A Systematic Review of Blockchain-Based Privacy-Preserving

Reputation Systems for IoT Applications

HAITHAM MAHMOUD, JUNAID ARSHAD, and ADEL ANEIBA, Birmingham City University,
Birmingham, UK

With the growing popularity of the Internet of Things (IoT), billions of devices are anticipated to be deployed in various
industries without establishing trust between them. In environments without pre-established trust, reputation systems provide
an effective method of assessing the trustworthiness of IoT devices. There has been considerable literature on deploying
reputation systems in industries that have not yet established trust among themselves. Therefore, the article reviews published
studies on reputation systems for IoT applications to date, focusing on decentralised systems and decentralised systems using
blockchain technology. These studies are evaluated regarding security (including integrity and privacy) and non-security
requirements to highlight open research challenges. In alignment with this, an analysis and summary of the existing review
studies on reputation systems for particular IoT applications are presented, demonstrating the need for a review article to
consider all IoT applications and those that have not been explored. The IoT applications and sub-applications are described,
and their problem statement, literature to date and research gap are comprehensively evaluated. Finally, the open research
challenges concerning reputation systems are reviewed and addressed to provide the researcher with a road map of potential
research directions.

CCS Concepts: • Security and privacy;

Additional Key Words and Phrases: Reputation systems, IoT, blockchain technology, privacy-preserving, decentralised
reputation

ACM Reference format:

Haitham Mahmoud, Junaid Arshad, and Adel Aneiba. 2024. A Systematic Review of Blockchain-Based Privacy-Preserving
Reputation Systems for IoT Applications. Distrib. Ledger Technol. 3, 4, Article 31 (December 2024), 40 pages.
https://doi.org/10.1145/3674156

1 Introduction
The Internet of Things (IoT) is transforming the future and will impact many aspects of our lives [73]. Still,
severe concerns must be solved before it can be fully implemented, and it has yet to realise its full potential.
Security and privacy are among the issues in the literature for connected IoT systems. The internet today connects
billions of nodes, but their function is constrained by centralised infrastructure and vendor incompatibility. In
2020, around 26 billion devices were connected to the internet [96], with this number predicted to rise to 75.4
billion by 2025 [79]. The economy will experience an annual impact of $3.9 trillion to $11.1 trillion by 2025,
Authors’ Contact Information: Haitham Mahmoud (corresponding author), Birmingham City University, Birmingham, UK; e-mail:
[email protected]; Junaid Arshad, Birmingham City University, Birmingham, UK; e-mail: [email protected]; Adel
Aneiba, Birmingham City University, Birmingham, UK; e-mail: [email protected].
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that
copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page.
Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy
otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from
[email protected].
© 2024 Copyright held by the owner/author(s). Publication rights licensed to ACM.
ACM 2769-6480/2024/12-ART31
https://doi.org/10.1145/3674156

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:2 • H. Mahmoud et al.

representing 11% of global Gross domestic product at its peak [69]. Since IoT devices are becoming increasingly
connected, establishing trust and reputation has become more important to distinguish any misbehaviour on
the part of the service provider. IoT is expected to have a significant economic impact but is incompatible with
existing models. Because many network peers (or devices) can be fraudulent, trusting service providers and online
merchants are crucial to industries’ success. Trusting the interacting nodes is, therefore, of utmost importance.
There are two different concepts of trustworthiness and reputation. Trustworthiness is determined by the degree
of confidence that a system will function in accordance with a set of criteria despite environmental disruptions,
human error, system failures or cyberattacks [99].
While centralised Trust and Reputation Systems (TRSs) may be appropriate in the current IoT applications,
they are inadequate for future IoT [112]. Since many systems have been revolutionised, they are now utilising
a decentralised network instead of a centralised one. Several advantages can be derived from a decentralised
network, including (a) no need for third parties (central unit) to be involved between the peers, (b) Peer-to-Peer
(P2P) control rather than central control, (c) less susceptibility to hacking as there is no single point of failure
and (d) easier to be integrated with other security measures to provide anonymity.
Nevertheless, the current distributed TRS has several disadvantages, including complexity, attack susceptibility
to other attacks and inefficiency [46]. Several IoT applications and industries have their own payment systems,
such as electricity, gas and water. Because of this, the existing system separates the payment and operational
systems to maintain a secure payment process, which solves a significant challenge. Stronger authentication
techniques with more robust TRS are required [87]. These techniques (which require stronger authentication) are
easier to implement, but they might affect the freedom of speech. TRSs may also be implemented into various
services, including payment of services in some industries, validating events, electronic markets, multi-agent
marketplaces, cooperative apps and file sharing [86]. On the one hand, trust can be defined as a belief of the trustee
by the truster regarding some characteristics of the trustee that will be relevant to achieving a goal [44]. On the
other hand, a definition of reputation closely resembles that of trust but moves the concept of belief to a collective
belief of peers. Numerous initiatives and studies have been designed to utilise only the role of reputation systems
in maintaining decentralisation, privacy and security in e-commerce and IoT applications. There is a lack of proper
examination and investigation of these applications. A substantial amount of literature in this field introduced
and utilised blockchain technology to fulfil the mentioned requirements. As the name implies, blockchain is a
distributed digital ledger of transactions shared by the entire network of nodes that are part of it. It is a common
form of Distributed Ledger Technology (DLT). DLT and smart contracts can empower the reputation system
using blockchain technology in IoT applications to promote standardised interfaces, merge payments and rating
systems and confirm events to avoid fraudulent peers. It can provide an interface for communication without
intermediaries and should be able to handle the dataflow of different parties promptly. In addition, incorporating
rating systems, confirming events and facilitating a payment channel make blockchain an essential technology
for most IoT applications.
Upon reviewing the review studies and result-based studies in the literature, it becomes evident that there
is a research gap in reviewing the IoT applications that utilise reputation systems using blockchain that have
been published up to the date of this publication in 2022. Additional concerns are raised regarding these systems’
integrity (i.e., verifiability) and privacy (i.e., anonymity). Many review studies discuss reputation systems without
clearly describing their application. Additionally, studies evaluating IoT device-centric reputation systems have not
examined their proposals regarding security (privacy and integrity). Specifically, the IoT applications capable of
implementing reputation systems are unclear to date; therefore, a description of the IoT applications is necessary.

1.1 Major Contributions

This article looks at reputation systems for IoT applications using device-centric methods, focusing on both
security and non-security aspects. These systems can gain from the benefits of adopting TRS with their applications.

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications • 31:3

It reviews the literature on these applications and identifies research gaps in this area. The review of existing
studies on reputation systems shows that about half of them use blockchain technology. Only three of these
studies address privacy and integrity requirements, such as anonymity, reputation transfer and verifiability. This
highlights the need for reputation systems in IoT applications to enhance privacy and integrity. Many applications
have been exploring privacy-preserving systems based on reputation without considering security requirements,
motivating us to examine the proposed reputation systems (both implemented and conceptual) in IoT applications.
The contributions of this article can be summarised as follows:
— An extensive literature review was conducted in four phases to identify relevant studies on reputation
systems for IoT applications. The review focused on academic articles and refined the selection to exclude
non-English literature, repetitive studies and those using blockchain systems for IoT without considering
reputation. Existing review studies were also reviewed and discussed to highlight the need for this article.
— A comprehensive review of 45 fine-grained studies using device-centric reputation systems for IoT applica-
tions. Analysing and evaluating these studies is conducted by suggested criteria, including security (i.e., data
integrity and system privacy) and non-security requirements. The results of this evaluation were examined
to identify research gaps.
— These studies contributed to the construction of analyses of each IoT application that can use the reputation
system, in addition to considering additional applications that have not yet been realised in the literature.
The comprehensive focus on each IoT application includes a problem statement, literature to date and the
research gaps and their significance.
— Based upon an analysis of the research gaps for the IoT applications and a review of the survey studies, open
research challenges are formulated. Additionally, it considered other open challenges in the literature that
are not focused on devices-centric. The open research challenges provide a road map for other researchers
to consider.
The rest of the article is organised as follows: Section 2 discusses the evolution of reputation systems for IoT
applications by introducing the various types of reputation systems, such as centralised, decentralised systems
and decentralised using blockchain, user-centric, data-centric, device-centric and context-centric components, as
well as a review of existing studies. Section 3 proposes the analysis criteria for privacy-preserving reputation
systems for IoT applications with an emphasis on security and non-security requirements as well as presents the
survey methodology of this study. Section 4 evaluates and discusses the privacy-preserving reputation system and
each application and its sub-application by describing its problem statement, the literature to date and research
gaps. Section 4 highlights and addresses the open research challenges in reputation systems. Section 5 addresses
and highlights the research direction as a road map for other researchers to consider. Section 6 concludes the
work.

2 Reputation Systems for IoT Applications

This section aims to provide a background of the reputation system, its core components and types, and information
regarding related works. A mind-mapping of all functions discussed is presented for the reputation systems for
IoT applications as shown in Figure 1.

2.1 Reputation System Components

A reputation system is initially considered in e-commerce and online marketplaces, such as Amazon, eBay, and
so on. Online reputation systems are composed of consumers, retailers and online marketplaces. In general, the
reputation system offers the following advantages: (1) elimination of negative publicity, (2) enhancement of
profits and (3) development of customer credibility. Currently, reputation systems have two disadvantages: (1)
they are very costly and (2) they raise privacy concerns. Thus, several security approaches have been utilised to

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:4 • H. Mahmoud et al.

Fig. 1. Mind-mapping for the discussed reputation system.

Fig. 2. Basic online reputation system.

improve the existing reputation system by addressing privacy concerns, such as blockchains and anonymisation.
An online marketplace is a common example that can highlight the importance of such a system (see Figure 2).
Similarly, other IoT applications are being integrated into the reputation system to validate events, facilitate
payments and maintain trusted devices for sensing use. This case has three general elements: service requests,
validators and a management system. In the context of a particular application, these elements make sense. For
example, in the mobile crowd-sensing system, the information requester asks for data through the management
system, which network peers then validate. There are many advantages associated with these systems that can be
discussed application by application. As previously mentioned, although the process is more expensive than the
traditional method, it has many advantages and benefits, such as increases in profits, reputation, privacy and data
integrity.
Systems based on reputation grow when raters and ratees can maintain the integrity of their relationship.
Raters should be confident that the reputation and feedback a ratee has obtained relates directly to what is being
offered [19]. The same approach can be applied to the IoT-based applications. The vehicle participating in the
road alert message service should be confident that the feedback provided is within the system requirements.

2.2 Types of Reputation Systems

In the literature, various reputation systems have been proposed based on a decentralised or a centralised
architecture. Reputation management systems with centralised control, e.g., eBay rely on centrally administered
information while decentralised systems distribute information management among all participants, such as

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications • 31:5

Amazon [88]. Additionally, blockchain technologies are proposed in the literature as a means to empower those
with decentralised architectures and maintain secure communication in a trustless environment.
Blockchain technology has revolutionised the reputation system, opening the door for more applications
than just e-commerce because of the transparency of the feedback process by the decentralisation nature.
The applications include verification of events, validation of data transmission, and facilitation of trading and
payment for services. These applications are extensively investigated in the literature, so this article highlights
their importance, needs, progress to date, and the research gap. The following is a discussion of three types of
reputation systems: centralised, decentralised and decentralised, using blockchain technology.
2.2.1 Centralised Reputation System. It has been common for internet companies to employ centralised online
reputation management systems since the end of the 20th century. As a result of these systems, people are
asked to provide their opinions on products, transactions and events, which are then gathered and published
through internet technologies. These reputation systems aim to provide trust between the different network peers.
The device/person who receives a reputation rating must trust that the system will not disclose their private
information or bias the reputation score. To accomplish this, a central node is utilised to initiate and collect
reputation scores from raters. The central point must be fair, secure and not disclose personal information.
Centralised marketplaces are intended to ensure fairness in trade, facilitate more business and speed up the
process of buying and selling. There have been concerns raised later on about the central point because it can
exert a controlling influence over the marketplace, especially for large businesses, such as Amazon and eBay. As
another example of centralised reputation, the New York Stock Exchange has a centralised market in which orders
are routed to the exchange for matching with offsets. As technology advances, centralised marketplaces cannot
meet users’ needs. There are a number of problems associated with centralised marketplaces of applications,
including censorship, high commissions, and a lack of transparency. As a result, the exploration and development
of decentralised solutions have been considered to address the above-mentioned issues.
2.2.2 Decentralised Reputation System. With the advancement of computer technology, decentralised markets
are growing in opposition to the centralised market model, enabling people to participate in online commerce
without the benefits of a centralised market. Rather than visiting a website that provides a central point of contact
for buyers and sellers, decentralised markets connect buyers and sellers directly. This type of decentralised market
is achieved through the use of P2P trading and the usage of digital cryptocurrencies.
As decentralised reputation systems have advanced, several other applications, particularly IoT-related ones,
have considered implementing reputation systems. There is a need to make sure that the decentralised peers are
genuine, which is why reputation systems are used in these decentralised applications. Due to a decentralised
network, the reputation system will likely benefit from several advantages, including increased service availability,
no central control, data integrity, and less vulnerability to hacking. Decentralised markets have gained popularity
since the introduction of blockchain technology, but they are subject to less regulation and are not governed by
governments. Moreover, decentralisation may negatively affect privacy due to distributing resources to multiple
peers, which could provide malicious peers easier access to user data. Furthermore, relying on peers to provide
services to other nodes may lead to even more adversarial behaviour by various entities who might wish to
disrupt the operation of the system. Hence, blockchain technology has been significantly investigated to address
these issues in this domain, in addition to incorporating other technologies on top of it to maintain privacy and
security.
2.2.3 Decentralised Reputation System Using Blockchain. It has been noted that blockchain technology has
revolutionised the use of decentralised networks for e-commerce systems. As a result, it opens the door for further
applications to take advantage of the reputation system due to its ease of automation, fairness, transparency,
security and privacy. As a result, data can be validated, unique digital identities for all network peers can be
generated, and reputation data can be aggregated across the internet and distributed among the decentralised

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:6 • H. Mahmoud et al.

network peers. Specifically, it allows for the reduction of transaction costs, the enhancement of security, the
empowerment of supply chain management, the management of inventory and the verification of feedback/repu-
tation. Verifying the feedback/reputation can provide a transparent, fair and private feedback process since some
customers may feel reluctant to provide feedback.
Other applications are inspired by the advantages blockchain technology can provide, such as (a) facilitating
decentralised communication and trading, (b) providing the opportunity to add additional security and privacy
techniques on top of the blockchain and (c) involving the peers in the verification process. By doing so, they
can ensure a decentralised, transparent and fair system. It is investigated, for instance, how different collusion
mechanisms may be adopted between the different parties in the network and how anonymisation techniques
may be used to maintain peers’ privacy. We also provide a brief overview of the current state of the development
of reputation systems, including whether they are centralised, decentralised, or utilise blockchain technology. It
also discussed how reputation systems have evolved. In response to the shift from centralised to decentralised
reputation systems, the focus of providing reputation has evolved to include user-centred, data-centric and context-
centric approaches. A survey and review of published articles are also discussed to recognise the limitations of
assessing reputation systems based on IoT.

