Blockchain-Based Decentralized Reputation Management System for Internet of Everything in 6G-Enabled Cybertwin Architecture

: Internet of Everything (IoE) has emerged as a promising paradigm for the purpose of connecting and exchanging data among physical objects and humans over the Internet, and it can be widely applied in the fields of industry, transportation, commerce, and education. Recently, the emergence of 6G-enabled cybertwin network architecture provides the technical and theoretical foundation for the realization of IoE paradigm. However, the IoE has three open issues in the 6G-enabled cybertwin architecture, i.e., data authenticity, data storage and node reliability. To address these issues, we propose a blockchain-based decentralized reputation management system (BC-DRMS) for IoE in 6G-enabled Cybertwin architecture. In the proposed BC-DRMS, the traffic data collected from end nodes is stored on the blockchain and the decentralized file system, i.e., InterPlanetary File System (IPFS), to resist data tampering, and then the data is further processed by the edge clouds and core clouds to provide services to users. Also, a multi-level reputation evaluation scheme is designed to compute the reputation scores of IoE nodes to prevent malicious node attacks. The experiment results and analysis demonstrate that, compared to the traditional centralized reputation management systems (CRMS), the proposed BC-DRMS cannot only address the issues of data authenticity and storage, but also provides high reliability for IoE in 6G-enabled cybertwin architecture.


Related Work
To the best of our knowledge, there is few reputation management systems designed for IoE environment. We review the existing trust and reputation management systems for the other networks such as the traditional peer-to-peer (P2P) networks and IoT networks. To enhance the security of the system and the trustworthiness of nodes, a variety of trust and reputation management systems have been proposed.
These systems can be roughly divided into two categories [19]: centralized reputation management systems (CRMSs) and decentralized reputation management systems (DRMS).

Blockchain Technologies
Blockchain: In 2008, Satoshi Nakamoto first proposed the concept of Blockchain in [20]. Essentially, blockchain is a digital ledger distributed on a network without central authority and repository. Blockchain contains a set of chained blocks. The first block is called the genesis block. Each block after the genesis block contains a block header and block data. Where, the block header represents the hash value of previous block, while block data records the transaction data over a period of time. Each node in the network can access all the recorded information in the blockchain. In recent years, the blockchain systems such as Ethereum [17] and Hyperledger [21] have been widely adopted in a variety of practical applications such as transportation [22,23], education [24][25][26], e-commerce [27], and IoT [28,29].
IPFS: To address the problem of big data storage, the decentralized storage system is proposed [18], i.e., InterPlanetary File System (IPFS). The IPFS is content addressable, peer-to-peer, open source, a globally distributed file system that can be used for storing and sharing a large volume of files with high throughput [18]. Instead of relying on a central server, IPFS does not need any central server, and it distributes the data to different nodes of the system.
In IPFS, each file will be assigned a unique hash value and organized by Merkle DAG structure. Once one uploads a file to IPFS, he can obtain a unique address (a hash string) returned by IPFS. By using the file address, he can also access and download the file from IPFS.
Smart Contract: The term "smart contract" was first proposed by Szabo in 1994 [30], which is defined as "a computerized transaction protocol which conducts the terms of a contract" [30]. Subsequently, Szabo recommended to transform the terms of a contract to a string of code and embed it into an appropriate environment, so as to run the code automatically. Consequently, compared to the traditional contracts, the smart contract can enhance the transaction efficiency between the participants significantly and reduce the occurrence of malicious or accidental exceptions largely.
Generally, the smart contracts are predefined and deployed on the blockchain, and each node of the network can call the smart contracts by sending a transaction to it. By receiving the transaction data, the smart contracts conduct automatically on the blockchain [30][31][32]. It is notable that all nodes executing a same smart contract will obtain the same result from the execution, and the execution result is recorded on the blockchain.

Centralized Reputation Management System
In the traditional Client/Server (C/S) networks, the service providers including the governments, organizations and companies have established centralized reputation management systems (CRMS) to prevent the malicious behaviors of nodes in the system to provide better service for users. In web applications, service providers usually store data in a centralized server, as done by Amazon, Alibaba, Google, etc. The P2P networks do not use the traditional Client/Server (C/S) scheme, and each node connected to the P2P networks is equal. In P2P networks, some researchers have also proposed CRMSs for various real-world applications such as vehicle network [33,34], healthcare [35,36], finance [37,38], education [39][40][41], etc., based on the P2P networks.
However, in the C/S networks and P2P networks, all the traffic data and reputation data are controlled by the centralized server. If there are some malicious employees who can access the centralized server, these data can be easily tampered, which will lead to serious security issue. Therefore, although the CRMSs in C/S and P2P networks have improved service quality significantly, there are still fundamental security problems: the limited data authenticity and the low trustworthiness of nodes.

