranjan, R., 2018. IoTChain: Es-
tablishing trust in the internet of things ecosystem using blockchain. IEEE Cloud
Computing, 5(4), pp.12-23.
12. Sharma, Kumar, P., Park ,J.H., 2018. Blockchain based hybrid network architecture
for the smart city. Future Generation Computer Systems, pp.650-655.
13. Jiang, T., Fang, H., Wang, H, 2018. Blockchain-based Internet of vehicles: distributed
network architecture and performance analysis. IEEE Internet of Things Journal, 6(3),
pp.4640-4649.
14. Kushch, S., Francisco, P.C., 2018. A rolling blockchain for a dynamic WSNs in a smart
city. arXiv preprint arXiv, 1806–11399.
15. Rahmadika, S., Ramdania, D.R., Harika, M, 2018. Security analysis on the decentral-
ized energy trading system using blockchain technology. Jurnal Online Informatika,
(1), pp.44–47.
16. Zhang, G., Tong, L., Yong, L., Pan, H., Depeng, J, 2018. Blockchain based data sharing
system for AI powered network operations. Journal of Communications and Informa-
tion Networks, (3), pp.1–8.
17. Pnescu, Tudor, A., Manta, V, 2018. Smart contracts for research data rights manage-
ment over the ethereum blockchain network. Science and Technology Libraries, (18),
pp.235-245.
18. Sultana, T., Almogren, A., Akbar, M., Zuair, M., Ullah, I. and Javaid, N., 2020. Data
sharing system integrating access control mechanism using blockchain-based smart
contracts for IoT devices. Applied Sciences, 10(2), p.488.
19. Lone, A.H. and Naaz, R., 2021. Applicability of Blockchain smart contracts in secur-
ing Internet and IoT: a systematic literature review. Computer Science Review, 39,
p.100360.
20. Mafakheri, B., Heider-Aviet, A., Riggio, R. and Goratti, L., 2021. Smart contracts
in the 5G roaming architecture: the fusion of blockchain with 5G networks. IEEE
Communications Magazine, 59(3), pp.77-83.
21. Das, D., Banerjee, S., Ghosh, U., Biswas, U. and Bashir, A.K., 2021. A decentralized
vehicle anti-theft system using Blockchain and smart contracts. Peer-to-Peer Network-
ing and Applications, pp.1-14.
22. Tallyn, E., Revans, J., Morgan, E., Fisken, K. and Murray-Rust, D., 2021. Enacting
the last mile: experiences of smart contracts in courier deliveries. In Proceedings of the
2021 CHI Conference on Human Factors in Computing Systems, 1-14.
23. Huang, J., Kong, L., Chen, G., Wu, M.Y., Liu, X. and Zeng, P., 2019. Towards se-
cure industrial IoT: blockchain system with credit based consensus mechanism. IEEE
Transactions on Industrial Informatics, 15(6), pp.3680-3689.
24. Xu, Q., Aung, K.M.M., Zhu, Y. and Yong, K.L., 2018. A blockchain-based storage
system for data analytics in the internet of things. In New Advances in the Internet of
Things, pp. 119-138. Springer, Cham.
25. Manzoor, A., Liyanage, M., Braeken, A., Kanhere, S.S. and Ylianttila, M., 2018.
Blockchain based Proxy Re-Encryption Scheme for Secure IoT Data Sharing. arXiv
preprint arXiv, pp.1811.02276.
26. Zhang, Y., He, D. and Choo, K.K.R., 2018. BaDS: Blockchain based architecture for
data sharing with ABS and CP-ABE in IoT. Wireless Communications and Mobile
Computing, pp.1-9, doi: 10.1155/2018/2783658.
Trustful Data Trading through Monetizing 29
27. Ding, S., Cao, J., Li, C., Fan, K. and Li, H., 2019. A Novel Attribute-Based Access
Control Scheme Using Blockchain for IoT. IEEE Access, 7, pp.38431-38441.
28. Awais, M., Ali, I., Alghamdi, T.A., Ramzan, M., Tahir, M., Akbar, M. and Javaid, N.,
2020. Towards void hole alleviation: Enhanced geographic and opportunistic routing
protocols in harsh underwater WSNS. IEEE Access, 8, pp.96592-96605.
29. Liu, Xiaojun, Wang, W., Niyato,D., Zhao, N., Wang, P, 2018. Evolution-
ary game for mining pool selection in blockchain networks. IEEE Wireless
Communications,(5),pp.760–763.
30. Gordon, William J., Catalini, C, 2018. Blockchain technology for healthcare: facili-
tating the transition to patient-driven interoperability. Computational and structural
biotechnology journal, (16), pp.224–230.
31. Alabi, K, 2018. Digital blockchain networks appear to be following Metcalfes Law.
Electronic Commerce Research and Applications, pp.23–29.
