Blockchain-Envisioned Secure Authentication Approach in AIoT: Applications, Challenges, and Future Research

. The Arti ﬁ cial Intelligence of Things (AIoT) is the amalgamation of Arti ﬁ cial Intelligence (AI) methods and the Internet of Things (IoT) infrastructure, which are deployed there to improve the overall performance of the system. AIoT can be deployed to achieve more e ﬃ cient IoT operations; thereby can improve human-machine interactions and provide better data analysis. AI methods can be used to transform IoT data into useful information for the better decision-making processes, and it further increases the overall usability of the system. AIoT frameworks are very useful and applicable in a variety of applications, like security and surveillance system, smart home, intelligent transportation system, smart farming, secure and safe healthcare monitoring, industrial automation and control, eCommerce, logistics operations and control, and many more. However, AIoT frameworks may have issues related to data security and privacy as they are vulnerable to various types of information security-related attacks. These issues further cause the serious consequences, like the unauthorized data leakage and data update. Blockchain is a speci ﬁ c type of database. It is a digital ledger of transactions, which is duplicated and distributed across the entire network of computer systems. It stores data in the form of some blocks, which are then chained together. Blockchain is tamper proof and provides more security as compared to the traditional security mechanisms. Hence, blockchain can be integrated in various AIoT applications to provide more security. A generalized blockchain-envisioned secure authentication framework for AIoT has been proposed. The adversary model of blockchain-envisioned secure authentication framework for AIoT is also highlighted that covers most of the potential threats of a kind of communication environment. Various applications of the proposed framework are also discussed. Furthermore, di ﬀ erent issues and challenges of the proposed framework are highlighted. In the end, we also provide some future research directions relevant to the proposed framework.