Decentralized Reputation Management System
As mentioned above, as all the traffic data and reputation data are controlled by the centralized server, the existing CRMSs cannot be able to solve the problems of data authenticity and node trustworthiness. In recent years, some blockchain-based decentralized reputation management systems (BC-DRMSs) [42][43][44][45][46] have been proposed to compute and manage the traffic data and reputation scores. In addition to the DRMS proposed for IoT/sensors, some trust and reputation models and systems were proposed and built for e-commerce [27], education [47], VANET [43], autonomous systems. These trust and reputation systems use blockchain and smart contract to prevent malicious attacks including tampering, unfair rating and collusion, and thus the stability and security of the system are enhanced significantly. In these BC-DRMSs, all the traffic data and reputation data are stored on the blockchain. However, with the continuous increase of these data and occurrence of other types of data such as images, voices, and videos, it is hard to store and process these data by merely using blockchain. Moreover, all of these BC-DRMSs are designed for other application environment rather than the IoE environment.
In the IoE era, as huge number of connected nodes are connected and communicated and massive traffic data is produced every day, it hard to directly apply the existing BC-DRMSs to address the security and trustworthiness issues of IoE. Recently, the occurrence of 6G-enabled cybertwin architecture supports the realization of IoE. Thus, in this paper, we focus on the design of BC-DRMS to address the issues of data authenticity, data storage and node reliability for the IoE in 6G-assistant Cybertwin Network.
The 6G-enabled Cybertwin can represent humans, process and things in digital form, and serve as communication assistant, network behavior logger, and digital asset manager of humans, process and things for IoE. Different from end-to-end communication model, this architecture establishes the connection between the end nodes (e.g., sensors, smartphone, terminal devices, etc.) and clouds by 6G communication technologies to process data and provide the services for users.
To ensure the functionality, scalability and flexibility of the network architecture, in 6G-enabled Cybertwin, three infrastructure components are designed, i.e., the End Nodes, the Edge Clouds and the Core Clouds. Each component is detailed as follows: The End Node-level: In the IoE environment, the nodes not only include objects but also humans and things, and the server providers can offer services to all of them. Accordingly, in end node-level of 6Genabled Cybertwin, the nodes refer to objects, humans and things, as shown in Fig. 1. They are not only the consumers of network service through various access methods of the network, but also the source of data in the system. In these nodes, some of them are in charge of data collection and exchange, while some peripheral nodes are mainly responsible for transmitting data to the Edge Clouds using 6G communication technologies for further preprocessing.
Edge Cloud-level: The Edge Clouds reside between the Core Clouds and the End Nodes. They provide less services than the Core Clouds for the users, but they response more rapidly to the end nodes' request than the Core clouds. Therefore, Edge Clouds can help the Core Clouds in providing high-quality services for users.
Core Cloud-level: The Core Clouds are fully connected to establish a core network by high-speed 6G communication technology. These core clouds provide infrastructure services including computing, caching, and communication resource to the end nodes.
However, in 6G-enabled Cybertwin, and the data communicated between levels would suffer the tampering operations, and the End Nodes, Edge Clouds, and Core Clouds would contain some fragile and unreliable nodes. Moreover, how to store and manage the massive data is also a challenging task. Therefore, it is challenging to ensure the data authenticity, reliability, and data storage for the IoE in the 6G-enabled Cybertwin Network. To deal with the above challenges, in next section, we propose the BC-DRMS for IoE in 6G-enabled Cybertwin network architecture.

The Proposed BC-DRMS For IoE in 6G-Enabled Cybertwin Network
In this section, we elaborate the proposed BC-DRMS for the IoE in 6G-enabled Cybertwin Network architecture. In Section 3, we first describe the framework of the proposed blockchain-based decentralized reputation management system (BC-DRMS) in 6G-enabled Cybertwin Network. Subsequently, in Section 4.2, the proposed multi-level reputation evaluation scheme is described. Finally, in Section 4.3, we introduce the data storage strategy using the IPFS to store the data in IoE.