32. Mahmood, D., Javaid, N., Ahmed, G., Khan, S. and Monteiro, V., 2021. A review
on optimization strategies integrating renewable energy sources focusing uncertainty
factorPaving path to eco-friendly smart cities. Sustainable Computing: Informatics and
Systems, 30, p.100559.
33. Yang, Zhe,Yang, K., Lei, L., Zheng, K., Leung, V.C ,2018. Blockchain-based decentral-
ized trust management in vehicular networks.IEEE Internet of Things Journal, 6(2),
pp.1495-1505.
34. Rahmadika, S., Ramdania, D.R. and Harika, M., 2018. Security Analysis on the De-
centralized Energy Trading System Using Blockchain Technology. Jurnal Online Infor-
matika, 3(1), pp.44-47.
35. Xu, C., Wang, K., Li, P., Guo, S., Luo, J., Ye, B. and Guo, M., 2018. Making big data
open in edges: A resource-efficient blockchain-based approach. IEEE Transactions on
Parallel and Distributed Systems, 30(4), pp.870-882.
36. Zhang, G., Li, T., Li, Y., Hui, P. and Jin, D., 2018. Blockchain-based data sharing
system for ai-powered network operations. Journal of Communications and Information
Networks, 3(3), pp.1-8.
37. Lin, D. and Tang, Y., 2018. Blockchain Consensus Based User Access Strategies in
D2D Networks for Data-Intensive Applications. IEEE Access, 6, pp.72683-72690.
38. El Kaed, C., Khan, I., Van Den Berg, A., Hossayni, H. and Saint-Marcel, C., 2017.
SRE: semantic rules engine for the industrial Internet-of-Things gateways. IEEE Trans-
actions on Industrial Informatics, 14(2), pp.715-724.
39. Hossain, M.S. and Muhammad, G., 2016. Cloud-assisted industrial internet of things
(iiot)enabled framework for health monitoring. Computer Networks, 101, pp.192-202.
40. Huang, J., Kong, L., Chen, G., Wu, M.Y., Liu, X. and Zeng, P., 2019. Towards Secure
Industrial IoT: Blockchain System with Credit-Based Consensus Mechanism. IEEE
Transactions on Industrial Informatics, 15(6), pp.3680-3689.
41. Xu, Q., Aung, K.M.M., Zhu, Y. and Yong, K.L., 2018. A blockchain-based storage
system for data analytics in the internet of things. In New Advances in the Internet of
Things (pp. 119-138). Springer, Cham.
42. Hammi, M.T., Hammi, B., Bellot, P. and Serhrouchni, A., 2018. Bubbles of Trust: A
decentralized blockchain-based authentication system for IoT. Computers and Security,
78, pp.126-142.
43. Zhang, Y., Kasahara, S., Shen, Y., Jiang, X. and Wan, J., 2018. Smart contract-
based access control for the internet of things. IEEE Internet of Things Journal, 6(2),
pp.1594-1605.
44. Ourad, A.Z., Belgacem, B. and Salah, K., 2018, June. Using blockchain for IOT access
control and authentication management. In International Conference on Internet of
Things (pp. 150-164). Springer, Cham.
45. Iqbal, R., Butt, T.A., Afzaal, M. and Salah, K., 2019. Trust management in social
internet of vehicles: factors, challenges, blockchain, and fog solutions. International
Journal of Distributed Sensor Networks, 15(1), p.1550147719825820.
46. Notheisen, B., Cholewa, J.B. and Shanmugam, A.P., 2017. Trading real-world assets
on blockchain. Business and Information Systems Engineering, 59(6), pp.425-440.
47. Sadiq, A., Javed, M.U., Khalid, R., Almogren, A., Shafiq, M. and Javaid, N., 2020.
Blockchain Based Data and Energy Trading in Internet of Electric Vehicles. IEEE
Access, 9, pp.7000-7020.
30 Zain et al.
48. Yu, B., Wright, J., Nepal, S., Zhu, L., Liu, J. and Ranjan, R., 2018. IoTChain: Es-
tablishing trust in the internet of things ecosystem using blockchain. IEEE Cloud
Computing, 5(4), pp.12-23.
49. Perera, C., Wakenshaw, S.Y., Baarslag, T., Haddadi, H., Bandara, A.K., Mortier,
R., Crabtree, A., Ng, I.C., McAuley, D. and Crowcroft, J., 2017. Valorising the IoT
databox: creating value for everyone. Transactions on Emerging Telecommunications
Technologies, 28(1), doi: https://doi.org/10.1002/ett.3125.
50. Wahid, M.N.A., Ali, A., Esparham, B. and Marwan, M., 2018. A Comparison of Cryp-
tographic Algorithms: DES, 3DES, AES, RSA and Blowfish for Guessing Attacks Pre-
vention. J Comp Sci Appl Inform Technol, 3(2), pp.1-7.