Introduction
AIoT is the combination of Artificial Intelligence (AI) methods and Internet of Things (IoT) infrastructure.As we know, IoT is about different "Things" (i.e., smart IoT devices), which are connected to various users through the Internet [1][2][3].AI provides methods to train the devices so that they can understand the novel data based on the training procedure that they have completed.AIoT works for a common goal, which is the generation of use-ful data about the world through IoT devices and drawing of useful insights from the collected data through some AI methods [4][5][6][7][8][9].Artificial Intelligence (AI) refers to any human-like intelligence manifested by a machine, i.e., a computer and a robot.It is the ability of a machine, which mimics like the learning capabilities of the human, i.e., learning from the experience, object recognition, decision-making, and problem solving.It is an interdisciplinary science with multiple methods and tools, especially the advancements, which happen due to machine learning and deep learning creating a paradigm shift in various sectors of the tech industry [10][11][12][13][14].
1.1.Common AI Technologies.The following are the common AI technologies [1][2][3][15][16][17][18][19]: (i) Speech recognition: speech recognition mechanism is used to convert and transform human speech in some useful format so that a computer application can process it.The "transcription and transformation of human language" into some useful format is in demand these days.
(ii) Natural language processing (NLP): it focuses on the interactions between computers and human languages.Text analysis methods are used to analyse the structure of sentences and their interpretation through the ML algorithms.NLP is also helpful for the fraud detection systems.Automated assistants and applications derive unstructured data through NLP.
(iii) Image recognition: it is the process of identification and detection of features in a video or an image file.It further facilitates the process of image searches for example, detecting license plates and diagnosis of diseases.
(iv) Machine learning platforms: it is a subdiscipline of computer science and the important part of AI.The motive is to develop new mechanisms to enable the learning of computer systems to make them more intelligent.With the deployment of various algorithms, application programming interface (APIs), training tools, big data analytics, and machine learning platforms become popular these days, which are used for the purpose of categorization and predictions.The organizations like Amazon, Fractal Analytics, Google, and Microsoft provide various ML platforms as per the requirements of the customers.
(v) Decision management: due to the AI logic and capabilities, machines can be used for training and maintenance.For adding value to the business and to make it more profitable, decision management system is being used.With the deployment of ML-based mechanisms, these systems execute automated decision.
(vi) Deep learning platforms: the deep learning (DL) techniques use artificial neural networks.DL is another form of ML, which duplicates the neural network of human brain to process the data and draw patterns from this.These patterns are further used in the decision-making process.Some of the applications of DL are speech recognition system, image recognition system, and prediction system, which can predict about any phenomena of the digital sphere.Some of the DL platforms providers are Deep Instinct, Ersatz Labs, Fluid AI, and MathWorks.
(vii) Robotic process automation: robotic process automation depicts the functioning of corporate processes, which automate the process through the mimicking of human activities and tasks.However, it is essential to mention that AI is not there to replace the humans, but to support and complement their skills and associated tasks.The organizations like automation anywhere, blue prism, and WorkFusion are working in this domain (viii) Cyber security: it is a computer defense mechanism, which detects and defends the various information security-related attacks happening in the cyber space.Neural networks, which have the ability to process sequences, can be deployed with ML techniques to create learning technologies for the mitigation of cyber attacks.
(ix) Marketing automation: these days, AI is also going famous for marketing automation, especially to predict about the market trends, offers, and customers' mood.That happens because of the advantages it put into the domain.
(x) Virtual agents: a virtual agent can be a computer agent or a program, which has the ability of interaction with humans.It is used in customer service's system via chat bots.The organizations like Apple, Google, Amazon, and Microsoft provide support through virtual agents.
1.2.Categories of Machine Learning Algorithms.The different categories of machine learning algorithms are given below.
1.2.1.Supervised Learning Algorithms.This class of algorithm uses labeled data to learn (training).There is a mapping function that turns input variables α into the output variable β.In other words, it solves function f as per the following equation: Supervised learning algorithms are further divided into three categories, i.e., classification, regression, and ensembling.
(1) Classification: in this method, variables are in the form of certain categories, and then, there is a prediction about the outcome of the given sample.A classification model might look at the input data and try to predict labels for example, in case of cyber attack detection, threat, or normal flow.
(2) Regression: there are another categories of algorithms, which come under regression, which is used to predict the outcome of the given sample, in case when output variables are in the form of real values.
A regression method may be used to process input data for the prediction of amount of rainfall and temperature in a specific week of a month.(1) Association: this method is used to find out the "probability of the cooccurrence of items in a collection."Most of the time this technique is used in market-basket analysis.For example, it can be used to find out if a customer purchases shirt, he/she is 80% likely to also purchase trouser.
(2) Clustering: this method is used to group samples such that objects in a cluster are more similar to each other than to the objects in the other clusters, i.e., K-means and clustering algorithm.
(3) Dimensionality reduction: in unsupervised learning, there is another approach called as dimensionality reduction, which is used to reduce the number of variables of a dataset without omitting the important information.This can be done through "feature extraction methods" and "feature selection methods."Feature selection mechanism selects a subset of the original variables whereas feature extraction does data transformation from a "high-dimensional space" to a "low-dimensional space."Algorithm Principal Component Analysis (PCA) comes under feature extraction approach.
Algorithms like Apriori, K-means, and Principal Component Analysis (PCA) are examples of unsupervised learning.
1.2.3.Reinforcement Learning.It is the another category of ML algorithms, which allows an agent to decide the next best action to be performed on the basis of its current state via learning behaviors, which will maximize a reward.These methods learn optimal actions in a trial and error way, for example, a video game in which the player has to move to certain places at certain times to earn more points.The player may correct his/her move on the basis of previous loses attempts.Examples  Here, learning can be performed in a supervised or unsupervised way.The different categories of machine learning along with algorithms are also depicted in Figure 1.
Internet of Things (IoT) expresses the network of physical objects also called as "Things," which are embedded with sensors, software, and other related technologies.They are deployed for the aim of connecting and exchanging data with other devices and systems over the Internet.These billions of IoT devices collect and share the data through the Internet all around the world.The connection of all these smart objects, which have inbuilt sensors, provides the level of digital intelligence to them.This enables them to exchange the real-time data without any human involvement.The number of connected IoT devices was 15:41 billion in 2015, which will be increased to 75:44 billion in 2025.The trends of number of connected IoT devices are provided in Figure 2 [20].
The IoT construction consists of four parts: device hardware, device software, communication, and platform.Device hardware deals with the hardware devices like sensors, and networking devices, which connect the IoT systems and devices to the external world via Internet.Device software deals with the different tools and software, which are needed to connect the IoT devices to the other devices (i.e., cloud server, fog server, and gateway nodes) and users.It also provides the graphical user interface to the various users so that they can access the services of the IoT-based systems (i.e., smart home).These softwares provide actual intelligence to the Things; i.e., task like big data analytics can be performed and prediction can be made.Communication layer facilitates the data exchange between the IoT system and the outer world.Communication layer includes physical connection solutions such as mobile, satellite, local area networks, and specific communication protocols such as Message Queuing Telemetry Transport (MQTT) used in different IoT environment.The last important part is the platform layer.It consists of various required platforms, which can collect, manage, process, analyse, and display all data in a user-friendly manner.There are many IoT platforms (i.e., Google Cloud IoT, Cisco IoT Cloud Connect, Amazon, and AWS IoT Core) are in the market, which provide services to the different users as per their demands.The details of these four important components of IoT construction are also provided in Figure 3.
1.3.Layered Architecture of IoT.The layered architecture can be divided into four layers: i.e., device, pipe, cloud, and application.It is also depicted in Figure 4.The functionalities of these layers are given below [21,22]: (i) The device layer consists of the details of all smart devices, various sensors, operating system, and    Blockchain is a specific type of database.It is a digital ledger of transactions, which is duplicated and distributed across the entire network of computer systems (i.e., cloud servers) on the blockchain.It differs from a conventional database in the way it stores the information.Blockchain stores data in the form of some blocks, which are then chained together.As new data comes in, it is entered into a newly generated block [23,24].
Figure 5 defines the different properties of a blockchain.Their details are given below [23]: (i) Programmable: a blockchain can be implemented through some programming language, i.e., smart contract via solidity programming    mechanisms to provide the security to the stored data.The Merkle tree is built from the all hashes of the transactions, which is further used for the integrity checking.Therefore, it is very difficult to change or update the data, which is stored inside the blockchain.Furthermore, data is stored in the form of encrypted transactions; thus, unauthorized leakage of data is not possible (iii) Anonymous: due to this property, the identities of the entities are preserved.This further signifies that adversary (A) is not able to discover who is communicating with whom (iv) Distributed: a blockchain is built through the peer-to-peer distributed network in the form of a distributed ledger.This ledger is shared among all authorized entities (i.e., miner nodes) (v) Time-stamped: in a blockchain, when a block is constructed, then, it is also stored with a freshly generated timestamp value.This mechanism is further helpful to resolve the data freshness issues.This further signifies that entities are able to identify "when a particular record is stored in the block" (vi) Immutable: a blockchain is built through certain number of blocks; whatever we store there will go inside the blocks.These blocks are connected through a hash chain.It is not possible for A to change the data of the block.If an A attempts for updating the blocks, then in that situation, he/she has to update a certain fraction of blocks, which is practically impossible (vii) Unanimous: there is a requirement of execution of a consensus algorithm for the addition of a newly created block in the blockchain.The steps of the consensus algorithm are executed by the miner nodes (i.e., cloud servers).During this process, majority of the miner nodes agree on the addition of the "newly created blocks," if a given fraction of miner nodes, like 80% nodes, commit (agree).
In such situation, block is added into the blockchain.Therefore, during this implementation and execution, nodes decide unanimously for some particular tasks On the basis of their characteristics and features, blockchain can be divided into different categories.Details are given below [23].
(i) Public blockchain: in the public blockchain architecture, data and access to the system's resources can be given to anyone who wishes to participate.For example, bitcoin, ethereum, and litecoin cryptocurrencies are the example of public blockchains.In contrast to that, a public blockchain is open-ended and thus can be called as decentralized.In a public blockchain, all records are visible to the participants, who take participation in the agreement (consensus) process.However, it is less efficient since it takes a considerable amount of time to accept each new record into the blockchain.Moreover, it is not efficient as the time required for each transaction is less ecofriendly.It needs a huge amount of computation power as compared to the private blockchain.
(ii) Private blockchain: it is different than the public blockchain architecture; in this architecture, the system is controlled only by users from a specific organization or authorized users, who get invitations to participate: for example, "blockchain of healthcare system."It is considered to be more centralized as it is controlled by a particular organization.
(iii) Consortium blockchain: in consortium blockchain, some organizations decide for the implementation of a blockchain, which is also maintained by these organizations.In this blockchain, procedures are set up and controlled by the preliminary assigned users: for example, blockchain of an "intelligent transportation system." The structure of a block, which is used in the blockchain, is given in Figure 6.It contains important information like version of the block, which is unique for every block.It contains the hash value of the previous block, hash value of current block, and signature of the current block, which is computed through some algorithms like Elliptic Curve Digital Signature Algorithm (ECDSA).It also contains the value of Merkle tree root, which is the hash value of all transactions and used for the integrity checking of transactions.It further contains values like owner's information, public key  Wireless Communications and Mobile Computing of the owner, and timestamp value, which is freshly generated for each block.Another important information that a block has is encrypted transactions.The entire data is converted in the form of certain transactions, and then, this will be encrypted with the public key of the owner.The entity who has the corresponding private key can only decrypt the transactions; otherwise, it is not possible.This particular arrangement is especially useful for the private blockchain networks, where privacy is essentially required [23].

