Empowering Resource-Constrained WoT Devices with Lightweight Self-Sovereign Identity (SSI) Using Delegation

The Web of Things (WoT) represents a complex ecosystem of interconnected devices that exchange vast amounts of data, enabling advanced applications essential for various industrial and social processes. These applications face stringent security requirements due to the open nature of the Internet of Things (IoT) ecosystem and the widespread deployment of devices in public environments, posing significant challenges in safeguarding against malicious activities. FIWARE has established itself as a leading IoT infrastructure standard, offering robust security and access control through key components that facilitate authentication, access management, and secure data transmission. However, traditional authentication methods cannot be implemented at end-device level, posing significant risks. This study bridges critical gaps by seamlessly integrating Self-Sovereign Identity (SSI) into FIWARE by incorporating an innovative delegate node designed to enhance the computational capabilities of resource-constrained IoT devices while adhering to SSI design principles. By deploying an SSI-compliant agent on a gateway node and utilizing keys stored on devices with minimal memory-requiring only 520 KB of SRAM-via MQTT, this approach demonstrates its feasibility both in terms of performance and security. The results indicate an average session key generation and authentication time of 2.573 seconds, enabling mutual authentication between the application and the end device, making it suitable for real-world scenarios. Also, we provide a formal verification for the proposed protocol using the ProVerif model checking tool to check and validate our approach.