2.2.4 User-Centric Reputation System. The idea behind a user-centric approach is to place the user at the centre
of all their strategies. Customer centricity was once referred to as customer centricity in e-commerce systems. A
system is developed to build a solution for users that identifies their needs and challenges. These systems focus
on improving the user’s experience and ensuring their privacy. In e-commerce applications, this approach has
been applied since most of the focus is on the customers and retailers. In a user-centric reputation system, ratings
are provided by users. User-centric online reputation systems, such as Stack Exchange, eBay, Amazon and Etsy,
are examples of user-centric online reputation systems. Using a user-centric reputation system has two primary
advantages: it maintains relationships with users and enhances the reputation of the product and system. To
maintain relationships with users, it is important not to involve third parties in the feedback process, to protect
users’ information and to prevent collusion between users. As a result, transparency and fairness can be ensured
in the process, which can encourage participants to provide feedback and get involved in the process. Thus,
the system becomes more sustainable and profitable as users become part of the process and trust the quality
of the products. Since this approach focuses solely on the users, it has not been considered by most IoT-based
applications.

2.2.5 Data-Centric Reputation System. A data-centric reputation system is centred around the data instead of
explicit user feedback. Analysis of the data and collaboration processes are the key functions of this approach.
These systems generally do not conceal users’ identities beyond assigning them pseudonyms to protect their
privacy. These systems do not conceal the fact that a user assigns feedback to another user. It should be noted,
however, that the value of any feedback submitted and any other related information is considered private.
Because real-world transactions are not always anonymous, these types of systems are necessary. A physical
exchange of goods sold and purchased through an e-commerce site, for instance, would disclose the real identity
of participants even if anonymity is preserved online. Allowing users to provide honest feedback anonymously is
a practical alternative to retaliation.

2.2.6 Device-Centric Reputation System. The device-centric reputation system represents a progression from
user-centric reputation systems in which individual devices or groups provide feedback. Several applications
related to the IoT have been examined in the literature using this approach. As a result, it is necessary to consider
replacing the users with devices to enable these applications. This approach establishes tailored specifications to
meet the requirements of each IoT application. This technology has been examined in several studies, although it
has not yet developed sufficiently to be implemented in real-life systems. This article emphasises the presentation

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications • 31:7

of potential IoT applications, an examination of the problem statement and literature to date, and a discussion of
research gaps.
2.2.7 Context-Centric Reputation System. An online community of any size is characterised by the interactions
between its members that lead to reputations in various contexts. Users should value the opinions of users
of high repute regarding a particular context when they are interested in the topic. Such an example applies
to a variety of other applications. Reputation related to various contexts needs to be exchanged in several
communities. Each community has a wide variation in how reputation is perceived, calculated and interpreted. In
the research community, a context-centric reputation system has been mentioned as a way to take the context
into consideration reputation systems. Most existing reputation-based systems fail to consider the context of the
given reputation and the general reputation as discussed [12]. It is complex but essential to establishing trust
in a context-aware manner. For example, a physician is trustworthy for treating him but not for handling his
financial affairs. A context can refer to an area of expertise, different tags within a social network or different
action levels. One can rely on a financial analyst for a deal involving one thousand euros but not one million
euros. Therefore, there have been several discussions regarding developing a reputation object containing the
context of each reputation value. Reputation values are calculated differently for each system, as is the perception
of their meaning.
2.2.8 Existing Review Studies for Reputation Systems. Numerous survey and review studies have been published
in the literature regarding reputation systems for either user-centric or data-centric systems. As well as examining
the studies, we consider the number of studies that participated in our review in addition to an elimination
technique of duplicated studies (see Table 1). Moreover, there will be a discussion and description of those review
studies later in this section to extract the limitations of their work. Upon reviewing published surveys and reviews
in the literature, it is apparent that no surveys have been conducted which examine and discuss the existing
reputation systems of device-centric reputation systems for IoT applications. Moreover, the literature does not
address potential IoT applications based on device-centric reputation management. Furthermore, no research gaps
have been identified or addressed for these applications. To provide a road map with open research challenges, the
purpose of this article is to review and list all of these applications and to provide a review of all these applications.
Hassan et al. [43] discussed a privacy-preserving framework for a reputation-based system for users and data
by analysing anonymity-oriented and confidentiality-oriented systems. Privacy and Integrity characteristics
are considered for evaluating the selected literature publications. It demonstrates that blockchain technology
has provided new impetus for researching reputation management systems with privacy preservation. Future
directions are discussed for utilising blockchain technology to its full potential to develop truly trustless systems.
However, this study is very informative, yet the IoT-based applications have not been considered. As an extension
of this work, our article focuses more on IoT-related applications that use a device-centric approach.
Almasoud et al. [11] reviewed the reputation systems developed using smart contracts in the light of five key
characteristics. These requirements are the ability to derive the overall reputation value of service providers,
determine the trust value of a service provider, consider the reputation system as a digital asset and move across
platforms, detect non-compliant behaviour and evaluate the mathematical models and algorithms. The other
security requirements are not considered while evaluating the existing studies included in this systematic literature
review. Rather than reviewing the application, this article examines whether smart contracts and Ethereum
platforms are incorporated into the proposal. Following a review of the literature, it proposed a two-layered
reputation system that includes blockchain and Artificial Intelligence (AI) layers. It intended to make reliable
trust and reputation computations by analysing the reputations of service providers and determining the level of
trust based on various contexts.
Tyagi et al. [101, 102] reviewed the reputation system for Vehicular Ad Hoc Networks (VANETs) in terms
of trustworthiness and reputation to establish a method for identifying unreliable and malicious peers. This study
classifies the trust models in VANET into entity-oriented, data-oriented, and combined trust. VANET provides

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:8 • H. Mahmoud et al.

Table 1. List of Survey and Review Studies Investigating Reputation Systems

Year Reference Number of ApplicationReputation Blockchain Integrity Privacy

Studies Type Requirements Requirements
2024 Dhinakaran 21 Cloud sys- Data N N N
et al. [35] tems
2023 Putrat et al. 15 Generic User/Data Y Y Y
[84]
2022 Hassan et al. 103 (44) Generic User/Data Y Y Y
[43]
2020 Almasoud 30 Generic User Y Y Y
et al. [11]
2020 Tyagi et al. 90 (9) VANET Devices N Y Y
[101][102]
2020 Bellini et al. 26 Generic User Y N N
[21]
2019 Calvaresi 29 Tourism Devices Y N N
et al. [23]
2019 Veh et al. 125 Generic Data N N N
[104]
2019 Mohammadi 206 (59) IoT recom- Devices N N N
et al. [75] mendation
2018 Braga et al. 189 (40) Generic User N N N
[22]
2014 Ling et al. 17 Cognitive Devices N N N
[63] radio net-
works

many possible use cases in this study that can be summarised as trust-based authorisation mechanisms and
monitoring neighbouring behaviour. However, they evaluated VANET-centric applications but did not complete
a full evaluation of the security performance, and other use cases were not examined. Furthermore, this study
addressed several open issues, including (a) collusion detection, (b) coping with peer abuse, (c) speedy performance,
(d) system flexibility, (e) impact of heterogeneity and (f) security concerns.
A clarification of the mentioned open issues is discussed: (a) Most proposed mechanisms have not been trained
to comply with collusion; they are based on unrestricted conditions, making the system inefficient and unreliable.
(b) It should be suggested to devise new mechanisms to deal with peer abuse, such as intrusions, free riders, black
mouths, collusions and selfishness of peers. (c) In terms of performance, all the proposed reputation systems still
require further improvement in speeding up the process. (d) System flexibility can influence trust propagation
and other modules, and the specific relationship between the two has yet to be investigated. (e) A heterogeneous
network can affect the capacity and refuge of network nodes, resulting in a difference in the treatment of the
trust forms. Consequently, this can impact the descriptive pattern to analyse the trust levels of all nodes. (f) A
recipient’s level of trust in the security of the data received is influenced by the data delivery capacity and security
concerns. For example, the information we have received cannot be completely trusted if the sender or its path
appears suspicious. In addition, if the authenticity legalisation system isn’t functioning fully, we must determine
whether to trust the data.

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications • 31:9

In Bellini et al. [21], two taxonomies are presented for distributed trust and reputation management systems
and blockchain-based on 26 scientific studies and business initiatives. This review examined credential-based
trust management systems, r-based trust management systems and social network-based trust management
systems. The 26 studies employing a blockchain-based reputation system are assessed based on eight indicators,
summarised as follows: openness, access management, business logic, reputation data, ledger distribution, gas
fees, tokenisation, consensus protocol and platform used. Nevertheless, Bellini et al. [21] examined some security
parameters, such as access management, but the primary focus was on the use of blockchain, and other important
security aspects were not examined. The applications considered in the review are domain name systems, services,
P2P, e-commerce, education, crowd-sensing, IoT/sensor networks/edge computing, VANET, robotic, autonomous
systems and generic multi-agent. Additionally, these applications do not adequately justify how reputation
systems based on the blockchain can be integrated and impact those applications.
Calvaresi et al. [23] presented a blockchain systematic review of blockchain studies for tourism purposes. There
were applications in numerous domains, but they still served tourism. These included E-residency for identity
management, a Management system of electronic health records for medical systems, a loyalty program using
credit card points for travel loyalty programs, an e-commerce system, sharing app, collaborative housing online
platform, online taxi-hailing platform and home or room sharing for sharing economy, as well as flight planning,
a customer loyalty program with airline and hotel points, digital ID, tracking hotel guests and transactions in the
hospitality industry for airport/hotel/restraint industries. This article does not address the reputation system or
analyse those studies from a security standpoint.
According to Veh et al. [104], there is a growing interest in corporate reputation systems in the business field,
which motivated them to review corporate reputation in the same field. The definition of corporate reputation
refers to how other individuals perceive the company. Generally, it is built based on how well the services are
provided. The focus was on the service industries, tourism, hospitality, e-commerce and business networks. The
focus was on the consistency between the reputation system and its operationalisation. Neither the implementation
details of the reputation systems nor the security requirements are discussed.
Mohammedi et al. [75] presented an overview of trust-based IoT recommendation systems. Three layers were
discussed: physical, network and application. The advantages and disadvantages of published studies in the
literature at each layer are discussed. According to Mohammadi et al. [75], reputation systems comprise 7% of
published studies between 2016 and 2018. Furthermore, this article highlights open research issues and future
directions to encompass security and trust management, privacy preservation, energy consumption reduction, data
aggregation and others. This article does not focus on the reputation system or examine the security requirements
for IoT recommender systems. A deeper examination of trust techniques for IoT recommendation systems is also
included in future work.
Braga et al. [22] reviewed the studies that considered reputation and trust models in the literature from 2013 to
2016. Several generic IoT applications discussed in this review include e-commerce, supply chains and wireless
communication systems. Citations and impact factors of the published articles are discussed to show the impact
of these published studies. 27% of these studies analysed reputation in their proposals, 25% analysed trust and
48% analysed hybrid models of both. Moreover, the discussed reputation models in the literature are examined.
Their studies are cited, including the accumulated reputation model, normal distribution reputation model within
Medical Device Regulation, negative multinomial reputation, vertical handover decision-making, anti-distributed
voice Spam, ANN-based reputation bootstrapping, flow-based reputation with uncertainly, eigen trust dynamic
evolutionary model in P2P, topic biased user reputation model in rating systems, utility-based reputation model for
grid resource management and others. It explored the theoretical dimension of reputation systems and trust-based
systems in general. The article does not examine decentralised models or security requirements in those studies.
Additionally, blockchain technology has not been employed in this article.
Ling et al. [63] reviewed studies that evaluated TRS for Cognitive Radio Networks (CRNs). TRSs are used in
telecommunications to determine whether nodes can participate in spectrum sensing and whether nodes are not

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:10 • H. Mahmoud et al.

maliciously using under-utilised spectrum. A CRN allows unlicensed users and IoT devices to use the unused or
underutilised spectrum to enhance spectrum utilisation. A framework was formulated in this article that included
the following components: (a) application, (b) attack model, (c) challenges, and (d) characteristics. Application
criteria revolve around whether the application is intended for collaborative spectrum sensing or channel access.
The attack models included several attack types, such as Sybil attacks, data falsification attacks and reputation
value attacks. As part of the challenge, multiple attack scenarios were investigated in the CRN related to detecting
users operating in an underutilised spectrum. A prior understanding of the potential spectrum band and constant
monitoring of the user are two characteristics of the review process. Because this study reviewed the impact of
reputation systems on attack models, security issues were not considered in the review process. In addition, it
addressed the reward-based reputation system as one of the future works of this study.