Novelty and Research Contributions.
The novelty and research contributions of the paper are given as follows: (i) A blockchain-envisioned secure authentication framework for AIoT is presented in the paper, in which we provide the full details of the design of that framework (ii) The adversary model of "blockchain-envisioned secure authentication framework for AIoT" is then highlighted.It covers most of the potential threats in such kind of communication environment (iii) The security analysis of the proposed framework is provided to prove its security against the various possible attacks (iv) Various applications of blockchain-envisioned secure authentication framework for AIoT are also highlighted (v) Next, the different issues and challenges of blockchainenvisioned secure authentication framework for AIoT are discussed (vi) Finally, we highlight some future research directions of "blockchain-envisioned secure authentication framework for AIoT," which should be addressed in the future 1.5.Paper Outline.The remaining part of the paper is organized as follows.The various applications of blockchainenvisioned secure authentication framework for AIoT are discussed in Section 2. Various issues and challenges of the blockchain-envisioned secure authentication framework for AIoT are provided in Section 3. We provide the details of architecture of the proposed generalized framework in Section 4. After that, the security analysis of the proposed framework is provided in Section 5, and a detailed comparative study with the state of art solutions is also provided in Section 6.Some future research directions of the presented framework are given Section 7. Finally, the paper is concluded in Section 8.

Applications of Blockchain-Envisioned Secure Authentication Framework for AIoT
In this section, we discuss some of the potential applications of blockchain-envisioned secure authentication framework for AIoT.Their details are provided below [1-9, 25-27].
2.1.Security and Surveillance System.The security and surveillance system can be deployed in different locations like in a city to monitor activities of thieves or in the border areas to monitor the activities of enemies.The security and surveillance system is equipped with smart sensors, drones, infrared camera, and CCTVs.These devices are connected to some central server, i.e., cloud server for their data processing, storage, and analysis.However, such kind of arrangement of data storage and analysis is not fully secure.Therefore, it is better to maintain it in the form of blockchain over the peer-to-peer to cloud server network.Whole data can be stored in the form of encrypted transactions.The authorized users of the system can also access data of the system after completing the steps of essential user authentication process.In such system, the AI component is helpful to predict about some threats, like chances of infiltration activities.
2.2.Smart Home.It is the convenient setup for a home in which smart appliances (i.e., smart air conditioner, refrigerator, television, and coffee maker) are deployed.These smart appliances can be automatically controlled remotely at anytime from anywhere through the Internet using the smartphone applications.The deployed devices of smart home are interconnected via Internet that allows its user to control functions, like the security access to the home, increasing/ decreasing of temperature, and lighting on/off.These devices are connected to some central server, i.e., cloud server for their data processing, storage, and analysis.Again, it is better to maintain the data of smart home in the form of blockchain over the peer-to-peer to cloud server network.In such an arrangement, AI can improve the overall performance of the system and serve the users in a better way, for example, making coffee as per the taste of the users on the basis of feedback received in the past [5,28,29].