The Framework of BC-DRMS
The framework of BC-DRMS for IoE in 6G-enabled Cybertwin Network is illustrated in Fig. 1. In our proposed BC-DRMS, the Ethereum blockchain, Smart Contract, and IPFS are employed to process and store the data in different levels of the 6G-enabled Cybertwin Network. The main steps of data generation and storage process are described as follows: Step (1): The raw data collection by End Nodes. A large number of End Nodes deployed in the real environment collect real-world raw data by sensors or data collection devices, such as weather data sensors and traffic-data collection devices.
Step (2): The reputation score computation. In this process, the behaviors of End Nodes are stored by the Ethereum blockchain through designed smart contract, and the reputation scores of End Nodes are computed objectively and updated by the proposed multi-level reputation evaluation scheme.
Step (3): The data storage. The data collected by End Nodes and the reputation scores are uploaded on the IPFS by communication protocol (TCP/IP protocol), and then the hash addresses representing the data are returned to Ethereum blockchain by calling the function of designed smart contract.
Step (4): The data transmission from End Nodes to Edge Clouds. The peripheral End Nodes send the collected raw data to the Edge Clouds through 6G transmission technology for further preprocessing.
Step (5): The use of data by Edge Clouds according to the reputation scores. The peripheral Edge Clouds preprocess the acquired data. First, they obtain the corresponding reputation scores from Ethereum through the device ID information in the request. Then, they determine whether to use the data provided by the device for preprocessing and caching through the reputation of the corresponding device. Step (6): The data transmission from Edge Cloud to Core Clouds. The Edge Clouds store the data in IPFS, and then the hash address of the data is returned to the Ethereum blockchain by calling the function of the smart contract deployed on Ethereum blockchain. Afterward, Core Clouds receive the event notification of data storage to provide the corresponding services according to the users' request.
Step (7): Service providing by Core Clouds. After receiving the data, Core Clouds provide the service to the Edge Clouds or the End Nodes as well as human users.
Step (8): The reputation scores of services given by users. After the users receives services provided by Core Clouds, the quality of services is subjectively evaluated to compute the reputation scores. Where, the reputation evaluation of the services is performed in a decentralized environment. These evaluation scores are stored in the Ethereum blockchain and IPFS through the smart contract.
By the above evaluation process in all levels of 6G-enabled Cybertwin Network, the node reliability can be effectively enhanced. Moreover, almost all data produced in the 6G-enabled Cybertwin Network are stored in IPFS by the smart contract function and the corresponding address is returned to the Ethereum blockchain. Due to the decentralized characteristics of blockchain and IPFS, the issues of data authenticity and data storage can be addressed well.

Reputation Evaluation Scheme
In this subsection, we design the multi-level reputation evaluation scheme. After Edge Clouds receive the device data in the End Node-level, End nodes will obtain the reputation score of a node ID, denoted as , from Ethereum blockchain. Where, the range of is [−1,1]. The reputation score R ID is computed as follows: 1] are the subjective scores evaluated by users and the objective scores evaluated by the other Core Clouds in the same level, respectively. Moreover, → represents the reputatio n evaluation from the Edge Clouds ∈ ℰ in the cross level. In addition, , and represent the factors to balance the final reputation computation result. Subjective evaluation: In traditional IoT environment, the Core Clouds, i.e., service providers, directly register and manage the End Nodes and monitor their status in real-time. On the contrary, in the IoE environment, End Notes and services may not belong to the same holder or center. Thus, the Core Clouds only need to receive the data through the interface specified by the physical device manufacturer without the management of these devices. As a result, some malicious nodes will take negative impacts on the service. In the proposed reputation evaluation scheme, the Core Clouds are allowed to subjectively evaluate the End Nodes with their ID information such as IP hash addresses.
Objective evaluation: In the IoE environment, End Nodes are fully-connected in a complex form. It is difficult for humans to manage and evaluate all nodes. Thus, we also design an objective reputation model for these nodes according to their historical behavior information such as data exchange and connection. Objective reputation score is calculated as follows: = ( , , ⋯ , ) (2) where represents a behavior vector at time and function (⋅) represents the computation rule deployed on the smart contract. In our simulation experiment, at a period of time , we define the behavior of each node as the amount of data transmission denoted as and the times of data exchanges denoted with other nodes.
The whole system is the structure of multiple levels, including End Node-level, Edge Cloud level, Core Cloud level, and users-level from the left-right. Thus, not only evaluating the nodes by each other at same-level, we also consider cross-level reputation evaluation. The reputation scores are evaluated from the upper-levels to the lower-levels.
In the Edge Cloud-level, the edge nodes filter the abnormal data before preprocessing the data from the End Nodes according to the reputation scores stored on the Ethereum blockchain. Meanwhile, the edge nodes update the reputation scores of these End Nodes. To determine whether the data transmitted by End notes is abnormal, we adopt the clustering algorithm (e.g., K-means) to evaluate the abnormality to compute the reputation scores. Denote the distance between data point x and clustering center point c by where c represents the clustering center. The function : ℝ × ℝ → [0, +∞) represents the distance metric such as Euclidean distance between the data. Afterwards, the reputation is computed from the crosslevel by → = ( ) (4) where (⋅) is a function that computes the reputation score by using the distance between this data point and the clustering center point as input. As shown in Fig. 3, when the data is far from the clustering center, the reputation score is equal to a very small value; Otherwise, the node will gain high reputation score, that is lim and (0) = (6) where, the reputation is the maximum value when the data point is at the center of data collected by devices.
In the Core Cloud-level, not only evaluating the reputation scores of Core Clouds by the Edge Clouds, the Core Clouds need to be evaluated by users subjectively in the above manner. It is notable that, according to different services, the Core Clouds can design different smart contracts to obtain the user's evaluation scores.
Overall, the reputation evaluation scheme combines the subjective and objective evaluation in the same-level and cross-level to sufficiently evaluate the reputation scores of nodes and clouds in the 6Genabled Cybertwin Network.