2.2.9 Research Gaps in Existing Studies. Based upon the review studies in the literature that examine reputation
systems in detail, it is obvious that a research gap exists in examining the studies that have been published up to
date of this publication in 2022 on IoT-based reputation systems. Many review studies deal with all publications
that discuss reputation systems without clearly describing the application. Therefore, we presented and reviewed
recent publications for IoT-based devices. An emphasis is placed on describing, addressing and identifying the
motivation and impact of reputation systems for potential IoT applications. This enables the reader to gain a
better understanding of the research to date through the following aspects: (a) reviewing the applications that
can be empowered by the reputation system, including their motivation and impact; (b) reviewing the published
studies to date; (c) investigating and reviewing security requirement in these studies; and (d) highlighting the
open-research issues for researchers to focus on them.

3 Framework for Analysis of Privacy-Preserving Reputation Systems for IoT Applications

This subsection explains the security and non-security requirements for a device-centric reputation system. Since
most IoT-related systems rely on IoT devices, it is imperative to consider the device-centric approach. All studies
considered are evaluated in accordance with these requirements.

3.1 Security Requirements

The security needs of IoT devices anonymity-oriented systems have been identified as a privacy-preserving
reputation system for IoT applications as inspired by [43]. The identity of the IoT device is anonymised in some
of these systems, resulting in anonymity-oriented privacy-preserving reputation systems for IoT applications.
As a result, the other devices that submit feedback stay anonymous. In the system, an IoT device is represented
by one or more pseudonyms unrelated to its true identity. This configuration enables the IoT device to conduct
transactions with others and provide feedback anonymously. Because the anonymity of the IoT devices prevents
the feedback from being connected to them, the supplied feedback does not need to be confidential. A privacy-
preserving reputation system has two types of security requirements: those requiring privacy and those requiring
integrity or correctness.
IoT-device privacy requirements include privacy-preserving through the anonymity of both raters and ratees
and hiding information about them. The integrity requirements ensure the reputation system functions correctly
while maintaining device privacy. The integrity requirements ensure that a malicious device can’t forge a high
reputation undeservedly by manipulating the reputation aggregation function. The classification of privacy-
preserving reputation systems is represented graphically (see Figure 3). Based on the stringency of its security
requirements, reputation systems may choose to pursue a few of these objectives or more. Some configurations
may not be required for some IoT applications; thus, these works are comprehensively investigated and evaluated.
The next subsection describes the security needs of IoT devices’ anonymity-oriented privacy-preserving reputation
systems.

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications • 31:11

Fig. 3. The security requirements for IoT devices-centric reputation systems.

3.1.1 Privacy Objectives for Device Anonymity

— Multiple pseudonyms: The system allows for the assumption of multiple pseudonyms by a user. A user’s
pseudonym may vary according to the context or transaction, as noted by Anwar and Greer [14, 15]. For
example, a user could use a different pseudonym for various contexts within the system. In an e-learning
system, a tutor might use a different pseudonym for each subject. Alternatively, users may choose a different
pseudonym for each transaction.
— Unlinkability of pseudonyms: An unlinkable pseudonym is not linked to any other pseudonym used by
the same individual. It is difficult for an adversary to tell whether two pseudonyms belong to the same
individual. According to Androulaki et al. [13], when two pseudonyms, P1 and P2, are not used by corrupted
parties, this property does not grant the adversary any advantage in determining whether they belong to
the same peer or not. If there is only one non-corrupted peer, clearly, both pseudonyms belong to the same
person. However, this is unnecessary if at least two uncorrupted peers appear consistent with P1 and P2.
— The anonymity of the rater: Ratings are given without revealing the identity of the user who rated them. An
anonymous rating is intended to prevent the adversary from linking the rater to her interaction with the
ratee or to the rating she submitted. This property is defined as follows according to Schiffner et al., [93]: A
pseudonym P1 that interacts with a ratee R should not be linked to the pseudonym P2 that rates R.
— The anonymity of the Ratee: Users may rate without revealing their identities. Since past transactions
and ratings will likely influence future transactions, the ratee may not wish to be associated with them.
Consequently, by Schiffner et al. [93], a ratee may use a different pseudonym for each transaction.
— The anonymity of the inquirer: Users can inquire about the reputation of a fellow user. She cannot disclose
the identity of the user whose reputation the user is asking about or even admit to asking about another
user’s reputation. To avoid adversaries compiling a profile of their interactions and interests, users want to
query the reputation of other users anonymously.
— Aggregation of reputations: By transferring reputation among multiple pseudonyms on her behalf, a ratee
can prevent an adversary from discovering associations between those pseudonyms. This enables a ratee to
combine the reputations of her numerous pseudonyms into one single reputation.
3.1.2 Integrity Objectives for Device Anonymity
— Unforgeability of reputation: Ratees cannot demonstrate a reputation greater than the cumulative reputation
of their pseudonyms. Also, a ratee cannot borrow a ratee’s favourable reputation.
— Distinctness: It is possible to demonstrate that a ratee’s reputation is a result of votes or feedback from
several different raters while hiding the identities of those raters. This property has the advantage that one

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:12 • H. Mahmoud et al.

Fig. 4. Non-security requirements for IoT devices-centric reputation systems.

or a few dishonest raters cannot submit multiple votes or comments (ballot stuffing) designed to artificially
increase or decrease the rater’s reputation.
— Accountability: An individual’s pseudonym becomes linkable to her real identity only when she commits
a predefined adversarial activity, such as stuffing ballots. The anonymous user is still held accountable
for actions taken against them by this property. Section 3.3 discusses the attributes of authorisability and
verifiability.
— Authorisability of ratings: Ratings must be authorisable by only those who have transacted with the ratee.
It is possible that this property can reduce the impact of attacks such as badmouthing and self-promotion
since users who have not transacted with a ratee can no longer submit feedback.
— Verifiability by the ratee: As identified by Kerschbaum [55], the requirement of verifiability by the ratee
suggests that she should be able to identify any published feedback linked to her name and confirm the
content of the feedback is related to the transaction in question and the appropriate transaction partners.
Additionally, a ratee needs to be able to identify any published feedback connected to her identity. This will
enable her to verify that the inquirer has computed its reputation score based on those submitted feedback
items.

3.2 Non-Security-Related Requirements for IoT Device-Centric Reputation Systems

This subsection develops the criteria for identifying the non-security-related requirements of reputation systems.
In light of the fundamental nature of privacy-preserving reputation systems, it is necessary to establish criteria
for comparing the non-security features of such systems. It is part of evaluating the existing system to identify
research gaps.
The architecture of a reputation system is an important factor in determining how the following three activities
are carried out: (1) collection of feedback, (2) aggregation of feedback (reputation computation) and (3) distribution
of reputation. There are three types of reputation systems: centralised, decentralised and hybrid. Feedback
comprises a set or range of properties, for instance, {−1, 0, 1}, [0, 1]. A rater’s feedback is also granular, reflecting
either their experience working with the ratee in a single transaction or the cumulative experience across multiple
transactions. Reputation can include a set of values or a range of values, e.g., R, [0, 1]. A reputation also has
properties, such as liveliness, visibility, durability and monotonicity. The concept of reputation liveliness means
that a reputation system does not offer users the option of reaching a final reputation state in which bad behaviour
does not negatively affect their reputations. Similarly, a reputation score within the set R will have no minimum

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications • 31:13

or maximum limits, while a reputation score within the range [0, 1] may reach the minimum value of 0 or the
maximum value of 1. A reputation score may be visible globally or locally. An entity with global visibility has
the same reputation score on all nodes in the system. Unlike local visibility, the reputation score available to
a subset of nodes could differ from elsewhere in the system. The durability of a reputation is measured by the
time that passes since a reputation score was established. Reputation scores can be stored permanently until
the reputation changes, or they can remain transient and need to be calculated for every query. In the case of
monotonic reputation, the score increments only in one direction. In a reputation system, e.g., the ratee receives
integer feedback between 1 and 5 for each transaction, and reputation is considered the accumulation of that
feedback. There is no way to diminish the reputation of such a system. The process of aggregating feedback into
reputation scores involves a variety of models. The sum, mean, flow network, Markov chain and Bayesian models
are the most common. According to Josang et al. [52], an extensive survey of feedback aggregation models (as
well as reputation computation engines) has been conducted.
Reputation management systems can be classified depending on the types of attacks addressed and how well
they can defend against them. Several attacks threaten reputation management systems, including the Sybil
attack (the use of multiple identities by a single individual for malicious purposes), self-promotion or ballot
stuffing (adding to the reputation of a ratee by providing false positive feedback), slander or badmouthing
(damaging their reputation by providing inaccurate negative feedback), whitewashing (leaving the system and
re-entering it with a fresh reputation), oscillating (cultivating a good reputation with the intent of exploiting it), a
random rating (submitting randomly generated evaluations to demonstrate active participation) and free-riding
(gaining access to the reputation system without giving any contribution). Hoffman et al. [46] and Marmol
and Perez [70] have discussed many of these attacks in detail. Various computation costs are involved in a
reputation system’s operation, including feedback collection, feedback aggregation (reputation computation) and
reputation dissemination. It is possible to quantify the costs of these operations as follows: (1) the number of
messages exchanged, (2) the bandwidth consumed, (3) the computing resources consumed and (4) the storage
required.

3.3 Survey Methodology

We used a systematic method developed by Keele et al. [54] to examine and analyse current literature in
this research domain to obtain a thorough and organised evaluation of existing literature in developing an
IoT-device decentralised reputation system. The method we used is depicted graphically (see Figure 5), and
the details of each phase of our investigation are given in this subsection. In the initial phase of our re-
search, we conducted a basic review of recent literature to understand the problem and key contributions
better. After determining the feasibility of the research, we split our systematic review methodology into four
phases: selection, identification, screening and refinement and compilation. Those four phases are described as
follows:

3.3.1 Selection Phase. In the selection phase, we first chose four scientific databases to extract relevant publi-
cations from IEEE Xplore, Springer, Science Direct, and ACM. We used keywords like “IoT devices decentralised
reputation system,” “privacy-preserving IoT devices driven decentralised reputation system,” “IoT devices centric
reputation system employing blockchain,” and “decentralised reputation system for IoT applications” to find
relevant material. Furthermore, during our preliminary study, we discovered early blockchain reputation research
in 2010; therefore, our analysis focused on research performed between 2010 to date. Finally, our study included
all academic publications (journal, conference and workshop papers) and technical reports containing novel
algorithm proposals. We utilised the following terms in the advanced research in the mentioned databases
“decentralised” AND “reputation” OR “trust” OR “privacy-preservation” AND “Blockchain” AND “IoT” OR
“User-driven.”

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:14 • H. Mahmoud et al.

Fig. 5. Survey methodology.

3.3.2 Identification Phase. Our preliminary search inside scientific databases revealed that the amount of
relevant available literature is limited, encouraging us to extend our search to include Google Scholar to supplement
existing material. Also, we followed the snowballing methodology in reviewing further works on the relevant
topic. However, the literature in Google Scholar contains many duplicate data, i.e., research that overlaps between
Google Scholar and other scientific sites. As a result, a deliberate effort was undertaken to delete all such
occurrences, such that if an item appeared twice, it was only counted against its publisher database. As a result, a
total of 45 unique research papers (journal, conference or book chapter) were identified across all databases (see
Figure 5).
3.3.3 Screening and Refinement Phase. Following the general search conducted in the previous phases, we
went through the screening and refinement phase to filter the literature. One important criterion we utilised
to do this filtering was to include publications focusing on the reputation system for IoT applications; we also
evaluated those papers based on certain criteria described as security and non-security requirements of the
proposed works in Section 2. Furthermore, we refined the articles to eliminate literature in languages other
than English and removed the papers with blockchain systems for IoT applications without considering the
reputation.
3.3.4 Compilation of Results Phase. Following the revisions, 45 unique publications were chosen to be included
in our study; these papers are classified according to the IoT application. These articles contributed to determining
the problem statement, literature to date and research gap for each IoT application, as discussed in Sections 4
and 5. Forward snowballing is also used in each IoT scenario to extract additional outcomes.

4 Comparative Analysis of Privacy-Preserving Reputation for IoT Applications

This section’s fine-grained analysis of privacy-preserving reputation systems for IoT scenarios is based on the
literature and the suggested criteria in Section 3. Tables 2 and 3 show the analysis of the considered studies
according to the security and non-security requirements (see Figure 3).
The results demonstrated that almost all the studies rely on decentralisation architecture and decentralised
reputation system except [20, 51, 66, 76] and [123]. Moreover, most of the considered studies either rely on
malicious or semi-malicious networks. Furthermore, most of these studies did not consider anonymisation of the
ratees or the inquirers in their proposal, except [18, 67] and [68] who considered utilising pseudonyms. With the
same approach, none of these studies considered multiple pseudonyms or authorisable transactions.