Intelligent Transportation
7 Wireless Communications and Mobile Computing traffic congestion along with the management of different incidents as per the situation, like road side condition and occurrence of accidents.From this discussion, it is clear that for safety and security of data of the ITS, we need important mechanism, like the blockchain, which can be deployed there to achieve the desired needs of information security.Moreover, the AI component is helpful to predict about some threats, like chances of road accidents, traffic congestion in a street, and available best routes.For the ITS system, it is better to deploy a consortium kind of blockchain as it fulfils most of the requirements of the system [30,31].
2.4.Smart Farming.Smart farming refers to the management of crop farms through some tools and technologies, for example, smart IoT devices, robotics, drones, and AI.This further helps to increase the quantity and quality of crops along with the minimum use of human labour required.For the security of data of the smart farming system, it is better to use blockchain technology.Furthermore, AI component is helpful to predict about different phenomena, like use of fertilizer as per the soil condition, weather condition, and expectancy of crops quantity for a particular session [32,33].
2.5.Secure and Safe Healthcare Monitoring.Smart healthcare is enabled with Internet of Medical Things (IoMT), which is an amalgamation of smart healthcare devices and applications.These devices are connected to the healthcare information technology systems through some networking technologies.The advantage of this system is that it can reduce unnecessary hospital visits and the burden on healthcare systems by facilitating the communication among the patients and their physicians.However, in such a system the sensitive healthcare data transferred through the open channel, where this can be attached by various types of adversaries.Hence, it is better to deploy blockchain mechanism there for the secure processing and storage of sensitive healthcare data.Here, AI can also play an important role in the prediction of different health-related phenomena, like chances of getting heart attack, diabetic shocks, and effective role of a medicine for a specific disease [23,34,35].
2.6.Industrial Automation and Control.It uses smart sensors and actuators to enhance manufacturing, industrial, and control jobs.It is facilitated by the Industrial Internet of Things (IIoT).It uses the functions of smart devices and real-time analytics to take advantage of the data, which is produced by the industrial machinery.The smart machines are not only better than humans in the capturing and analysis of data in the real time but also good in communication of essential information, which is required to execute the faster business decisions in the accurate way.This communication environment also deals with the sensitive data, which should be protected against any kind of information security-related attacks.Therefore, if we envision blockchain mechanism there, then, data can be processed in a safe and secure manner.Moreover, the decentralized nature of blockchain can also be helpful to protect against the system failure-related problems.In industrial automation and con-trol, AI can also play an important role in the prediction of different related phenomena, like the health condition of deployed tools and machinery [36].

Smart Cities.
A smart city is a municipality, which uses Information and Communications Technology (ICT) to increase operational efficiency, share information with the public, and provide a better quality of government service and citizen welfare.It optimizes the various executing functions in a city and also promotes economic growth.It improves the quality of life of its citizens through the use of various deployed smart IoT sensors, related tools and technologies, and the data analysis process.Inside the smart city, the data can be collected from various sources like citizens, devices, buildings, and assets.This data is further processed and analysed to monitor and manage traffic problem, power plants, utilities, water supply, wastage management, crime detection and prevention, healthcare, and other community services.Blockchain and AI both can play an important role in the reliable and secure functioning of a smart city activity.If we deploy blockchain mechanism there, then, data can be processed in the secure way.Again, the decentralized nature of blockchain can also be helpful to protect against the system failure-related problems, which are very common when we talk about the broader domain, i.e., a smart city.Moreover, AI can also play an important role in data analysis process, which is one of the essential requirements of a smart city.
2.8.eCommerce.Blockchain-envisioned AIoT in eCommerce sector helps the businesses for the advanced product positioning, optimization of relationship with vendors, automation of billing and invoice, and generation of real-time insights on shipment deliveries.However, the data storage and analysis of this communication environment are not secure.Therefore, it is better to maintain it in the form of blockchain over the peer-to-peer to cloud server network, where the entire data can be stored in the form of encrypted transactions inside the various blocks and then all these blocks are chained together through a hash chain.This type of arrangement can protect the data and associated process against the various types of information security-related attacks.
2.9.Logistics Operations and Control.AIoT can optimize the supply chains and also do the management of inventories.The smart IoT sensors and related devices can detect when an item would go out of stock and autonomously reload the products per the need.It also facilitates the commercial fleets and delivery modules for their safety and smooth executions.In the logistics operations and control, there is requirement of communication among the various users and devices, and these entities communicate over the public channel.However, this public channel is vulnerable to various types of information security-related attacks.Thus, the data storage and analysis of this communication environment are insecure.Henceforth, it is better to maintain it in the form of blockchain, which can protect the data and associated process against the various types of attacks.

8
Wireless Communications and Mobile Computing The various applications of blockchain-envisioned artificial intelligence of things are also depicted in Figure 7.

Issues and Challenges of Blockchain-Envisioned Secure Authentication Framework for AIoT
The blockchain-envisioned secure authentication framework for AIoT can be deployed for various applications as discussed earlier.However, at the same time, it also suffers from various types of issues and challenges.Some of the potential issues and challenges are discussed below [23].
3.1.Scalability.The management of increasing number of users and IoT devices is always challenging.The blockchainenvisioned secure authentication framework for AIoT uses various types of complex algorithms, which are related to blockchain's consensus, AI-based analysis, and IoT communication.In case of the increasing number of people and devices, the average transactions have also increased correspondingly.
It severely hit the processing speed of the transactions as a higher number of users and devices need more computing and storage devices.It causes the creation of an overall cumbersome system.Therefore, scalability is a challenging problem in this particular environment.

Information Security Issues.
In most of the cases, IoT devices operate with low-quality software, which are susceptible to different kinds of vulnerabilities.The smart IoT devices are vulnerable due to malware injection, software exploits, weak cryptographic usage and failure of authentication, and access control schemes.A blockchain-envisioned secure authentication framework for AIoT is also vulnerable to various types of information security-related attacks, i.e., "replay," "man-in-the-middle (MiTM)," "impersonation," "credential leakage," "illegal session key computation," "data modification," "data disclosure."Another issue is with the mechanism of blockchain, as blockchain lacks in the set of regulatory oversight, which makes it a volatile environment and an easy target for market manipulation.No matter how robust the mechanism you deploy, there is always a chance that it will be hacked or it may be blocked by the government agencies due to some umbrageous practices [37,38].

Overall Complexity of the System.
In the blockchainenvisioned secure authentication framework for AIoT, the smart IoT devices need rich and well-equipped hardware, software, and data storage capabilities.Therefore, its adoption usually requires sufficient investments of money for which every organization is not ready.Other than that, IoT devices have limited computational power and are incompatible with robust protection technique by their design.
To mitigate these flaws and safeguard the network from malware injections and other hacking attempts, IoT adopters require to deploy multilayered security controls.The included blockchain mechanism again introduces the complexities in the system due to its inherit properties.Before going for the deployment of blockchain, it is recommended to go through the principles of encryption and distributed ledger.Furthermore, various AI algorithms especially the deep learning also overloaded the system in terms of communication cost, computation cost, and storage cost.Thus, complexity is another important issue in a blockchain-   Wireless Communications and Mobile Computing envisioned secure authentication framework for AIoT, which needs to be handled carefully.

