Decentralized PKI Framework for Data Integrity in Spatial Crowdsourcing Drone Services
Junaid Akram, Ali Anaissi
TL;DR
This paper tackles the vulnerability of centralized PKI in spatial crowdsourcing with IoDT by proposing D2XChain, a blockchain-based PKI framework that decentralizes certificate authority functions through a Proof-of-Service consensus on a private Ethereum network. It preserves X.509 interoperability while automating certificate lifecycle operations via smart contracts, and includes formal security verification with Verifpal plus a smart contract vulnerability audit. The evaluation demonstrates feasible latency, scalable throughput with multiple service validators, and favorable cost metrics compared to traditional PKI, validating practicality for real-time IoDT deployments. Overall, D2XChain advances secure, transparent, and resilient drone communications in critical applications such as environmental monitoring and bushfire management, and points to future enhancements in ledger optimization and PoSv integration.
Abstract
In the domain of spatial crowdsourcing drone services, which includes tasks like delivery, surveillance, and data collection, secure communication is paramount. The Public Key Infrastructure (PKI) ensures this by providing a system for digital certificates that authenticate the identities of entities involved, securing data and command transmissions between drones and their operators. However, the centralized trust model of traditional PKI, dependent on Certificate Authorities (CAs), presents a vulnerability due to its single point of failure, risking security breaches. To counteract this, the paper presents D2XChain, a blockchain-based PKI framework designed for the Internet of Drone Things (IoDT). By decentralizing the CA infrastructure, D2XChain eliminates this single point of failure, thereby enhancing the security and reliability of drone communications. Fully compatible with the X.509 standard, it integrates seamlessly with existing PKI systems, supporting all key operations such as certificate registration, validation, verification, and revocation in a distributed manner. This innovative approach not only strengthens the defense of drone services against various security threats but also showcases its practical application through deployment on a private Ethereum testbed, representing a significant advancement in addressing the unique security challenges of drone-based services and ensuring their trustworthy operation in critical tasks.