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
 Table 2. Evaluation of the Proposal, Contributions, Limitations and Others of the Considered Studies
Reference IoT System Contribution(s) Limitation(s) Reputation Adversarial Collusion Reputation Trust Building
Application Architecture Architecture Model Resistance Binding Model Blocks
E-Health/Healthcare
Nusrat and Physicians’ rating Decentralised A physicians’ rating system Blockchain and security requirements Decentralised Semi- No Identity Trust- Not provided
Vassileva [80] system using reputation is proposed. are not realised malicious less
ITS
Hirtan et al., [45] AVs Decentralised Users can employ either crowdsensing or data Central authority for storage is imple- Decentralised Semi-malicious Yes Identity A-K Homomorphic
using blockchain generated by this system vehicles. mented.
Optimal travel path would be suggested by users The details of cross-regions are not realised.
utilising the traffic events. The interactions and cluster generations
are not intensely discussed. Also, the secu-
rity requirements are not considered.
Kianersi et al., [58] AVs Decentralised Multiple report weighting schemes are The security requirements are not dis- Decentralised using blockchain Semi-malicious Yes Identity A-K Homomorphic encryption
proposed in calculating the reputation cussed. Also, the proposed interaction is
utilising the vehicle trust. not realistic and require further improve-
ment.
Lu et al., AVs Decentralised An anonymous authentication and The security requirements are Decentralised Semi-malicious Yes Identity A-K Homomorphic encryption
[68] using blockchain trust communication system is proposed not taken into consideration.
LU et al., utilising the vehicles trust.
[67]
Khelifi et al., AVs Decentralised Securing the cache and enhance the trust The system has not been implemented. Decentralised This work only proposed a conceptual idea
[57] using blockchain among the vehicles in the vehicular system
is proposed utilising vehicle trust.
Ying et al., AVs Decentralised A reputation system for opportunistic The security requirements are Decentralised Semi- No Identity Trust- Homomorphic
[115] using blockchain autonomous vehicle platoon is proposed. not taken into consideration. malicious less encryption
The previous experience is taken into and malicious
consideration in the selection of the validator.
Yang et al., VANET Decentralised The received message is validated Blockchain is only used to facilitate the Decentralised Semi- Yes Identity Trust- Homomorphic
[114] using blockchain using Bayesian inference model decentralised network. malicious less encryption
utilising the vehicle trust.
Inedjaren et al., VANET Decentralised A reputation system for routing VANETs The security requirements are not Decentralised Semi- No Identity Trust- Homomorphic
[49] using blockchain using optimised link state routing is taken into consideration malicious less encryption
presented.
Kudva et al., VANET Decentralised A reputation system for routing VANETs The security requirements are not Decentralised Semi- No Identity Trust- Homomorphic
[60] using blockchain using Ad-hoc On-demand distance taken into consideration. malicious less encryption
vector is presented.
Fernandes et al., VANET Decentralised A reputation system for trusted nodes. Security has not been considered. Decentralised Semi- No Identity Trust- Homomorphic
[38] blockchain malicious less encryption
Feraudo et al., VANET Decentralised A reputation system for trusted nodes. Security and privacy are not been. Decentralised Semi- No Identity Trust- Homomorphic
[37] using DAG malicious considered. less encryption
Smart Grid
Wang et al., Energy Decentralised A novel reputation system for the Reputation system does not implement Decentralised Semi- No Identity A-k Not provided
[106] trading using blockchain Energy trading system is proposed. on blockchain. Also, security requirements malicious
are not considered.
Janko and Energy Decentralised A reputation system for the energy Blockchain technology has not been Decentralised Semi- No Identity Trust- Not provided
Johnson [50] trading trading system is proposed. considered. Also, security requirements are malicious less
not considered.
Morstyn and Energy Centralised A centralised P2P Energy trading The reputation system is not properly Centralised Semi- No Identity Trust- Not provided
McCulloch [76] trading system based on reputation metric is discussed. Moreover, a centralised network malicious less
proposed. is considered. Furthermore, the security
requirements are not discussed.
Debe et al., Energy Semi- A reputation-based approach to enforce The data is stored in a central node. Decentralised Semi- No Identity Trust- Not provided
[32] trading decentralised the quality of energy trading between the malicious less
EVs is implemented.
Khaqqi et al., Emission Decentralised A novel emission trading system based Reputation system does not implement Decentralised Semi- No Identity Trust- Not provided
[56] trading using blockchain on reputation is proposed. on blockchain. Also, security requirements malicious less
are not considered.
EVs
Danish et al., Charging station Decentralised A charging station recommendation The reputation system details have Decentralised This work only proposed a conceptual idea
[30] selection using blockchain system for EVs. not been investigated properly.
Danish et al., Semi- No Identity A-K Homomorphic
[31] malicious encryption
Zishan et al., Power Decentralised A power allocation mechanism based on The security requirements are not Decentralised Semi- No Identity Trust- Not provided
[10] allocation the reputation. taken into consideration. malicious less
Su et al., EV selection Decentralised A reputation score for the consensus of the The security requirements are Decentralised Semi- No Identity Trust- Homomorphic
[98] CSs is implemented for EV selection. not taken into consideration. malicious less encryption
Smart Parking
Badr et al., Smart parking Decentralised Smart parking based on reputation system is The security requirements are Decentralised Malicious No Pseudonym Trust- Short
[18] system using blockchain proposed in which drivers can authenticate not taken into consideration. less randomisable
anonymously. signature, ZK proof

(Continued)
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications •

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:15
 Table 2. Continued 31:16

Reference IoT System Contribution(s) Limitation(s) Reputation Adversarial Collusion Reputation Trust Building
Application Architecture Architecture Model Resistance Binding Model Blocks
•

CS
Gao et al., MCS Decentralised Trust-worker uses a secure two-party The reputation of requesters is not Decentralised Semi- No Identity Trust- Homomorphic
[39] using blockchain protocol (using Paillier cryptosystem) to considered. Also, the security requirements malicious, less encryption and
perform the reputation comparison are not realised. and malicious. paillier
between two different raters. cryptosystem.
Jo and Choi MCS Semi- A novel proposal of centralised reputation The reputation system doesn’t rely on the Centralised Semi- Partial Identity TTP Group
[51] decentralised system for MCS. blockchain, and a centralised approach is malicious, signatures and
used. and malicious blind signatures
Zhao et al., MCS Decentralised Sensing data, aggregation result, and Relies on Hyperledger Sawtooth Decentralised Semi- Yes Identity Trust- Homomorphic
[120] using blockchain requester’s feedback and prevent malicious malicious, less encryption.
behaviour are realised in the reputation system. and malicious
Zhang et al., MCS Decentralised Considered trust and reputation metrics in the The blockchain is not utilised in the Decentralised Malicious Partial Identity A-K Eigen-trust and
[118] using blockchain the proposed reputation system. reputation system. TTP verifiable sharing
secret
Wang et al., MCS Decentralised A novel reputation metric is proposed in The security requirements are not Decentralised Malicious Partial Identity Trust- Homomorphic
H. Mahmoud et al.

[107] using blockchain mobile/edge IIoT system. taken into consideration. less encryption
Liu et al., VCS Centralised A novel reputation system for VCS The reputation system is not properly Centralised Semi- No Identity Trust- Mean
[66] is proposed. investigated. The security requirements are not malicious less
taken into consideration.
Telecommunications
Debe et al., FEC Decentralised Two applications of fog system that require The system was only tested on remix Decentralised This work only proposed a conceptual idea
[33] using blockchain reputation is introduced. IDE.
Weerapanpisit FEC Decentralised A novel management system is implemented The calculation of the reputation is not Decentralised Malicious No Identity Trust- Not provided
et al., [108] using blockchain in the fog layer. realised. Also, the security requirements less
are not considered.
Rehman et al., FEC Decentralised The concept of the reputation system for a The reputation system has not been Decentralised This work only proposed a conceptual idea
[103] using blockchain decentralised federated learning system is proposed. implemented.
Li et al., FEC Decentralised Zero trust model in edge computing environment is The calculation of the reputation is not Centralised Semi- No Identity Trust- Paillier additive
[61] using blockchain proposed in which reputation system on blockchain realised. Also, the security malicious less and homomorphic
is used to provide trust in the devices. requirements are not considered. encryption
Bai et al., CRN Centralised A spectrum sensing system based on reputation The calculation of the reputation is not Centralised Semi- No Identity Trust- Not provided
[20] is proposed. realised. Also, the security malicious less
requirements are not considered.
Zhou et al., CRN Centralised A spectrum sensing system based on Bayesian The calculation of the reputation is not Centralised Semi- No Identity Trust- Not provided
[123] reputation is proposed. realised. Also, the security malicious less
requirements are not considered.
Zhang et al., CRN Distributed A distributed spectrum sensing system based on The calculation of the reputation is not Distributed Semi- No Identity Trust- Not provided
[117] reputation is proposed. realised. Also, the security malicious less
requirements are not considered.
Fangwei et al., CRN Distributed A distributed spectrum sensing system based on The calculation of the reputation is not Distributed Semi- No Identity Trust- Not provided
[36] reputation is proposed. Previous behaviour realised. Also, the security malicious less
is considered in the reputation. requirements are not considered.
Zhang et al., CRN Distributed A distributed spectrum sensing system based The calculation of the reputation is not Distributed Semi- No Identity Trust- Not provided
[116] on reputation is proposed. An incentive realised. Also, the security malicious less
mechanism is in place for rewarding the raters. requirements are considered.
Other Generic IoT Applications
Hassan et al., Generic Decentralised It has linear message complexity. It is not robust against Sybil attack and Decentralised Malicious Yes Pseudonym A-K Paillier additive,
[42] reputation-biasing. homomorphic
encryption and
NIZK proof
Dennis and Generic Decentralised Security and privacy requirements are Decentralised Semi- Yes Identity A-K homographic
Owen [34] using blockchain not realised. malicious encryption
Azad et al., M2M Relies on public M2M reputation system is proposed. Decentralised Malicious No Identity A-K ZK proof and
[16] bulletin homographic
encryption
Schiedermeier et al., E-voting Decentralised It proposes and evaluates a referendum Selection of validators is not Decentralised Semi- yes Pseudonym A-K Secret sharing and
[92] using blockchain protocol. properly considered. malicious homomorphic
encryption

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
Huang et al., IoT generic Decentralised Utilises Pedersen commitment- to update the Calculation of the reputation based on Decentralised Malicious No Identity Trust- Pedersen
[48] using blockchain reputation protocol in which two leader election trust between devices is not realised. less commitments
approaches to commit the reputation. and zK-SNARKS
Azad et al., Social IoT Relies on public A reputation system for IoT devices. There is no identity anonymisation. Decentralised Malicious Yes Pseudonym TTP Homomorphic
[17] bulletin encryption and
ZK proofs
Rabah et al., IoT/Generic Decentralised An Anonymous Reputation system - Decentralised Malicious No Pseudonyms A-K Hommorphic
[85] using blockchain encryption and
ZK proofs
Munksgaard Drug markets Centralised An Anonymous reputation e-commerce Privacy and security are not taken into Centralised Semi No Pseudonyms A-K Hommorphic
[77] consideration. malicious encryption
 Table 3. Evaluation of the Security Requirements of the Considered Studies
Reference Multiple User-Pseudo Pseudo-Pseudo Rater Ratee Inquirer Reputation Unforgeability Distinctness Accountability Authorisability Verifability Range Granularity Range Liveliness Visibility Durability Non-Monotnicity Aggregation
Pseudonyms Unlinkability Unlinkability Anonymity Anonyomity Transfer Model
E-Health/Healthcare
Nusrat and No No No No No No No No No No No No R Single R No V No No Sum
Vassileva [80]
ITS
Hirtan No No No No No No No No No No No Yes [0, 1] Single R No V Yes No Sum
et al., [45]
Kianersi No No No No No No No No No No No Yes [0,1] Single R No V Yes No Sum
et al., [58]
Lu No Yes No No Yes No No No No No No Yes [0, 1] Single R No V Yes No Sum
et al., [68]
Lu No Yes No No Yes No No No No No No Yes [0, 1] Single R No V Yes No Sum
et al., [67]
Khelifi This work only proposed a conceptual idea R Single R No V Yes No Sum
et al., [57]
Ying No No No No No No No No No No No Yes [0, 1] Single R No V Yes No Sum
et al., [115]
Yang No No No No No No No No No No No Yes [0, 1] Single R No V Yes No Sum
et al., [114]
Inedjaren No No No No No No No No No No No Yes R Single R No V Yes No Weighted
et al., [49] sum
Kudava No No No No No No No No No No No Yes R Single R No V Yes No Mean
et al., [60]
Fernandes Yes No No No No No No No No No No Yes [0, 1] Single R No V Yes No Sum
et al., [38]
Feraudo Yes Yes No No No No No No No No No Yes R Single R No V Yes No Sum
et al., [37]
Smart Grid
Wang No No No No No No No No No No No Yes [0, 1] Single R No V Yes No Mean
et al., [106]
Janko and No No No No No No No No No No No No R Single R No V No No Weighted
Johnson [50] sum
Morstyn and No No No No No No No No No No No No R Single R No V No No Sum
McCulloch [76]
Debe No No No No No No No No No No No Yes R Single R No V Yes No Sum
et al., [32]
Khaqqi No No No No No No No No No No No Yes R Single R No V Yes No Sum
et al., [56]
EVs
Danish This work only proposed a conceptual idea
et al., [30]
Danish Yes No No Yes No Yes No No No No No Yes [0,1] Multiple R No V Yes No Sum
et al., [31]
Zishan No No No No No No No No No No No No R Single R No V No No Sum
et al., [10]
SU No No No No No No No No No No No Yes R Single R No V Yes No Weighted
et al., [98] sum
Smart Parking
Badr No Yes No Yes No Yes No Yes Yes No Yes No R Single R Yes V Yes No Sum
et al., [18]

(Continued)
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications •

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:17
 Table 3. Continued 31:18

Reference Multiple User-Pseudo Pseudo-Pseudo Rater Ratee Inquirer Reputation Unforgeability Distinctness Accountability Authorisability Verifability Range Granularity Range Liveliness Visibility Durability Non-Monotnicity Aggregation
Pseudonyms Unlinkability Unlinkability Anonymity Anonyomity Transfer Model
•

CS
Gao No No No No No No No Yes No Yes No Yes [0,1] Single R No V Yes No Sum
et al., [39]
Jo and No Yes No Yes No No No Yes No Yes No Yes [0,1] Single R No V No Yes Sum
Choi [51]
Zhao No No No No No No No Yes No Yes No Yes [0, 1] Single R Yes V Yes Yes Weighted
et al., [120] sum
Zhang No No No No No No No Yes No No No Yes [0,1] Multiple R Yes V Yes Yes Weighted
et al., [118] sum
Wang No No No No No No No Yes No No No No [0,1] Single R No V Yes No Weighted
et al., [106] sum
Liu No No No No No No No No No No No Yes R Single R Yes V Yes No Weighted
et al., [66] sum
H. Mahmoud et al.