Privacy.
Blockchain is an essential component of the blockchain-envisioned secure authentication framework for AIoT.It is an open ledger and visible to all parties.It is the essential requirement in some of the cases.However, in some of the cases, it becomes a liability if it is deployed for a sensitive environment, i.e., healthcare.Therefore, the ledger requires to be remodeled in such a way that it provides access only to the authorized people, not to everyone.However, such kind of issues can be sorted out by making use of different categories of blockchain; for example, private blockchain can be preferred in case we need more privacy.Furthermore, to achieve the desired goals of privacy, IoT devices must exchange data through the Internet in a secure way, so that Internet attackers do not get any chance to exploit it.Therefore, IoT devices should have to exchange their data through the best encryption algorithms, i.e., AES, RSA, and ECC, to avoid the data leakage [39][40][41].
3.5.Cost Factor.In the blockchain-envisioned secure authentication framework for AIoT, there is a requirement to deploy blockchain.In most of the cases, blockchain is implemented for the elimination expenses related to the third parties and intermediaries, which facilitate the process of transferring the assets (i.e., health-related data in a healthcare system).Blockchain is in the riser stages, which makes it difficult to integrate into the legacy systems.Due to such reasons, it becomes expensive and further prevents its adoption in the government and other private organizations.Furthermore, it is difficult for the financial institutions (i.e., banks) to adopt the blockchain for the secure payment gateways as it incurs extra costs to the system [23].
3.6.Requirement of Highly Skilled Man Power.The blockchain-envisioned secure authentication framework for AIoT requires highly skilled man power for the implementation, maintenance, and support purpose.This man power should have knowledge of AI, IoT, and blockchain technologies at the same time.Therefore, rigorous training is required to work in this particular domain.Moreover, such type of courses should also be taught to the students, who are doing their degrees in various universities.

Problem of Biasing.
Since the blockchain-envisioned secure authentication framework for AIoT is enabled with AI, then, there may be some chances of biasing.It is a general problem with the AI systems; they are only as good or as bad as they have trained.For example, there are some techniques, which are used for the determination of who has been called for an interview and whose loan has been sanctioned.If we have bias in the algorithms, then, we make vital decisions, which are also unrecognized.This may further lead to unethical and unfair consequences; i.e., the system has predicted that this particular fellow has a chance of getting massive heart attack; however, that person is completely fit and fine.Therefore, in such systems, everything depends on their training procedure and the available dataset.Hence, we should rectify these issues as much as possible.The developer should always try for the improvement of accuracy and correctness of the system.

Computing Power.
The blockchain-envisioned secure authentication framework for AIoT is enabled with three important components, i.e., AI, IoT, and blockchain.This system uses various types of complicated and resource hungry algorithms, i.e., consensus algorithms and deep learning algorithms, which may trouble the organization working on such projects.For the smooth functioning of such systems, we need a lot of computation power and storage capacity as it generates data in the massive amount.Therefore, we need to deploy resource-rich devices, which may be very costly for some organizations having budget constraints.
3.9.Legal Issues.The blockchain-envisioned secure authentication framework for AIoT may face some legal issues.Countries have different laws for security and privacy of data.Even in some countries, blockchain in the initial phase of setup and different government agencies are working on the law formation for the blockchain, for example, which is allowed and which is prohibited.Therefore, some strong and uniform laws should be there.Moreover, such system deals with the sensitive data which may be in the violation of state/federal laws.Therefore, an organization should have to be careful of any perceived impact, which may put negative impact on the reputation of the organization.
3.10.Issues with Accepting the Technologies.The blockchainenvisioned secure authentication framework for AIoT is enabled with three important components, i.e., AI, IoT, and blockchain.Therefore, some of the early adopters may have their first experiences be negative or there are chances that investors do not want to fund such projects.However, such kind of issues can be resolved with the passing of time.Slowly, people will understand the usefulness of these technologies and start accepting them.
3.11.Interoperability.The blockchain-envisioned secure authentication framework for AIoT is the amalgamation of tools and technologies, which are related to AI, IoT, and blockchain.This operates through various types of complicated algorithms, i.e., consensus algorithms, deep learning algorithms, and IoT communication algorithms.In such kind of communication environment, there may be the issues related to interoperability of tools, technologies, and devices.Sometimes, it may cause the malfunctioning of deployed smart IoT devices, which can further create serious consequences.Hence, this issue should be handled carefully.

The Proposed Generalized Framework
In this section, we provide the detailed architecture of the proposed generalized framework.We also discuss about the potential adversaries of this communication environment under the "adversary model."Moreover, we provide the details of security analysis, which is mandatory to prove the security of proposed framework against the various potential attacks.A comparison of "security" and "functionality" features of After that, this block is forwarded to the P2PCS network for its mining and addition into the blockchain.When a fraction (like 70%) of miner nodes (i.e., cloud servers) agrees on the addition of the block, it will be added into the blockchain, which is maintained through the distributed ledger technology.The distributed ledger is common and accessible to legitimate miner nodes [21,22].Therefore, the added block will be reflected to miner nodes' ledger.Here, it is important to mention that the entire communication (i.e., communication between smart devices, smart device and gateway node, gateway node and cloud server, cloud server and other cloud servers, and cloud server and user) happens in the secure way through the different established session keys [43].
The different notations, which are used in the paper, are provided in Table 1.The flow of activities of "blockchainenvisioned secure authentication framework for AIoT" is given below.
4.1.1.Registration of Devices and Users.In this phase, various cryptographic parameters and algorithms (i.e., Elliptic Curve Cryptography (ECC) and Advanced Encryption Standard (AES)) are selected to use.Then, the registration of various devices (i.e., smart IoT devices, gateway nodes, cloud servers, and different users) is performed by the trusted registration authority.After the registration of these entities, the registration values are stored in the memory of these devices and also in the smartphone/smart card of the users.These stored values will further help in the login, authentication, and key establishment processes [44].The registration process is then summarised in Algorithm 1.