Data Storage Strategy
In the IoE environment, the system will generate massive traffic data in a short period of time. Thus, it is required to address the issue of data storage with the suitable and scalable storage technology. In addition, the reputation data also needs to be stored in the security database. In this paper, we adopt IPFS to store the traffic data and reputation data produced by nodes, clouds, and users in the 6G-enabled Cybertwin Network.
In the proposed BC-DRMS, we employ a decentralized storage system, i.e., IPFS, instead of centralized mechanism. The data generated in the system will be first stored in IPFS by 6G transmission technology and transmission protocol request. After the storage is completed, IPFS will return a hash address string of the data. Meanwhile, the smart contract deployed on Ethereum blockchain is called to store the hash address of the data in the blockchain. If the nodes need to access the data, they can obtain it from IPFS through the hash address stored on the blockchain.
The steps of storing the traffic data and reputation data to IPFS is given as follows: Step (1) Smart contract design: In Core Cloud-level, a smart contract is designed and deployed on the Ethereum blockchain. The smart contract consists of two key functions: reputation evaluation function and data storage function. Some properties in smart contract are also included such as the node IDs, timesteps for data producing and reputation evaluating, hash address of raw data in IPFS.
Step (2) Data storage: Generally, raw data is divided into several data blocks and a distributed hash table (DHT) is established. Afterward, these DHTs representing data are organized through the Merkle DAG data structure. Finally, the index stored at the root node of the tree is used as the file's addressing hash value.
Step (3) Uploading address on Ethereum blockchain: After IPFS returns the hash address of raw data, the address with node information will be uploaded on the Ethereum blockchain by invoking the function defined in the smart contract.
Step (4) Status update: When the status in the smart contract is updated, the event is triggered and listened by the Core Clouds to provide the services for users.
In current network architecture, there is an issue of bad real-time in blockchain. In 6G-enabled Cybertwin Network, a cloud network operating system that can work in a distributed manner via establishing a real-time market driven trading platform for multi-agents according to [16]. Thus, the data storage strategy using IPFS in 6G-enabled Cybertwin Network can address the issue of bad real-time. Moreover, we adopt IPFS to store the traffic data and reputation data. Due to the decentralized storage in the data storage strategy, the issue of the single point of failure (SPOF) can be avoided effectively. These are beneficial for the stability of system.

Performance Evaluation and System Analysis
In this section, we demonstrate the security, reliability, and stability of the proposed BC-DRMS by a series of simulation experiments. In the simulation environment, we establish a simulation network topology as shown in Fig. 4 by Software Defined Networking (SDN) and Network Function Virtualization (NFV). In addition, the Ethereum blockchain and IPFS system are established offline by go-ethereum (Geth) [17] and IPFS toolkits.
In addition to simulation experiments, we further discuss and analyze the security, reliability, and stability of our proposed BC-DRMS for IoE in 6G-enabled Cybertwin Network architecture.

Authenticity
To verify the security of the data in BC-DRMS, we conduct the experiments from the End Nodes and the Edge Clouds. We designed, developed and deployed an indoor-air quality assessment service for humans. In this service, first, some sensor nodes collect air quality data (such as carbon dioxide, oxygen, and air humidity) in real-time. Subsequently, these data will be aggregated to the Edge Clouds for preprocessing. Finally, the data will be transmitted to Core Clouds for evaluation and prediction based on the air quality model, and the results will be fed back to the users' mobile terminal devices. We control the generation of malicious nodes at different levels and in different proportions to provide interference data to test the direct impact on the standard results, which represent the accuracy of air quality in range of [0,1].

