A permissioned blockchain framework for decentralised trust, secure communication, and auditability in resource-constrained IoT networks

Abstract

The rapid proliferation of Internet of Things (IoT) devices intensifies longstanding security challenges in resource-constrained communication networks, where conventional centralised architectures introduce single points of failure, limited scalability, and inadequate auditability. This paper proposes a permissioned blockchain-enabled secure communication framework that integrates smart-contract-driven authentication and authorisation with lightweight cryptographic mechanisms to enable decentralised trust, data integrity, and fine-grained access control across heterogeneous IoT environments. The framework defines an end-to-end secure communication workflow encompassing device registration, authentication, authorisation, encrypted data transmission, and immutable audit logging. Analytical evaluation demonstrates low communication and computational overhead, linear scalability with network size, and resistance to common attack vectors including unauthorised access, replay attacks, and man-in-the-middle threats. Comparative analysis against existing blockchain-based IoT security frameworks highlights the proposed solution's advantages in decentralisation, auditability, and suitability for devices with constrained resources. Although experimental validation remains a direction for future work, the framework provides a rigorous conceptual and analytical foundation for next-generation IoT communication architectures applicable to smart cities, industrial automation, and healthcare monitoring.