User Login.
In this phase, the legitimate users try to login into the system through the help for their smartphones/smart cards, as they have some pre-stored registration values.These registration values again facilitate the login process and abort the login process in case of any fake or unauthorized user login.Note that a user can use 2-factor or 3-factor user authentication protocol for the login 11 Wireless Communications and Mobile Computing purpose [45].The user login process is summarised in Algorithm 2.

Authentication and Session Key
Establishment.In this phase, there are executions of the authentication and key establishment procedures among the various entities, like IoT device to other IoT device, IoT device to gateway node, gateway node to cloud server, cloud server to other cloud server, and cloud server to user.After performing the steps of mutual authentications, these entities establish different session keys for their secure communication.During the computation of session keys, it is recommended to use short-term secret values (i.e., different nonce values, freshly generated timestamp values, and long term secret values, i.e., different identities and secret key values).Such type of recommendation is helpful to generate the different session keys for different entities in the different sessions.Moreover, the illegal session key computation attack also becomes difficult for the attackers to launch.Without guessing the correct session keys, the attacker cannot decrypt the exchanged messages.Therefore, the ongoing communication is safe and secure against the various potential attacks [44,45].This phase is summarised in Algorithm 3.

Blockchain Implementation.
In this, blockchain is implemented at the P2PCS network.When a gateway node receives data from the connected IoT devices, it converts this into a partial block, where a partial block contains fields, like the owner of the block (i.e., gateway node), public key of the owner, and encrypted transactions, which are encrypted through the public key of the owner.Here, it is important to mention that the gateway node creates the encrypted transactions from the data that it receives from the connected IoT devices in the secure manner.After that, gateway node sends this partial block to the connected cloud server (over the P2PCS network) in the secure way.The cloud server creates the full block from the partial block by adding other fields (i.e., version of the block, timestamp value, hash of previous block, hash of current block, Merkle tree root value (from all transactions), and signature of current block (i.e., through Elliptic Curve Digital Signature Algorithm (ECDSA)) [46]), into it.After that, the block is forwarded to the P2PCS network for the consensus process.The consensus process can be executed through algorithms, like ripple protocol consensus algorithm (RPCA) and practical byzantine fault tolerance consensus (PBFT).In the consensus process, an elected leader (cloud server) executes the steps of consensus (mining), in which it decides for a puzzle and then sends encrypted puzzle and the block to the other legitimate cloud servers.Each cloud server tries solving the puzzle and then submits their responses to the leader.In case, when a fraction of cloud servers (say, 70%) commit on the addition of the block, the block will be then added into the blockchain.Blockchain is maintained through the distributed ledger, which is shared and accessible to all legitimate cloud servers.Therefore, the newly added block is reflected to all the legitimate cloud servers [23,42].This phase is summarised in Algorithm 4.
4.1.5.AI-Based Data Analysis.In this phase, data analysis is performed on the received data from the IoT smart devices.As we know, IoT devices generate enormous amount of data, which is in various forms.The data can be considered the Big data, and the similar big data analytics algorithms are applicable here for the data analysis purpose.This phase is a very important to draw some useful conclusion from the received, processed, and stored IoT data.For example, various types of prediction can be made (i.e., chances of road side accident in a particular street of a city, prediction of harsh weather conditions, prediction of crop diseases, and prediction of critical health issues (i.e.., massive heart attack, diabetic shock, and cancer)).AI-based data analytics is conducted at the P2PCS network as cloud servers are resource-rich devices and can be further helpful for the smooth execution of various AI techniques (i.e., deep learning algorithms) [47].This phase is summarised in Algorithm 5.
4.1.6.Secure Data Delivery to Authorized Users.This phase is responsible to provide the data to the authorized users of "blockchain-envisioned secure authentication framework for AIoT."The entire transfer of data happens in the secure way through the established session keys.However, each legitimate user has to first execute the required steps of remote user authentication mechanisms (may be 2-factor or 3-factor user authentication) to get entry into the system.There are two possibilities: (1) the user can get the live data directly from the smart IoT device, and (2) the user can get the data stored over the P2PCS network.However, in the second case, the corresponding gateway node decrypts the encrypted transactions' data and then provides it to the genuine authorized users [48].This phase is summarised in Algorithm 6.

Adversary Model.
It is very important to highlight the potential adversaries (attackers/threats) of a communication environment.In the designing of "blockchain-envisioned secure authentication framework for AIoT", we have followed two important threat models.First one is the Dolev-Yao (DY) model; in this model, it is assumed that the communication channel is open and insecure and the existing adversaries can modify, delete, drop, and delay the exchanged messages [49].Moreover, an adversary A can physically capture some of deployed IoT devices and then can extract the sensitive information (i.e., identity information and secret keys) from their memory with the application of sophisticated power analysis attack [50].A can also deploy his/her fake devices in the network, which can further launch other attacks (i.e., routing attacks) to interrupt the ongoing communication.Again, A can also introduce various malware attacks on the ongoing communication.Further, the smartcards/smartphones of the legitimate users can also be stolen by A physically; then, A can extract the sensitive information (i.e., identity information and secret ELSE E i aborts the process ELSE E i aborts the process end Algorithm 3: Authentication and session key establishment phase.13 Wireless Communications and Mobile Computing keys) from their memory with the application of sophisticated power analysis attack.This malicious activity further helps A in the guessing of secret credential (i.e., passwords) of the users.Another important model "Canetti and Krawczyk's adversary model (CK-adversary model)" is also considered in the designing of the proposed framework [51].As per the guidelines of the CK-adversary model, A has all features like the DY model along with that he/she can compromise the secret credentials and with the "session keys or the session states" corresponding to the established sessions.Therefore, A also has the ability to compromise the session keys, which are established among the different entities of the network.It is also assumed that gateway nodes are kept in physical security under some locking system to prevent their physical stealing.Thereafter, the secret parameters are not available to A to launch further attacks, like impersonation, MITM, and illegal session key computation.