Telecommunications
Debe This work only proposed a conceptual idea R Single R - V Yes Yes Sum
et al., [33]
Weerapanpisit No No No No No No No No No No No No No Single - Yes V Yes Yes Sum
et al., [108]
Rehman This work only proposed a conceptual idea R Single R - V Yes Yes Sum
et al., [103]
Li No No No No No No No No No No No Yes R Single R No V Yes Yes Sum
et al., [61]
Bai No No No No No No No No No No No No R Single R No V No No Sum
et al., [20]
Zhou No No No No No No No No No No No No R Single R No V No No Weighted
et al., [123] sum
Zhang No No No No No No No No No No No No R Single R No V No No Sum
et al., [117]
Fangwei No No No No No No No No No No No No R Single R No V No No Sum
et al., [36]
Zhang No No No No No No No No No No No No [0,2] Single R No V No No Weighted
et al., [116] sum
Other Generic IoT Applications
Hassan No No No No No No Yes No No Yes No No R Single R No V No No Mean
et al., [42]
Dennis and No No No No No No No No No Yes No Yes - Single - No V Yes No Mean
Owen [34]
Azad No No No No No No No No No No No No [-1,0,1] Single R Yes V Yes Yes Sum
et al., [16]
Schiedermeier No No No No No No No No No No No Yes [0,1] Single Z Yes V Yes Yes Sum
et al., [92]
Haung Yes Yes No No No No Yes No No No Yes Yes R Single R Yes V Yes N Weighted
et al., [48] sum
Azad No No No No No No No No No No No Yes R Single R Yes V Yes No Weighted
et al., [17] sum
Rabah Yes No No Yes Yes No No Yes No No No Yes [0,1] Single R No V Yes No Sum
et al., [85]
Munksgaard Yes No No No No No No No No No No Yes [0,1] Single R No V Yes No Sum
et al., [77]

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications • 31:19

Fig. 6. Pie chart of the number of scientific articles for each IoT application.

Fig. 7. Bar chart of the number of scientific articles and IoT applications for each industry.

The considered ratings mostly rely on a like/dislike range or a real number (R). Liveliness, durability and
non-monotonicity are only been considered in a few studies, including [18, 65, 108, 114, 118, 120] and [18, 30,
32, 49, 51, 56, 60, 65, 98, 106, 107, 108] and [118], respectively. Based on the results of these studies, aggregation
techniques are simple such as summation, weighted summation or mean of reputation values. Additionally, none
of the studies examined their reputation system’s resistance to different types of attacks.
In addition, a comprehensive review of each IoT application with its problem statement, literature to date,
research gap and several cited papers is investigated. The findings show that nine IoT applications with sub-
application(s) at each are investigated or suggested for considering reputation systems. The number of studies
for each of those considered in the literature is discussed (see Figures 6 and 7). In particular, the selection of

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:20 • H. Mahmoud et al.

Cognitive Radio Nodes (CRNs) (13%), selection of fog devices (8%), selection of edge devices (8%), selection of
vehicles sensing nodes (3%), selection of mobile sensing nodes (16%), selection of the parking lots (5%), selection
of Charging Station (CS) (5%), energy trading/smart grid (8%), VANET (5%) and Autonomous Vehicles (AVs)
(34%) applications are considered in the literature with the percentage of the studies with a total of 45 scientific
articles. It can be observed that AVs, Mobile Crowdsensing (MCS) and CRN are the most used in the literature.
In addition, other potential applications have not been proposed in the literature yet, but there is a motivation
to consider them (see Figure 7). Furthermore, the number of studies and IoT applications for each industry are
investigated to identify the most considered application/industry (see Figure 6). The details of each IoT application
are comprehensively discussed as follows (also see Table 4):

4.1 Security and Privacy

This section emphasises the importance of blockchain in building integrity and trust and protecting user privacy
in a network of linked devices. By dispersing data throughout a network, blockchain adoption significantly
improves security by decreasing susceptibilities to attacks, such as Denial-of-Service (DoS), man-in-the-middle
and Sybil attacks. Because there are fewer central points of failure because of this decentralised design, it is more
difficult for attackers to breach the system.
Some existing studies, for instance, include techniques for authenticating participants, as a defence against
Sybil attacks, in which an attacker generates multiple false identities. In doing so, the integrity of the reputation
system is preserved by ensuring that only valid devices may query or add to it. The immutable ledger feature of
blockchain is also used to safeguard the system from unwanted changes and prevent data manipulation while
guaranteeing the veracity of reputation scores. Pseudonyms and anonymity are used to address privacy concerns,
enabling devices to communicate without disclosing their genuine identities. In the IoT situations, this is essential
for safeguarding sensitive data. To preserve systemic confidence, the study also emphasises the necessity of
striking a balance between accountability and anonymity.

4.2 User-Centric and Data-Centric

This section examines the user-centric and data-centric reputation systems in blockchain-based IoT environments
that handle the complexities of user data management and privacy protection. The primary problem for user-
centric systems, which emphasise the user’s role in creating and maintaining reputation data, is protecting
personal data in an environment that by its very nature lacks central oversight. Although this decentralised
architecture improves system resilience and strengthens security against single points of failure, it makes it more
difficult to reliably protect user data across several nodes. The challenge of striking a balance between privacy
and the requirement for a trustworthy reputation assessment is highlighted by the intrinsic conflict between
protecting user anonymity and guaranteeing accountability.
On the other hand, by isolating the reputation of data or transactions from personal identifiers, data-centric
systems aim to address privacy concerns by prioritising the reputation of data or transactions above users.
However, there are certain difficulties with this strategy. To ensure that data cannot be linked back to specific
individuals and to prevent linkage attacks, advanced cryptographic techniques are needed for the management
of identities and the anonymisation of transactions in a decentralised setting. Even with these precautions,
de-anonymisation is still a possibility, particularly when merging datasets from different IoT apps, which poses a
serious risk to user privacy.
Moreover, putting in place strong privacy-preserving measures is made more difficult by the dynamic nature of
IoT environments, which are marked by frequent device interactions and data exchanges.

4.3 Contextual and Dynamic Reputation Assessment

This section explores the complexities of contextual and dynamic reputation scoring in blockchain-based systems
for IoT applications, offering a nuanced viewpoint on the reputation scores’ adaptability to contextual variables

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications • 31:21

Table 4. Fine-Grained Analysis and Comparison of a Privacy-Preserving Reputation for Each IoT Application
Application Use Case Problem Statement Literature to Date Researh Gap Reference
Healthcare Physician booking system Facilitates a reputation system for the patients’ Not available Privacy and security require- 0
medical centres ments are not considered.
Pharmacy supply Facilitates a reputation for physicians to rate Not available 0
the medicines and their providers
ITS Autonomous vehicles Facilitates a reputation system for vehicles or Multiple report weighting Security requirements are not [13]
road events schemes are proposed to discussed and the proposed
calculate reputation. communication is not realistic.
VANET Facilitates a reputation system for finding rout- It is integrated with OLSR [2]
ing paths from a reputable peer and AODV protocols that
rely on peers for routing.
Smart grid Energy trading Facilitates a reputation system for the Energy The reputation score is The reputation system is not [3]
Provider and is used to provide fairness for the slightly considered in properly investigated. Also, the
payment this privacy-preserving security and privacy require-
system. ments are not considered.
EVs Selection of CS Facilitates a reputation system for the EVs on An intelligent CS system Incorporate reputation within [2]
the CSs is proposed for selection the optimisation problem of
based on trust. the cost composition. Also, the
security and privacy require-
ments are not considered.
Smart parking Selection of parking lots Facilitates a reputation system for the drivers Drivers can authenticate The security and privacy re- [2]
on the parking lots. anonymously for the quirements are not considered.
smart parking system.
Air quality Sharing air quality data Based on the most trustworthy data provider Not available None has proposed blockchain 0
of air quality, the consumer decides the target in this application for the sake
area to move into. of trust/reputation.
Water Water market or trading Facilitates a reputation system for the water Not available No one has proposed a reputa- 0
provider and user to provide fairness for the tion system using blockchain.
payment.
Wastewater market Facilitates a reputation system for the wastewa- Not available No one has proposed a reputa- 0
ter Provider and user to provide fairness for the tion system blockchain.
payment.
Water rights Facilitates the communication of water owner- Not available No one has proposed a reputa- 0
ship between the people in different regions. tion system using blockchain.
Adaptation of irrigation An interaction between an irrigation manage- Not available None has proposed blockchain 0
with weather forecast ment system and a nearby weather station. The depending on reputation.
management system would deactivate irriga-
tion when the season indicated rain and the
reputation within the area was reliable.
Crowdsensing Selection of mobile sens- Facilitates a reputation system for the sensing A reputation system for The security and privacy re- [6]
ing nodes nodes the mobile/edge IIoT sys- quirements are not considered.
tem.
Selection of vehicles sens- Facilitates a reputation system for the Vehicles Not available The reputation system in vehi- [1]
ing nodes nodes cle crowdsensing has not been
considered
Telecom Selection of edge devices The edge server in a 5G architecture tends to A ZTC system is proposed The calculation of the reputa- [1]
provide reputation/trust for the edge nodes. in which the trust is ful- tion is not realised in this work.
filled using a reputation Also, the privacy and integrity
system using blockchain. requirements are not consid-
ered.
Selection of fog devices Facilitates a reputation system for the fog de- The management system The calculation of the reputa- [3]
vices is implemented in the tion is not realised in this work.
fog layer using Blockchain Also, the privacy and integrity
technologies. requirements are not consid-
ered.
Selection of heteroge- Facilitates a reputation system for heteroge- Not available A reputation system has not 0
neous devices neous devices been implemented in this case
study. Also, privacy and secu-
rity requirements are not con-
sidered.
Selection of CRNs Facilitates a reputation system for the CR sens- Not available The security requirements are [5]
ing nodes not considered.

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:22 • H. Mahmoud et al.

like time, location and application requirements. This strategy emphasises the significance of a complex reputation
system that goes beyond static assessments, making it possible to reflect device behaviour and reliability more
accurately across a range of scenarios. The presented comparative table can provide a more detailed and accurate
evaluation of device reliability by including context-aware aspects in the reputation calculation. This allows trust
scores to be customised to the unique conditions of each use case. Because of this contextuality, the reputation
system is guaranteed to be accurate and current, reflecting the real-time operating environment of IoT devices.
The dynamic updating of reputation scores emphasises the adaptability and speed of the system towards making
actions or occurrences. Because of their dynamic nature, reputation scores can be continuously re-calibrated
to reflect the most recent data, including any criminal activity or outstanding results by IoT ecosystem devices.
Maintaining a safe and reliable network where devices’ recent behaviours are instantly reflected in their reputation
ratings requires the capacity to modify reputations in response to new information quickly.

4.4 Advantages and Drawbacks

For IoT systems, reputation systems provide several benefits. (1) By providing users and IoT devices feedback
on previous encounters, they improve trust and reliability. Knowing they may rely on the devices’ or their
manufacturers’ reputations lets consumers interact with IoT devices in an informed manner. (2) By identifying
trustworthy devices and identifying potentially dangerous or unreliable ones, reputation systems enhance security.
This helps to reduce the dangers connected to criminal activity, illegal access and data breaches in the IoT networks.
All things considered, reputation systems are essential for advancing security, transparency and reliability in
IoT ecosystems, resulting in more seamless and safe interactions between users and devices. On the other hand,
some drawbacks are brought along with the system. (1) There iss a risk of inaccurate or biased feedback, which
can occur due to various factors such as fake reviews, manipulation or subjective judgments. This can lead to
unreliable reputation scores and misinformed decisions by users, potentially undermining trust in the system. (2)
Reputation systems may need to gather and share private information about IoT devices and their interactions,
which raises privacy problems. In particular, when user identities or sensitive device data are revealed, this raises
concerns about data privacy, consent and the exploitation of personal information.

4.5 Use Cases

This section comprehensively reviews and explores the potential use cases that can adopt reputation systems
within the IoT environment.
4.5.1 E-Health or Healthcare. A few healthcare applications have been utilising blockchain to increase their
security by dealing with an untrusted third party, including pharmacy supply chain and physician booking
management. Reputation systems can be used for both applications. Details are provided below.
Pharmacy Supply Chain. The pharmacy supply chain aims to allow patients and physicians to track and check
the availability of medicines [91]. As the late arrival of the medicine can result in the death of the patient or
the spread of viruses, you should choose a factory with a history of delivering the quality and quantity of the
medicine on time. Hence, a reputation system can be adopted in this system for the sake of providing a secure,
fair and autonomous pharmacy supply chain.
Problem statement: It is to facilitate a reputation-based system for the patients and physicians to rate the
medicines and medicines providers. An anonymous and transparent rating system is required to maintain quick
delivery of medicines to avoid any losses or market shortages that might severely impact human beings.
Literature to date: The use case for the blockchain has been discussed in the literature; however, no consideration
has been given to implementing a reputation system.
Research gap: The reputation systems have not been applied to the pharmacy supply chain in the literature. It is
suggested that a reputation system be implemented to allow patients and doctors to rate the pharmacy company
and their quality, which could lead to fairness in the supply chain.

