Abstract
With the rapid development of the Power Internet of Things (PIoT), the number of grid terminals has grown exponentially, and the types of equipment have become increasingly heterogeneous, covering different management domains such as power generation, transmission, distribution, and consumption. This has resulted in complex multi-domain collaborative business scenarios. In this context, when a large number of heterogeneous terminal devices access across domains, they face severe challenges such as low authentication efficiency, high computational overhead, and complex policy management due to frequent cross-domain identity verification, dynamic changing access permissions, and limited terminal resources. Traditional centralized authentication schemes based on Public Key Infrastructure (PKI) rely on a unified certificate authority (CA) and frequent certificate verification interactions, which have single-point performance bottlenecks, high communication latency, and difficulty in supporting fine-grained dynamic authorization. These schemes cannot meet the dual requirements of the Power Internet of Things for real-time performance, lightweight design, and flexible access control. Although existing attribute-based encryption (ABE) schemes support attribute-based access control, they generally face limitations such as complex policy parsing, high bilinear pairing computation overhead, and the absence of cross-domain mutual recognition mechanisms. To address this issue, we propose a lightweight, attribute-based, cross-domain authentication method that is integrated with edge computing. By constructing a three-tiered ‘cloud-edge-end’ collaborative hierarchical authentication architecture, authentication computation tasks are offloaded to edge nodes, enabling localized authentication services. Our design incorporates a lightweight, elliptic curve cryptography-based, attribute-based encryption mechanism that replaces bi-linear pairing with scalar multiplication, as well as a cross-domain attribute mapping method based on consortium blockchain smart contracts to support the automatic conversion and mutual recognition of multi-domain attributes. Additionally, a distributed credential management subsystem that integrates blockchain and secret sharing is employed to facilitate the efficient issuance and dynamic revocation of edge-side certificates. Together, these form a complete cross-domain authentication mechanism that covers the entire ‘registration-authentication-key update’ process. Experimental results demonstrate that this method consistently maintains low total authentication overhead under varying concurrency pressures, delivering high semantic security and precise, fine-grained access control. It outperforms existing mainstream approaches in terms of authentication efficiency, computational overhead and system scalability, all without compromising security. This makes it suitable for collaborative scenarios involving multiple domains and the Internet of Things where resources are limited.
References
Mahajan, R. A., Mahajan, R. G., and Patil, S. Y. (2024). Enhancing mqtt security in the internet of things with an enhanced symmetric algorithm. Journal of Electrical Systems, 20(1s), 126–137.
Sharma, V. K., Chakraborty, C., Mohapatra, S. K., Pani, S. K., and Maity, S. P. (2025). An intelligent cryptographic technique for protecting internet of things data in 5g networks. IT Professional, 27(3), 38–44.
Kanciak, K., Zbigniew, Z. U. P., and Sychowiec, J. (2024). Application of attribute-based encryption in military internet of things environment. Sensors (Basel, Switzerland), 24(18), 5863–5863.
Elsakaan, N., and Amroun, K. (2024). A novel privacy-aware global infrastructure for ecological footprint calculator based on the internet of things and blockchain. Journal of supercomputing, 80(7), 9494–9531.
Zhong, Y., and Su, H. (2024). A Cross Domain Mobile Node Security Authentication Method for Building Node Reputation. Computer Simulation, 41(8), 428–432.
Shruti, R. S., and Boulila, W. (2025). Securing internet of things device data: an abe approach using fog computing and generative ai. Expert Systems, 42(2), e13691.1–e13691.14.
Shahidinejad, A., and Abawajy, J. (2024). Efficient provably secure authentication protocol for multidomain iiot using a combined off-chain and on-chain approach. IEEE internet of things journal, 11(9), 15241–15251.
Kumar, S., Banka, H., and Kaushik, B. (2023). Ultra-lightweight blockchain-enabled rfid authentication protocol for supply chain in the domain of 5G mobile edge computing. Wireless networks, 29(5), 2105–2126.
Kwon, D. K., Son, S., Park, K., Das, A. K., and Park, Y. (2024). Design of blockchain-based multi-domain authentication protocol for secure EV charging services in V2G environments. IEEE transactions on intelligent transportation systems, 25(12), 21783–21795.
Jebrane, J., and Lazaar, S. (2024). An enhanced and verifiable lightweight authentication protocol for securing the internet of medical things (IoMT) based on CP-ABE encryption. International Journal of Information Security, 23(6), 3691–3710.
Ishtiaq, M., Saeed, N., and Khan, M. A. (2024). Edge computing in the internet of things: a 6G perspective. IT Professional, 26(5), 62–70.
Lee, G., Saad, W., and Jung, K. M. (2023). An online framework for ephemeral edge computing in the internet of things. IEEE transactions on wireless communications, 22(3), 1992–2007.
Zhonghua, C., Goyal, S. B., and Rajawat, A. S. (2024). Smart contracts attribute-based access control model for security & privacy of iot system using blockchain and edge computing. Journal of supercomputing, 80(2), 1396–1425.
Chaurasia, A., Kumar, A., and Rao, U. P. (2024). BACP-IEFC: designing blockchain-based access control protocol in iot-enabled fog computing environment. Cluster Computing, 27(10), 13919–13944.
Alwakeel, A. M., and Alnaim, A. K. (2024). Trust management and resource optimization in edge and fog computing using the cyberguard framework. Sensors (Basel, Switzerland), 24(13), 4308–4308.
Shruti, R. S., Gianini, G., and Sah, D. K. (2023). Attribute-based encryption schemes for next generation wireless iot networks: a comprehensive survey. Sensors (Basel, Switzerland), 23(13), 5921–5921.
Seifelnasr, M., Altawy, R., and Youssef, A. (2025). A conditional privacy-preserving protocol for cross-domain communications in vanet. IEEE Transactions on Intelligent Transportation Systems, 26(4), 5251–5263.
Godden, T., Blancquaert, R., Steenhaut, K., Smet, R. D., and Braeken, A. (2024). Armed with faster crypto: optimizing elliptic curve cryptography for arm processors. Sensors (Basel, Switzerland), 24(3), 1030–1030.
Agrawal, R., Singhal, S., and Sharma, A. (2024). Blockchain and fog computing model for secure data access control mechanisms for distributed data storage and authentication using hybrid encryption algorithm. Cluster computing, 27(6), 8015–8030.
Rao, Y. S., Srivastava, V., and Mohanty, T. D. S. K. (2024). Designing quantum-secure attribute-based encryption. Cluster computing, 27(9), 13075–13091.
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
Copyright (c) 2026 Journal of Cyber Security and Mobility