Security Analysis of the Proposed Framework
In this section, we provide the details of the conducted security analysis of the proposed framework.The proposed framework is able to protect against the following types of potential attacks.

Prevention of Replay Attack.
In the proposed framework, we consider the use of freshly generated timestamp values in all exchanged messages, which are also verified at the recipient's end when messages reach there.If verification happens successfully, then messages are treated as fresh.Otherwise, it is considered as the replayed messages.In this way, the proposed framework prevents the replay attack.

Prevention of Man-
In-The-Middle (MiTM) and Impersonation Attacks.In the proposed framework, we consider the use of freshly generated timestamp values, random secret values, and secret keys in the different computed and transmitted messages.Due to such kind of arrangement, only the legitimate entity can produce the original message as he/she has the information of secret values.Hence, A does not have the ability to calculate the messages on behalf of the legitimate entities of the network.A is not able to update the content of the exchanged message without knowing the secret values.In this way, the proposed framework is able to prevent both MiTM and impersonation attacks.

Prevention of Ephemeral Secret Leakage (ESL) Attacks.
The proposed framework assumes that session keys should be calculated using short-term secrets (such as timestamps and random nonce) and long-term secrets (such as secret keys and multiple identities).For each session, a new session key is computed and established by the communicating entities.An A does not have ability to calculate the correct value of session key without knowing long-term secrets and shortterm secrets.Hence, the proposed framework is able to In the proposed framework, we do not store any secret information in plain text in the memory of the IoT device.Furthermore, an A physically gets hold of an IoT device and tries to retrieve secret information (i.e., session key) from its memory using an advanced power analysis attack [50].At that point, that type of malicious venture would not be useful to A as it could expose the session key of that specific IoT device and not the session key of other IoT devices.This happens in light of the fact that each IoT device has different identities and secret key values.As a result, obtaining this specific session key will not be useful to obtain the session keys of other IoT devices.Thus, the ongoing communication between other IoT devices is still safe and secure.Thereafter, the proposed framework is resilient against physical IoT device capture attack.
5.6.Protection against Stolen Verifier Attack.In the proposed framework, we store all the parameters in a secure area of the database of the cloud servers.It is also assumed that gateway nodes are kept in physical security under some locking system to prevent their physical stealing.Thereafter, the secret parameters are not available to A to launch further attacks, like impersonation, MITM, session key computation, and so forth.Hence, the proposed framework is able to prevent the stolen verifier attack [52].

Prevention of 51% Attack and Selfish
Mining.There are possibilities of some attacks on the blockchain-based system, for example, 51% attack and selfish mining.These attacks may happen when A has high "hashing power" [53].In particular, the 51% attack demands A needs to possess more than half of the hashing power.Typically, the 51% attack is mounted in opposition to "cryptocurrencies," where A performs malicious activities like the double spending.On the other hand, selfish mining in the blockchain context is another well-known vulnerability used by miners to steal block rewards.Recently, it is identified that the consensus algorithm "Proof-of-Work (PoW)" is vulnerable to 51% attack, which is not used in the proposed framework.Hence, the proposed framework is secured against the 51% attack and selfish mining attack.×: "a framework is insecure against that particular attack or does not support a specific feature"; √: "a framework is secured against that particular attack or supports a specific feature"; NA: "not applicable in a scheme".16 Wireless Communications and Mobile Computing BAN logic, and formal security analysis via Real-or-Random (RoR) model.Hence, some research work is required in this direction [42,43].

Comparative Study
7.2.Efficiency of the Framework.The blockchain-envisioned secure authentication framework for AIoT has important components, like blockchain and AI.These technologies usually run some resource hungry algorithms, i.e., consensus algorithm and deep learning algorithm.These algorithms require lots of computation power, communication cost, and storage capacity.Therefore, it is very difficult to operate such kind of system when we have less number of resources.Hence, these frameworks should be designed in such a way that they require resources in the lesser amount.For example, the selection of algorithms can be done wisely; for example, it is better to use pBFT in place of PoW as it requires less number of resources.It is better to use lightweight cryptographic algorithms in place of other algorithms as they provide the same level of security with less communication, computation, and storage costs.For example, ECC and RSA provide the same level of security; however, ECC requires less costs.Thus, some research work should be done on the designing of efficiency of the frameworks [42,44].
7.3.Interoperability of Tools and Technologies.The blockchain-envisioned secure authentication framework for AIoT is the amalgamation of tools and technologies, which are related to AI, IoT, and blockchain.This operates through various types of complicated algorithms, i.e., consensus algorithms, deep learning algorithms, and IoT communication algorithms.In such kind of communication environment, there may be the issues related to interoperability of tools, technologies, and devices.Sometimes, it may cause the malfunctioning of deployed smart IoT devices, which can further create serious consequences.Therefore, it should be handled carefully.Hence, some research work is also required in this direction [60].
7.4.Handling of Privacy Issues.As we know, blockchain is an essential component; it is implemented through an open ledger (distributed ledger), which is visible to all parties.It is essentially needed in some of the cases (i.e., public blockchain).In some of the cases, it becomes a liability if it is deployed for a sensitive environment, i.e., a system dealing with the healthcare data.This ledger requires to be remodeled in such a way that it provides access only to the authorized users.However, such kind of issues can be sorted out by making the use of different categories of blockchain (for example, private blockchain can be preferred in case when we need more privacy).Again for the achieving of desired goals of privacy, IoT devices must exchange the data through the Internet in a secure way, so that Internet attackers do not get any chance to exploit it.Therefore, IoT devices should have to exchange their data through the best encryption algorithms to avoid the data leakage.Meanwhile, authentication schemes are also needed to achieve the mutual authentication between the communicating entities (i.e., IoT devices, cloud servers, and users).We can deploy some access control mechanism to restrict the access of unautho-rized entities.Hence, everything should be clearly defined to the programmer of the system (i.e., which technique should be used for which purpose).As a result, some research works should be carried out to improve the privacy of the framework [41].
7.5.Improvement of Accuracy of the System.As we know, AI is an integral part of such kind of frameworks; then, there may be some chances of biasing (i.e., wrong value of accuracy).It is very common with the AI-based systems; they are only as good or as bad as they have trained.If we have flaws in the algorithms, then, we make wrong predictions (results).This further may lead to unfair consequences; i.e., the system has predicted that this particular fellow has chance of getting massive heart attack; however, that person is completely fit and fine.Therefore, in such systems, everything depends on their training procedure and the available dataset.Hence, such issues should be rectified.The developer should always try for the improvement of accuracy and correctness of the system.Hence, some research work should be carried out to improve the accuracy of the frameworks [61,62].