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications • 31:23

Physician Booking System. Physician booking management is intended to unite patients and physicians in
an autonomous, secure and decentralised manner [91]. A reputation system that captures patient feedback is
necessary to provide a transparent approach to rating physicians and medical centres. It could improve the
medical system and motivate physicians to support their patients fully. Moreover, these scores may be considered
when determining a physician’s annual raise.
Problem statement: It is to facilitate a reputation-based system for the patients to rate the physicians and
medical centres. An anonymous and transparent rating system is required to maintain the treatment process’s
high quality and the idea that reputation is collected to avoid individual bias.
Literature to date: The use case for the blockchain has been discussed in the literature; however, no consideration
has been given to implementing a reputation system.
Research gap: The reputation systems have not been applied to physician reservation systems in the literature.
It is suggested that a reputation system be implemented to allow patients to rate the facilities and doctors
anonymously.

4.5.2 Intelligent Transport System (ITS). A VANET and AVs are two applications that can utilise reputation
systems forming the ITS. Those applications are addressed in this section in more detail.
AVs.
AVs are prepared to revolutionise the future of transportation. They can potentially increase mobility for
non-drivers and mobility independence for the less wealthy [64]. This should result in less traffic, improved safety,
decreased energy consumption and lower pollution [64]. They may also improve transportation equality [7, 29],
increase public transportation alternatives, lower transit system costs [72, 109] and cut commute times [8].
AVs’ most significant advantages are only accessible when they are part of a cooperative network [94].
Vehicles may also share information regarding road network conditions, hazards, best route, present and planned
manoeuvres and other matters [97]. Autonomous cars’ communications and system decision-making must be
secure to give these benefits [97]. Individual vehicle reputation is critical to the integrity of an AV network. The
reputation of a vehicle may be used to influence other vehicles’ judgments about which facts and transactions to
accept.
Problem statement: The problem statement is to facilitate a reputation-based system for rating vehicles or
road events. On the one hand, the reputation of the vehicles can contribute to identifying genuine vehicles for
validating the shared data. In the same context, the reputation value can be used when one vehicle moves from
one region to another to transfer the reputation score in the final region to decide whether to assign the mining
task. On the other hand, the reputation for the road events or hazards can contribute to ensuring the event’s
existence; hence, alternative routes can be recommended for the drivers.
Literature to date: Two key papers proposed a reputation system in this application [45, 58]. Firstly, Kianersi
et al. [58] proposed an experimental simulation reputation management system for AVs in which the vehicle’s
reputation is calculated. A simulation is used to assess the validity of multiple report weighting systems for
calculating reputation (as a rater and ratee). A blockchain-based back-end for the reputation management system
is presented to preserve and transfer reputation data securely.
Several limitations can be considered to enhance this work as follows: (a) system complexity, the interaction of
the model needs to be more realistic [58] and (b) system consistency, the system expects that vehicles will consis-
tently perform throughout the simulation, with genuine and malicious vehicles transmitting primarily correct
and incorrect transactions, respectively. Real-world events, such as electronic vehicle hijacking or ownership
changes, may violate that assumption because a vehicle’s behaviour might alter spontaneously over time. While
these events were considered by weighting transactions based on their recency, they were not included in the
simulation, making it impossible to assess whether the system appropriately handled these concerns. The model
functioned well in situations with a few malicious vehicles; nonetheless, the probability of anomalies arising
needs that an AVs vehicle cyber-security system remains resilient under other applications. Botnet attacks, in

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:24 • H. Mahmoud et al.

which compromised nodes exponentially replicate malware to infect more nodes [47], or even manufacturing
flaws that cause a significant number of AVs to be faulty, may result in a high proportion of malicious vehicles
in networks. Future research can potentially add more simulation system complexity to simulate anomalous
behaviour, such as vehicle-herding, in which a small number of malicious vehicles travel together to strengthen
their reputations while depreciating others’.
Secondly, Hirtan et al. [45] developed a reputation system in which the key actors are consumers concerned
with traffic information rather than vehicles’ reputations, as in the preceding example. They securely share data
on traffic and road events, which are evaluated collectively by other vehicles. To travel between two locations,
users can use either crowd-sourced validated data or data supplied by the system. San Francisco, Rome and Beijing
cities are used as case studies to apply this proposal to them. Only encrypted communication takes place between
the vehicles and the central server, and the consensus process is conducted by all vehicles in the same cluster
or geographical region. The consensus algorithm’s output is either validating or invalidating road events and
updating participants’ reputations. After a certain level, the algorithm additionally considers the ageing process
of road data. The described system’s final goal is to offer customers an optimal travel path based on trustworthy
data while preserving confidentiality.
Lu et al. [68] and Khelifi et al. [57] also proposed a similar system, but they do not provide anonymisation
for raters and ratee, and their proposed design is quite complex for a real-life scenario. The limitation of this
work is lacking the accurate identification of the GPS position of the vehicles considering more weights, such
as patterns. However, this system claims that it is easy to implement, but it is still considered very consuming,
and further design improvement is required. There are other related works to this one, but they have some
shortcomings.
The systems proposed by Lu et al. [67], Lu et al. [68] and Yang et al. [114] are almost identical but refer to the
system as VANET. There is no connection between the VANET system and the reputation system. The following
section discusses a case where a reputation system can benefit VANET.
For example, some proposals establish trust in the system without taking into account privacy, other proposals
that do not use revealed trust in establishing future transactions and other proposals that are difficult to be
implemented in real-life. In addition, the reputation of the movable vehicles can be passed to the server of the
final region to decide whether to consider this vehicle in the validation. Yet, this algorithm is not investigated for
crossing several regions by the same vehicle.
In general, implementing a blockchain reputation system in AVs is limited by the following limitations: (a)
computation limitation, since many devices, such as Raspberry Pis and Arduinos, are resource-constrained and
cannot efficiently compute the proof-of-work consensus algorithm, and (b) a storage limitation. As the number of
nodes within the blockchain increases, the storage requirement for storing the entire ledger rises, a requirement
that is infeasible for most IoT devices.
However, AVs have significantly more computational power than a micro-controller, and the majority of their
resources are dedicated to performing on-board functionality, such as object recognition and communication
broadcasting, within vehicle-to-vehicle transactions; thus, the problem of computational and storage limitations
applies to AVs as well [81].
More study is planned to evaluate the effectiveness of employing a blockchain back-end to circulate reputation
information across Roadside Units (RSUs) and base stations in a decentralised context [58]. The effectiveness of
blockchain implementation might also be compared to other data storage systems, transmission mechanisms and
decentralised database systems. The system might be connected with the ECLIPSE urban mobility simulation
system to examine more complicated situations. Additional studies on deploying trust management technologies
as part of real-world and prototype RSU and regional systems would also be valuable. As the hardware and
software employed in these systems mature, further evaluation of the technology will be necessary.
In addition, the reputation metric is calculated based evaluation of certain functions, such as lidar, acous-
tic, radar and camera sensors as proposed by Chowdhury et al. [26] and the use of data quality by Chuprov

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications • 31:25

et al. [27]. High-quality data are characterised as suitable for customers. The aggregation of trust in their AV
system is influenced by data quality [28]. High-quality data are characterised as suitable for customers. The
aggregation of trust in their AV system is influenced by data quality [28]. Another study investigated AV data
integrity issues by simulating vehicle traffic at a highway intersection and analysing how inaccurate information
transmitted by untrustworthy sources might lead to vehicle crashes [27]. Finally, Ying et al. [115] employed the
reputation for vehicle platoons, temporary groups of vehicles that drive together. These vehicles elect a platoon
leader based on reputation, responsible for using computing resources to guide group efforts and coordinate
movements [115].
Research gap: AV is being considered in the literature, and several papers have been devoted to evaluating
this approach. However, the security perspective has not been explored. The security requirements of a mature
system must be evaluated, considering numerous security parameters as described in Section 3. Data integrity
and privacy can be maintained, and a transparent process can be ensured by considering the mentioned security
requirements.
VANET.
A VANET is considered a subcategory of the ITS. VANET has been attracting lots of attention because of
their rapid topological changes and high mobility, which are sub-categories of Mobile Ad Hoc Networks
(MANETs) as mentioned by Inedjaren et al. [49]. In VANETs, self-organising vehicles operate without centralised
infrastructure or management, encouraging vehicle cooperation. Due to the need for communication between all
parties (vehicles and RSU), all communication systems must communicate. Each vehicle, therefore, stores a local
routing table, which defines the next hop for all destinations, and the protocol maintains the table. Although
VANET offers many benefits, it also poses many security challenges. These data can potentially save lives if
received and transmitted on time. Hence, securing communications in vehicular environments must consider
these requirements, and network protocol security should be the top priority. In this regard, the reputation system
based on blockchain technology has been proposed to ensure that a malicious peer has not altered or initiated the
information transmitted.
Problem statement: The problem statement is similar to the ITS in which there is a need for accommodating a
reputation system for rating the vehicles and control units in the street. Therefore, the decision can rely on the
information initiated by the most reputable vehicle and RSU. Utilising blockchain can empower VANET to ensure
optimal routing selection, and the exchanged data are stored securely.
Literature to date: Inedjaren et al. [49] and Kudva et al. [60] proposed a reputation system for routing VANETs
using Optimised Link State Routing (OLSR) and Ad Hoc On-Demand Distance Vector (AODV), respectively.
OLSR is a routing protocol that determines the path based on the recommendations of a small group of nodes
called multi-point relay, which raises security issues. As an alternative, AODV is a reactive routing protocol
widely used in a highly dynamic network where the routing is discovered based on other network peers. Utilising
blockchain in this system can solve these security issues, as it assures that the participated peers (relay points)
are not malicious. Participants in the validation process receive rewards intended to motivate the vehicles to
participate. This approach has not been analysed from the security perspective and thus can be further enhanced
to meet all parties’ integrity and privacy needs.
Research gap: Applying the same approach of the AVs and VANETs is being considered in the literature, and
several papers have been devoted to evaluating this approach. However, the security perspective has not been
explored. The security requirements of a mature system must be evaluated, considering numerous security
parameters as described in Section 3. This can enhance the privacy of the peers participating in the network and
maintain data integrity.

4.5.3 Energy Industry/Smart Grid. Energy trading system or P2P energy trading system has been studied in
the literature as one of the key applications that blockchain can enable within the energy sector. A reputation
system built on blockchain is essential for this application to ensure secure trading of the quality of the service.

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:26 • H. Mahmoud et al.

Consequently, the users can choose to trade energy with a reputable counterpart to ensure the quality of the
transmitted energy does not have a consequence on the electricity grid.
Problem statement: It is to let the users select the most reputable peer for trading energy with. However,
blockchain technology can ensure communication and trading between untrusted parties, but the blockchain
itself cannot ensure the quality of the transmitted asset. Hence, a reputation system on a blockchain is important
to consider.
Literature to date: A number of studies in the literature considered the reputation systems for energy trading [50,
76, 106]. Wang et al. [106] developed a distributed reputation system to simulate real-world trust in blockchain-
based P2P energy trading. Participant behaviours, such as consensus nodes, energy buyers, and sellers, and other
factors are considered when calculating reputation scores. The reputation score also improves the contribution
fairness in P2P energy trading in this work. Janko and Johnson [50] developed a reputation-based competitive
pricing negotiation and power trading for micro-grid networks. The reputation is calculated based on historical
knowledge of familiarity, acceptance and value between nodes. Using the same concept, Morstyn and McCulloch
[76] has developed a P2P energy market platform based on the multi-class energy management concept to
coordinate trade between consumers. Neither of these studies has been evaluated in terms of security. Particular
attention has not been drawn to privacy requirements and integrity requirements. A similar emission trading
scheme application is also developed using a reputation system on blockchain [56].
Research gap: The concept of reputation systems has been discussed in energy trading, but the security
requirements have not yet been met. An example is P2P trading between unknown parties, in which it is critical
to confirm that the other party is trustworthy, and the rating process should be conducted anonymously. This can
be fulfilled by considering the security requirements. The same concept also applies to emissions trading systems.

4.5.4 Electric Vehicles (EVs). EVs constitute a smart grid application recognised as a promising solution to
reduce the carbon dioxide emissions from gas-powered vehicles. The number of EVs is rising at a rapid pace [82,
90]: according to the national targets, more than 100 million EVs will be produced each year by 2050. Due to the
dramatic growth of this technology, there is a need to manage EV charging efficiently at a large scale to ensure
the long-term viability of the EV industry.
It is important to select CSs according to the service requirements of different types of EVs. Different applications
are discussed in which different EVs have differing requirements. For instance, some EV users may be willing to
charge their vehicles for a lower price but may have to wait longer, whereas others may prefer a shorter charging
time and a higher charging fee. In addition to alleviating congestion at certain CSs, optimal charging allocation
will also provide EV users with a better Quality of Service (QoS), significantly affecting a CS network’s long-term
viability. There is currently a centralised approach to charging requests handled by a global controller at the grid
side. That global controller exchanges charging request/reply information between the EVs and the CSs [24, 100].
There is a risk that the private information of EVs, including their location, current state of charge, ID and so on,
will be transferred to a central controller or malicious nodes, and the collection of such data may raise privacy
concerns [59].
Researchers have shown that EV owners’ privately generated information has been used to track the vehicle’s
position and predict the EV owner’s habits, such as work hours, workplaces and other important patterns [59].
Hence, a reputation-based decentralised system has been proposed in the literature to maintain the communication
between the EVs and CSs in private communication.
Problem statement: The problem statement of this IoT application is to facilitate a reputation-based system for
the EVs towards the CSs. It shall enable the communication between the EVs and CSs in secure communication.
Literature to date: Danish et al. [30] proposes a conceptual blockchain-based privacy-preserving system for CSs
selections for EVs. The reputation score is developed to select the optimal CSs based on the previous charging
sessions. Danish et al. [31] extended on their previous work by implementing their conceptual system considering
the availability of reserved time slots at CSs, high QoS and enhanced EV user comfort in the CSs selection.