Figure 4:
The topology structure of our simulation experiments Generally, as shown in Table 1, malicious nodes cannot take a particularly large impact on the accuracy of air quality assessment when there are nearly 5K~1M sensors collecting air quality data. Moreover, in any case, no node can tamper the data stored on the blockchain in the IoE environment. As the sophisticated deep learning-based technology [48] is used to train the air quality model in Core Cloud-level, the data provided by a large number of malicious nodes will not follow the assumption of independent identified distribution (i.i.d). Therefore, with the increase of malicious nodes, the accuracy of air quality prediction will decrease. In the End node-level, the nodes such sensors can only collect data from the real-world and exchange data with other device nodes. However, in Edge Cloud-level, malicious cloud nodes can process data purposefully to disrupt the operation of the system. Therefore, the existence of malicious nodes in Edge Cloud-level can threaten the system more than those in the End Node-level.
Finally, in any case, malicious nodes cannot tamper the data collected and processed by normal nodes, due to the decentralized characteristics of Ethereum blockchain and IPFS technologies used in proposed BC-DRMS.

Reliability
In the proposed BC-DRMS, in addition to data security, node reliability is another challenge for IoE in 6G-enabled Cybertwin Network. As the multi-level reputation evaluation scheme is designed and used to comprehensively compute the reputation scores of different nodes, it is hard for malicious nodes to gain high reputation scores by SPOF attack and collusion for the following reason.
For the SPOF attack, due to the multi-level reputation scheme, the Edge Clouds give a reputation penalty for the nodes that maliciously provide the data, and thus it is hard for the malicious nodes to disrupt the system. In addition to objective evaluation, the Core Clouds' subjective evaluation of malicious devices or nodes can also prevent malicious damage.
Another way to disrupt the system is collusion, i.e., multiple malicious nodes transmit and process data to each other to achieve high reputation scores to gain the trust of the system and users. However, the multi-level and subjective-objective combination evaluation scheme and decentralized storage mechanism make the reputation of malicious node groups converge gradually. As shown in Fig. 5, without subjective evaluation, the number of malicious nodes will significantly affect the accuracy of air quality assessment. As the trustworthy nodes in the Edge Cloud-level evaluate the data provided by malicious nodes according to the clustering algorithm, the reputation scores of the malicious nodes will gradually converge, as shown in Fig. 6. In addition, as the number of malicious nodes increases, the effects of their attacks on the system do not increase significantly. Thus, the negative effects of malicious nodes on the system are limited.

Stability
In the IoE environment, the storage of massive data including traffic data and reputation data is another challenge.
The proposed data storage strategy is designed for IoE on 6G-enabled Cybertwin Network. Cybertwin Network's cloud operating system enables better real-time performance in a decentralized environment than the traditional end-to-end network architecture. Thus, the proposed data storage strategy can avoid the bad real-time problem.
In the proposed data storage strategy, the decentralized file system, i.e., IPFS, is used to store the data. Compared with hypertext transfer protocol, i.e., HTTP, IPFS has superiority in solving the issue of SPOF. Moreover, the storage strategy based on the hash address of file content will only store the same piece of data once in the network to minimize the data redundancy.
In our experiments, we simulate nearly 5K devices and continuously generate abundant data for air quality assessment. When there are a large number of storage nodes in IPFS, the access of the data stored on IPFS will get very low latency compared to data request from a centralized server via TCP/IP.

Conclusion
In this paper, we focus on addressing the issues of data authenticity, data storage and node reliability for IoE in 6G-enabled Cybertwin Network architecture. To this end, we have presented a blockchain-based decentralized reputation management system (BC-DRMS) for the IoE environment in 6G-enabled Cybertwin Network.
In BC-DRMS, the data in the entire system will be stored on the Ethereum blockchain and IPFS. Due to their decentralized characteristics, it is hard to tamper the data stored on them, which ensures the data authenticity. Moreover, the multi-level, subjective-objective combination reputation evaluation scheme is proposed to improve the node reliability of BC-DRMS. In addition, to store a large amount of data in the IoE environment, we adopt IPFS to store these data and upload the hash addresses to Ethereum blockchain through a smart contract. Consequently, IPFS storage strategy effectively improves the stability of the system and avoids the problem of the SPOF.
Artificial Intelligence Research (PAIR) Labs (Taiwan), in part by the Priority Academic Program Development of Jiangsu Higher Education Institutions (PAPD) fund, and in part by the Collaborative Innovation Center of Atmospheric Environment and Equipment Technology (CICAEET) Fund (China).

Conflicts of Interest:
The authors declare that they have no conflicts of interest to report regarding the present study.