Conclusion
AIoT frameworks are very useful and applicable in a variety of applications as discussed earlier.However, AIoT frameworks may have issues related to data security and privacy due to the existence of information security-related attacks.
A blockchain-envisioned secure authentication framework for AIoT is presented in the paper.The given adversary model covers most of the potential threats of such kind of communication environment.Various applications of the proposed framework are also discussed.Moreover, different issues and challenges of the proposed framework are highlighted.Furthermore, we provide some future research directions of the proposed framework, which should be addressed in the future.

Figure 1 :
Figure 1: Different categories of machine learning along with algorithms.

Figure 2 :
Figure 2: Trends of number of connected IoT devices.

6
envisioned artificial intelligence of things

10 Wireless
Communications and Mobile Computingproposed framework with the other closely related security mechanisms is also provided[23,[42][43][44].4.1.Architecture for Proposed Framework.The architecture of the proposed framework is given in Figure8.This architecture contains different types of smart IoT devices, like smart home appliances, smart healthcare devices, smart vehicles, drones, industrial monitoring, and control equipment.It also contains various types of users (i.e., doctors, smart home's residence, traffic control's authority, and industrial plant's authority), who are interested in accessing the data of this system.All these users and smart IoT devices are located at the end layer.In the middle, we have gateway node devices, which receive the data from the smart IoT devices and convert it into partial blocks and then forward them to the connected cloud server.Cloud server is the part of peer-to-peer cloud server (P2PCS) network.Once a cloud server receives a partial block, it converts it into a full block.
Deep learning is another category of ML algorithms, which are inspired by the structure and function of the human brain.They are based on artificial neural networks and representation learning.They are con-cerned with building much larger and more complex neural networks.Deep learning algorithms are concerned with very large datasets of labelled analog data, i.e., image, text, audio, and video.Some of the popular deep learning algorithms are Generative Adversarial Network (GAN), Convolutional Neural Network (CNN), Recurrent Neural Networks (RNNs), and Long Short-Term Memory Networks (LSTMs).

Table 1 :
Notations used in the paper.Logged in U i for U i where i = 1,2 ⋯ num U do U i inputs his/her identity & password U i inserts his/her smart card U i provides his/her biometric data System checks the genuine of U i a Full block of an entity a Result: Deployed registered E i for Entity (i.e., device) E i ∀i = 1,2 ⋯ num E do TA generates credentials TA stores generated credentials in E i 's memory E i is then deployed end Algorithm 1: Registration phase.Result: Session key between E i and E j for Entity E i and entity E j do E i generates fresh timestamp TS E i & random secret RS E i E i computes authentication request message MSG ARQ through TS E i & RS E i E i sends MSG ARQ to E j E j verifies timeliness of received TS E i IF verification of TS E i happens successfully E j computes RS E i from received MSG ARQ E j Checks genuineness of MSG ARQ IF MSG ARQ is valid E j generates fresh timestamp TS E j and random secret RS E j E j generates session key SK E j ,E i through TS E i , TS E j , RS E i , RS E j and other secrets E j computes authentication response message MSG ARS through SK E j ,E i , TS E j & RS E j E j sends MSG ARS to E i ELSE E j aborts the process ELSE E j aborts the process E i verifies timeliness of received TS E j IF verification of TS E j happens successfully E i computes RS E j from received MSG ARS E i computes session key SK E i ,E j Result: Implemented blockchain BC over P2PCS network for GW k and CS l do GW k computes PB GW k = fOB GW k , Pub GW k , E Pub GW k ðT x n t Þ g GW k generates fresh timestamp TS GW k GW k sends fPB GW k , TS GW k g to CS l through SK GW k ,CS l securely CS l verifies the timeliness of received TS GW k IF verification of TS GW k happens successfully CS l creates full block as FB CS l = fBVer, PBHash, MR, TS CS l , OB GW k , Pub GW k , E Pub GW k ðT x n t Þ , CBHash, BSigng CS l forwards FB CS l to P2PCS network ELSE CS l discards PB GW k A leader LD is elected at P2PCS network LD calls the steps of consensus algorithm LD decides a puzzle PZZ LD encrypts PZZ with the public key of miner node (cloud server CS m ) where it has to be sent as E Pub CS m ðPZZÞ LD sends fE Pub CS m ðPZZÞ, FB CS l g to CS m CS m solves E Pub CS m ðPZZÞ & submit response to LD IF a fraction of miner nodes commit (i.e., 70%) addition of FB CS l FB CS l is added in BC ELSE LD calls the another consensus process end Algorithm 4: Blockchain implementation phase.
Secure data delivery to authorized users for U i and CS l do U i logged into the system using the steps of Algorithm 2 U i and CS l establish SK U i ,CS l using the steps of Algorithm 3 CS l provides data to U i through SK U i ,CS l securely end Algorithm 6: AI-based data analysis.