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications • 31:27

Aside from scheduling the EVs charging, other reputation-based system applications are slightly realised in the
EVs research, such as allocating power, energy trading and maintaining consensus for CSs. A reputation-based
approach is proposed by Zhang et al. [10] to allocating power to plug-in EVs on a smart grid. By granting better
reputations to users, the overall allocation of power is increased. On the other hand, Debe et al. [32] utilised
a reputation-based approach to enforce the quality of energy trading between the EVs. Su et al. [98] utilised
reputation score for the consensus of the CSs to be selected for the EVs. These studies are not evaluated from the
security point of view.
Research gap: The studies for a reputation system in the literature do not consider the security perspective in
charging scheduling, power allocations and energy trading applications. It is possible to maintain data integrity
and privacy, in addition to ensuring a transparent process by considering the security requirements.

4.5.5 Smart Parking. Finding a vacant parking slot has become a daily concern in our society, particularly in
congested cities, due to the rapidly increasing number of vehicles. This issue seriously impacts people, society
and the environment [25, 71]. Finding a parking slot takes time for individuals. In Los Angeles (USA) and Cairo
(Egypt), e.g., a driver may spend 8.1 minutes and 20 minutes, respectively, looking for a parking slot [62, 74].
In addition to spending time, looking for a parking slot increases fuel usage. In Los Angeles alone, over 47,000
gallons of fuel are spent each year in the search for parking slots [95]. Searching for parking spots may lead to
traffic congestion, negatively influencing society. According to [40], it is responsible for 30% of traffic congestion
in congested cities. According to a report by the United States Environmental Protection Agency [5], searching
for vacant parking slots has become a major contributor to the country’s air pollution problem. The quantity of
CO2 created by this problem in Los Angeles alone is 728 tons per year [95].
Smart parking systems are developing as a viable answer to the rapidly rising challenge of finding vacant
parking slots. The parking slots in these systems are equipped with IoT devices that verify the availability of
these slots. These devices can interact directly with a parking server. As a result, it may deliver real-time parking
availability information to drivers via an online platform and allow them to make online reservations using
smartphones. The current systems are suffering from a few security and privacy issues. A centralised server is
utilised in most of the existing smart parking systems [1, 2, 3, 4, 6] in publicising the available parking slots and
making reservations. Such a server makes the system vulnerable to a single point of failure issue, distributed DoS
attacks and other remote attacks that can endanger service availability. The centralised server might be dishonest
and manipulate the available parking slots in his favour, causing financial losses to the owners and preventing
drivers from locating parking slots close to their destinations. On the other hand, the current parking system
does not consider the drivers’ privacy, such as identities, destinations and reservation times. Thus, the drivers’
visited locations, daily activities and life patterns, such as work address, health condition, income level and so on,
can be disclosed and sold to insurance or marketing companies [113]. Moreover, if criminals get to know such
information, they can break into their houses to steal it. Thus, it is crucial to preserve the identities’ privacy and
locations.
Problem statement: The problem statement for this IoT application is to facilitate a reputation-based system
for the drivers in the parking lots to maintain privacy and integrity for the driver’s information. As a result, the
individual, society and environmental consequences might be improved.
Literature to date: Only one proposal in the literature by Badr et al. [18] and Al Amiri [9] employs the commitment
strategy to maintain fair parking rates and avoid fair parking slots from manipulating their rates to earn unfair
financial benefits. The authors utilise short randomised signatures and a time-locked anonymous payment system
to preserve the driver’s location and financial details. Finally, utilising blockchain, the suggested system can
maintain its reputation anonymously, allowing drivers to rate parking services without fear of being traced or
retaliated against. The suggested assessments have demonstrated that utilising the blockchain for publishing
parking offers and handling payment and reputation can ensure the system is secure and transparent against a
single point of failure and attack. Drivers’ trust in smart parking systems will grow due to this. Consequently,

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:28 • H. Mahmoud et al.

traffic congestion and air pollution will be reduced, benefiting the communities. However, this study proposed a
reputation system using blockchain, yet the integrity and privacy requirements are not considered.
Also, Badr et al. [18] addressed the future work of this study by developing a hybrid smart parking system
that can combine public and private parking owners. Private parking owners, such as house owners, can share
their parking spaces while they are not in use. This has the potential to enhance the number of parking spaces
available. However, in this application, the privacy of private parking owners must also be considered, and the
parking system must be changed to solve this issue.
Research gap: The implementation of a reputation system for vehicles and parking lots does not consider the
evaluation of security requirements. By considering the security requirements, it may be possible to mitigate
the risk of malicious acts being committed by knowing the routine of parked vehicles since the privacy of the
participated peers will be maintained.

4.5.6 Crowdsensing. Followed by MCS, other applications, including Vehicles Crowdsensing (VCS), are
being discussed in the literature. Both applications are discussed and reviewed in detail in this subsection.
MCS. MCS has attracted a lot of interest in the Industrial IoT (IIoT) because of the massive development
of mobile devices (e.g., smartphone, smartwatch, and so on). A typical MCS application has three key roles:
requesters, MCS users (workers) and a centralised server. Requesters assign sensing jobs to the centralised server,
which recruits appropriate sensing users to perceive and gather data. After sensing users upload sensed data,
the server combines all incoming data and delivers the final aggregation result to requesters [105]. In the MCS
sensing process, the central server coordinating all communications is too powerful and needs supervision. It is
unknown whether the server leaks sensitive data from its users (e.g., sensor data) or aggregates sensing data
according to the rules specified by the requester. The centralised server in most existing MCS systems is designed
to be a semi-honest platform [121, 122], which adheres to the prescribed protocol honestly but is responsible and
interested in protecting the privacy of its users.
Although a central server is unlikely to be malicious, it may become infected with malware or be attacked
internally. After a server has been compromised, the privacy of the user and the accuracy of aggregated data
cannot be guaranteed. Cryptographic techniques [53, 119] can overcome some security issues of a centralised
server. However, they cannot eliminate the single point of failure, which is an inevitability of a centralised server.
Due to this, traditional MCS architectures with a central and opaque server are susceptible to malicious attacks
and internal compromises.
With the advent of blockchain technology, it is possible to eliminate the drawbacks of the centralised server
(vulnerability and opacity). Additionally, it can provide incentives in exchange for the collection of data. The
blockchain-based MCS application still faces several unsolved problems. Malicious users are among these chal-
lenges. A typical blockchain-based MCS application can be accessed by anyone with a mobile device which works
with the BC-MCS system since this system is open to anyone with a mobile device. Due to the possibility of
sensing users to receive benefits for their resource consumption, it is unavoidable that malicious users will upload
false data to disrupt the system intentionally or to receive improper incentives [83, 111]. Additionally, sensing
data often contain personal information about users (e.g., locations and device data), and malicious users may
collude to violate the privacy of honest users. In blockchain-based MCS, both goals must be met to simultaneously
achieve both goals of protecting users from malicious users and defending against malicious users. Thus, building
a reputation system on top of a blockchain-based MCS system is essential to meet these two requirements, as
mentioned previously.
Problem statement: The problem statement in this IoT application is to facilitate a reputation-based system for
the sensing nodes to be rated anonymously in which their location and details are not disclosed.
Literature to date: There are several studies in the literature focusing on building a reputation system for this
IoT application [39, 51, 107, 118, 120]. Gao et al. [39], Jo and Choi [51], Zhao et al. [120], Zhang et al. [118],
Wang et al. [107], and Wang et al. [105] proposed a privacy-preserving blockchain for MCS application in

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications • 31:29

various environments. For example, Wang et al. [105] and Wang et al. [107] implemented a reputation system
to incentivise the sensing participants. These studies rely on Ethereum blockchains, except for Zhang et al.
[118], which used Hyperledger sawtooth. On the other hand, Jo and Choi’s [51] proposed architecture relies on
semi-decentralisation due to certain limitations. In all these studies, reputation is only a minor component of
their MCS system; therefore, the security requirements are not considered when evaluating the proposals.
Research gap: MCS has been extensively studied in the literature without addressing the relevant security
requirements. Consideration of security requirements can ensure the data’s integrity and the devices’ privacy.
VCS.
As with the MCS, the VCS has the same potential as the ITS in which the sensing nodes are vehicle-based.
To ensure the accuracy of the data, it is crucial to create a reputation system for the vehicles that provide the
requested data. Furthermore, this simplifies the process of establishing a reward system for reputable sensing
vehicles [66].
Problem statement: The problem statement in this IoT application is to facilitate a reputation-based system for
the sensing vehicles that can be rated anonymously in which their location and details are not disclosed.
Literature to date: In Liu et al. [66], an incentives-based VCS was proposed in which the sensing vehicles obtain
a reputation score based on the sensing task. It focused on providing the incentive system rather than evaluating
their security requirements. Based on historical records, the edge server is assumed to be able to calculate vehicle
reputation.
Research gap: Only one study in the literature considered VCS without addressing the relevant security
requirements. Further improvement is required to explore reputation systems considering security evaluation. It is
essential to consider the development of reputation systems for VCS to enhance the current system’s performance
and the security requirements that would prevent the disclosure of information and maintain data integrity.

4.5.7 Telecommunications Industry. The telecommunication industry has three IoT applications: Fog and Edge
Computing (FEC) systems, 5G-enabled trust of heterogeneous devices and CRNs.
FEC System.
Using cloud computing, customers benefit from providing software, infrastructure and platforms as a service
at a reduced cost [78]. Several recent developments have been made in a technology known as FEC architecture,
which bridges the gap between the cloud and the IoT, optimising cloud computing resources by processing time-
sensitive data at the network edge, close to the source of the data. There are several heterogeneous computing
nodes in FEC’s architecture; therefore, some of these nodes may be unreliable or even malicious. These unreliable
nodes can disrupt normal data processing and storing activities without being trustworthy. The FEC reputation
system is critical to providing trustworthy data processing and protecting users’ privacy. Studies have examined
the reputation of the fog nodes, and other studies have examined the edge nodes. The reputation of both layers
must be maintained.
Problem statement: The problem statement in this IoT application is to facilitate a reputation-based system for
either Fog or edge nodes in which they can be rated to avoid any misbehaving behaviour in the network.
Literature to date: Several studies are discussing utilising this approach for various applications, and not only
the telecommunication [33, 61, 103, 108]. Several studies focus on proposing and building a reputation system for
the edge nodes [61, 103].
Ur Rehman et al. [103] presented a conceptual system of the reputation-based blockchain using federated
learning to ensure trustworthy collaboration in mobile edge computing. This work has only focused on highlighting
the importance of the reputation system for edge architectures. Li et al. [61] proposed a reputation system as a
small part of the blockchain system to contribute to building a Zero-Trust Controller (ZTC) architecture for the
5G in which the reputation of the edge nodes is conducted using the blockchain. The integrated architecture is
proposed to maintain: (a) terminal digital identity, (b) fine-grained authorisation, (c) real-time dynamic evaluation
of trust/reputation and (d) reference index of authorisation granularity. However, 5G networks already have a chip

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:30 • H. Mahmoud et al.

for each edge node (SIM card) used in authorisation and maintaining trust; this study is studying to maintain trust
for the edge nodes and reputation from other peers. Neither the reputation calculation nor security requirements
have been considered in this study.
Other studies focus on developing a reputation system for the Fog nodes [33, 108]. Debe et al. [33] proposed a
reputation system for fog architectures. The reputation system is proposed, and their smart contracts are evaluated
on Ethereum Remix IDE. However, MythX, security analyser and SmartCheck showed no potential vulnerabilities
in the smart contract; the security requirements are not discussed. Weerapanpisit et al. [108] implemented a
management architecture to provide a reputation for the fog nodes that move from one region to another. Hence,
the destination network either considers trusting the moved node or not. This system is generic, and the other
applications have fog–edge architecture that can be empowered by this approach.
Research gap: The FEC has not been analysed from the standpoint of security. Among the key applications of
reputation systems, this application contributes significantly to trusting either fog or edge nodes while allowing
the present nodes’ information to be revealed. This can also be improved by incorporating security considerations
and ensuring the transmitted data’s integrity.
5G-Enabled Trust of Heterogeneous Devices.
Telecommunication and IoT evaluation have forced the development of an architecture that can maintain
connectivity, security and other features. The provision of reputation and trust is also crucial since movable het-
erogeneous IoT devices will need to communicate with one another in an IoT network. Consequently, the
reputation of the movable IoT devices will determine whether the IoT device is allowed to communicate
at full capacity with the network. For example, drones that can be used as portable base stations must be
trusted to communicate with other base stations to allocate additional bandwidth. This example is inspired by
Wu et al. [110].
Problem statement: The problem statement in this IoT application is to facilitate a reputation-based system
for heterogeneous IoT devices for the 5G. These IoT devices can be rated to let the destination network decide
whether to trust the heterogeneous network to function.
Literature to date: To the best of our knowledge, no one in the literature has proposed any solution to this idea.
Research gap: Telecommunications have not yet considered how to incorporate reputation in their 5G-enabled
trust application for heterogeneous devices. IoT devices that exhibit heterogeneous behaviour should be included
in an IoT reputation system to reduce the potential for malicious behaviour. Having a reputation system on this
application may lead to several interactions with other heterogeneous devices securely. Moving sensors can be
trusted within connected systems.
CRNs.
In recent years, more wireless services have become available, which has increased the need for radio spectrum
resources. Spectrum is now in short supply, causing serious concern. Further, according to the Federal Communi-
cations Commission, the most spectrum allocated to licensed users is underutilised [89], and spectrum utilisation
varies by place and time. The opportunistic sharing of the spectrum was proposed to increase the efficiency of
spectrum utilisation named CRNs. This approach considers unlicensed users as Secondary Users (SUs). They are
permitted to gain access to the spectrum as long as they do not interfere adversely with licensed users. Primary
users (PUs) are licensed users with priority access to the system.
Cognitive radios are systems capable of detecting multiple spectrum bands, determining unused portions
and adapting their operations accordingly. A number of spectrum issues indicate that relying on a single node
for sensing the spectrum is not accurate, so the cooperative spectrum sensing mechanism has been considered.
Cooperation in spectrum sensing involves combining the data collected by multiple CRNs to reach the final
decision. The application raises several security concerns, including whether the participating SU or intending to
use the underutilised spectrum band is malicious. The literature has suggested implementing a reputation system
to ensure that SUs are not malicious [63].