51. Rahulamathavan, Y., Phan, R.C.W., Rajarajan, M., Misra, S. and Kondoz,
A., 2017, December. Privacy-preserving blockchain based IoT ecosystem us-
ing attribute-based encryption. In 2017 IEEE International Conference on Ad-
vanced Networks and Telecommunications Systems (ANTS) (pp. 1-6). IEEE, DOI:
10.1109/ANTS.2017.8384164.
52. Shafagh, H., Burkhalter, L., Hithnawi, A. and Duquennoy, S., 2017, November.
Towards blockchain-based auditable storage and sharing of iot data. In Proceed-
ings of the 2017 on Cloud Computing Security Workshop (pp. 45-50). ACM, DOI:
10.1145/3140649.3140656
53. Kravitz, D.W. and Cooper, J., 2017, June. Securing user identity and transactions sym-
biotically: IoT meets blockchain. In 2017 Global Internet of Things Summit (GIoTS)
(pp. 1-6). IEEE, DOI: 10.1109/GIOTS.2017.8016280.
54. Liu, B., Yu, X.L., Chen, S., Xu, X. and Zhu, L., 2017, June. Blockchain based data
integrity service framework for IoT data. In 2017 IEEE International Conference on
Web Services (ICWS) (pp. 468-475). IEEE.
55. Dwivedi, A.D., Srivastava, G., Dhar, S. and Singh, R., 2019. A decentral-
ized privacy-preserving healthcare blockchain for iot. Sensors, 19(2), pp.1-17,
doi:10.3390/s19020326.
56. Samuel, O., Javaid, N., M.A., Ahmed, Z., Imran, M. and Guizani, M., 2019. A
Blockchain Model for Fair Data Sharing in Deregulated Smart Grids. In 2019 IEEE
Global Communications Conference: Communication and Information Systems Secu-
rity, USA (pp. 1-7), DOI: 10.1109/GLOBECOM38437.2019.9013372.
57. Zhang, Y. and Wen, J., 2017. The IoT electric business model: Using blockchain tech-
nology for the internet of things. Peer-to-Peer Networking and Applications, 10(4),
pp.983-994.
58. Hasan, H.R. and Salah, K., 2018. Proof of delivery of digital assets using blockchain
and smart contracts. IEEE Access, 6, pp.65439-65448.
59. Suliman, A., Husain, Z., Abououf, M., Alblooshi, M. and Salah, K., 2018. Monetization
of IoT data using smart contracts. IET Networks, 8(1), pp.32-37.
60. Park, J.S., Youn, T.Y., Kim, H.B., Rhee, K.H. and Shin, S.U., 2018. Smart
contract-based review system for an IoT data marketplace. Sensors, 18(10), p.1-16,
doi:10.3390/s18103577.
61. https://support.bitpay.com/hc/en-us/articles/115004439366-Why-is-my-
recommended-bitcoin-miner-fee-so-high, Last accessed 31 July, 2021.
62. Atia Javaid, M.Z., Ali, I., Khan, R.J.U.H., Noshad, Z. and Javaid, N., Reputation
System for IoT Data Monetization using Blockchain. In International Conference on
Broadband and Wireless Computing, Communication and Applications, pp. 173-184.
Springer, Cham, 2019.
63. Fakhri, D. and Mutijarsa, K., 2018, October. Secure IoT Communication using
Blockchain Technology. In 2018 International Symposium on Electronics and Smart
Devices (ISESD) (pp. 1-6). IEEE, OI: 10.1109/ISESD.2018.8605485.
64. Muriki, S.T., 2019. Online reviews immutability tool using blockchain technology.
[Online]. Available: http://hdl.handle.net/10211.3/207664. (Accessed on: January 16,
2020).
65. Wood, G., 2014. Ethereum: A secure decentralised generalised transaction ledger.
Ethereum project yellow paper, 151(2014), pp.1-32.
66. Almadhoun, R., Kadadha, M., Alhemeiri, M., Alshehhi, M. and Salah, K., 2018, Octo-
ber. A user authentication scheme of IoT devices using blockchain-enabled fog nodes. In
Trustful Data Trading through Monetizing 31
2018 IEEE/ACS 15th international conference on computer systems and applications
(AICCSA) (pp. 1-8). IEEE.
67. Hasan, H.R. and Salah, K., 2018. Proof of delivery of digital assets using
blockchain and smart contracts. IEEE Access, 6, pp.65439-65448, DOI: 10.1109/AC-
CESS.2018.2876971.
68. https://oyente.tech/, , Last accessed 31 July, 2021.
69. Wan, Z., Lo, D., Xia, X. and Cai, L., 2017, May. Bug characteristics in blockchain sys-
tems: a large-scale empirical study. In 2017 IEEE/ACM 14th International Conference
on Mining Software Repositories (MSR) (pp. 413-424). IEEE.