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications • 31:31

Problem statement: The problem statement in this IoT application is to facilitate a reputation-based system of
SUs for CRNs. These SUs must be genuine for secure spectrum sensing and spectrum sharing systems to mitigate
Spectrum Sensing Data Falsification (SSDF) attacks.
Literature to date: There are several papers considered for the IoT application to mitigate SSDF attacks [20,
36, 116, 117, 123]. Using the Beta reputation system, Bai et al. [20] proposed a dynamic trust mechanism for
preventing SSDF attacks. By incorporating the time proportion coefficient, which considers the historical sensing
behaviours of cognitive users, a reputation value of users can be obtained accordingly. In addition, the rise factor
and fall factor are introduced. The proposed secure cooperative spectrum sensing scheme based on the Bayesian
reputation model is designed to protect against SSDF attacks by Zhou et al. [123]. SUs’ reputation degrees are
based on the QoS they have provided in the past.
In contrast, Zhang et al. [117], Fangwei et al. [36] and Zhang et al. [116] designed and implemented a reputation
system for the same purpose. In all of these proposals, a summation approach is taken into consideration. The
authors of Zhang et al. [116] considered using a system based on incentives to monitor participants and SUs.
It should be noted, however, that while some of these studies considered the privacy of the PU (the spectrum
sensing licensed user), none considered the privacy and integrity of the SU (the nodes of sensing).
Research gap: CRN has not been analysed from the standpoint of security. Also, no publication utilised the
reputation based on blockchain for the CRN application.

4.5.8 Water, Wastewater and Irrigation Systems. Blockchain technology has been integrated into the water
supply, wastewater treatment and irrigation systems to facilitate communication with third parties (especially for
water trading systems) and enhance the validity of information transmitted. To this end, a reputation system built
upon the blockchain is essential. This subsection discusses in detail several applications within those subsystems.
Wastewater trading has the same concept as this application. The difference between wastewater trading and
water trading is that traded water is unsuitable for drinking but can be used for irrigation.
Water Trading System.
The literature has studied the water trading system or P2P trading system as one of the key applications that
blockchain can enable within the water sector. A reputation system built on blockchain is essential for this
application. Consequently, the users can trade water with a reputable counterpart to ensure the transmitted
water’s quality.
Problem statement: It is to let the users select the most reputable peer for trading water with. However,
blockchain technology can ensure communication and trading between untrusted parties, but the blockchain itself
cannot ensure the quality of the transmitted asset. Hence, a reputation system on the blockchain is important to
consider.
Literature to date: To the best of our knowledge, no one in the literature has proposed any solution to this idea.
Research gap: There is a gap in developing a reputation system for the water trading system to provide fair P2P
trading.
Water Rights System.
Water rights is another blockchain application in the water sector that aims to provide fairness in water delivery.
We formulated this objective to address the issue that some regions lack access to drinking water while others
may have excessive amounts. The reputation metric can determine an indication of the regions with adequate
access to water. Incorporating a blockchain system with a reputation system between water companies and their
customers will contribute to identifying and eliminating shortages of access water.
Problem statement: It is to let the companies get to know users’ satisfaction in different regions by reputable
participants.
Literature to date: To the best of our knowledge, no one in the literature has proposed any solution to this idea.
Research gap: There is a gap in developing a reputation system for the water rights system to provide a fair
water distribution.

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:32 • H. Mahmoud et al.

4.5.9 Irrigation System Adaptation with Weather Forecast. Essentially, the irrigation system is managed in
conjunction with a nearby weather station, which deactivates the irrigation whenever the weather indicates rain
based on a report from a reputable node. This IoT application has not been developed in the literature review, yet
the conceptual idea is proposed by Weerapanpisit et al. [108].
Problem statement: The problem statement in this IoT application is to decide whether to deactivate the irrigation
system based on the information provided by reputable nodes.
Literature to date: To the best of our knowledge, no one in the literature has proposed any solution to this idea.
Research gap: There is a gap in developing a reputation system for the water irrigation system utilising the
weather forecast.
4.5.10 Sharing Air Quality. The trustworthiness of the air quality sensor is determined by the experience of
another sensor in a different location. The customer selects the most reliable data supplier and determines if the
air quality in the target region is satisfactory enough for them to move. A reputation metric can be applied to all
the sensors in each region, making consumers select the most rated sensor without biasing. This IoT application
has not been developed in the literature review, yet the conceptual idea is proposed by Weerapanpisit et al. [108]
and Guo et al. [41].
Problem statement: The problem statement in this IoT application is to let the consumer select the most
trustworthy data provider and decide whether the air quality in the target area is satisfactory so that they can
move into the area.
Literature to date: To the best of our knowledge, no one in the literature has proposed any solution to this
idea. Guo et al., [41] developed a similar system, but they relied on the MCS of the users and not the air-quality
sensors.
Research gap: In the case of sharing air quality, the reputation system has not been utilised, which can contribute
to the fact that reputable peers report the air quality.

4.6 Real-World Use Cases

Reputation systems are adopted in the largest e-commerce websites including Amazon, eBay, Alibaba, Shopify
and Etsy. The details of their reputation systems are investigated in this section.
eBay: eBay’s reputation system is a cornerstone of its platform, providing users with crucial trust indicators for
online transactions. Future encounters between buyers and sellers can be influenced by their ratings (0, −1 and 1)
and comments exchanged through the feedback forum. Due to eBay’s methodology, evaluations of participants’
reliability can be made in a variety of ways, ranging from good to negative. eBay frequently anonymises user
identities to protect users’ privacy and enable transactions without disclosing personal information. To further
safeguard their identities when using the system, users have the option to utilise pseudonyms. Pseudonyms
are typically untraceable from users’ true identities, ensuring their security and anonymity. In general, eBay’s
reputation system improves the overall user experience on the platform by striking a balance between fostering
trust and taking privacy and security concerns into account.
Amazon: Amazon employs a strong reputation system to promote user trust. Customer reviews, a cornerstone of
Amazon’s reputation system, let users evaluate products and provide in-depth commentary. Moreover, this system
enables shoppers to make informed purchasing decisions based on the experiences of previous buyers. Concerning
security and privacy, Amazon employs several strategies to safeguard user data while preserving the integrity of
its reputation network. When leaving reviews, users can choose to remain anonymous by using pseudonyms.
Furthermore, the strict data protection standards implemented by Amazon guarantee the confidentiality of user
identities and prevent them from being connected to their actual identities. Furthermore, the integrity of its
reputation system is safeguarded as Amazon uses advanced algorithms to identify and stop fake or altered reviews.
Amazon keeps a reliable online purchasing environment where customers can rely on the accuracy and reliability
of product reviews by closely observing and evaluating user input.

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications • 31:33

Alibaba: At Alibaba, the largest e-commerce platform in China, reputation systems are essential to fostering
trust between vendors and customers. The aspects that make up Alibaba’s reputation system include transaction
records, seller evaluations and customer comments. Before making a purchase, customers can evaluate the
legitimacy and dependability of merchants thanks to this thorough approach. Alibaba uses strict verification
procedures for merchants and encryption technologies to protect user data to improve security and privacy.
Alibaba’s reputation system supports a healthy marketplace ecosystem by placing a high priority on responsibility
and openness.
Shopify: Shopify, a well-known e-commerce platform for online companies, upholds credibility and trust
through its reputation system. With the help of Shopify, retailers can gather user evaluations and ratings, giving
potential customers important social proof. Customers can gain confidence in the goods and services provided
by Shopify merchants and make well-informed selections with the aid of these reviews. Shopify complies with
stringent data protection laws and provides businesses with customisable privacy options to safeguard user
privacy. Shopify gives companies the tools they need to build solid reputations and enduring relationships with
their clients through its reputation system.
Etsy: Reputation management platforms are essential for fostering handmade quality and authenticity on Etsy,
a marketplace that specialises in antique and handcrafted goods. The Etsy reputation system facilitates buyers in
assessing the calibre and dependability of sellers by providing them with seller ratings, customer feedback and
transaction histories. Openness and community involvement are promoted by Etsy by displaying user-generated
content, such as product images and feedback. Etsy incorporates encryption mechanisms and gives users authority
over their data to guarantee security and privacy. With the help of its reputation system, Etsy creates a thriving
online community where customers and artists can interact.

5 Open Research Challenges

The future research directions can be summarised as follows:

5.1 A Non-Blockchain-Based Reputation Systems

However, despite the proven success of blockchain, we still note that non-blockchain-based privacy-preserving
reputation systems are still important for implementation. There are two reasons for this: (1) blockchain can
be an expensive technological building block regarding resource consumption, network bandwidth, and spent
carbon footprint. (2) Certain applications may not experience the benefits of decentralisation and trustlessness
that blockchain provides.
However, there have been fully decentralised systems before the advent of blockchain; it also offers the
advantage of trustlessness. In other blockchain-based systems, the trustlessness of the blockchain is, in part, a
benefit. Still, the results introduce hybrid trust models that include arbitrary k-trusted users, chosen k-trusted
users or trusted third parties.

5.2 Full Potential of Blockchain for Reputation Systems

One of the future directions in this research area is to use blockchain technology and design fully, truly trusted
systems. In addition to providing trustlessness, the blockchain can leverage some IoT applications. Still, the full
potential of blockchain technology has not been realised and continues to undergo a lot of development. For
instance, different consensus mechanisms and data conversion techniques can affect the security of the reputation
process.
Other DLT, such as directed acyclic graph, have advantages to be considered in the reputation systems, including
supporting system scalability.
5.2.1 Interoperability. To fully realise the potential of blockchain-based reputation systems, it is imperative
to address the open research difficulties related to interoperability across various blockchain platforms and

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:34 • H. Mahmoud et al.

IoT devices. This includes the lack of common protocols and formats for data interchange between various
blockchain networks and IoT devices is one urgent issue. The absence of widely recognised standards can make it
difficult to integrate and communicate seamlessly, which hinders the interoperability required for reputation
systems to function well. Standardisation initiatives are critical because they seek to provide consistent data
formats and protocols that enable smooth communication between different blockchain platforms and IoT
devices. Moreover, interoperability attempts are complicated by the intrinsic diversity among blockchain systems.
Significant obstacles stand in the way of IoT devices trying to communicate across different blockchains due
to differences in consensus procedures, smart contract languages and data storage formats. To overcome these
obstacles, standardisation initiatives that resolve the disparities and establish uniform interoperability standards
necessary for data interchange and smart contract execution across diverse blockchain ecosystems are required.
Furthermore, protocols guaranteeing secure identity management and access control are desperately needed to
allow IoTs devices to safely communicate with blockchain networks while protecting the privacy and integrity
of data.

5.2.2 Emerging Technologies. There are several open research issues related to examining how new technologies
like AI and quantum computing may affect the development of blockchain-based reputation systems for the
IoT. The security of reputation systems could be seriously jeopardised by quantum computing, e.g., which can
interfere with the conventional cryptographic algorithms employed in blockchain networks. Maintaining the
integrity of blockchain-based reputation systems in the face of breakthroughs in quantum computing requires
investigating ways to reduce these risks and create cryptographic solutions that withstand quantum mechanics.
Similar to this, there are advantages and disadvantages of integrating AI with reputation systems. To provide
a more accurate evaluation of device behaviour and reliability inside IoT ecosystems, AI algorithms have the
potential to improve the efficacy and accuracy of reputation-scoring processes. However, issues with algorithmic
bias, data privacy and the possibility of manipulation or exploitation are also brought up by AI-driven reputation
systems. Research efforts must be directed at creating AI reputation assessment models that are open, equitable
and accountable while also providing strong privacy protections for user data to address these issues. To fully
realise the potential of blockchain-based reputation systems for IoT, researchers must tackle the challenging task
of navigating the rapidly changing ecosystem of emergent technologies.

5.3 Fulfilment of Security Requirements for IoT-Device-Centric Reputation Systems

Generally, a great deal of literature focuses on integrating reputation systems around IoT devices. These studies aim
to bring the reputation system into an IoT setup without addressing security concerns. Consequently, many IoT
applications have implemented reputation systems without addressing the aggregation process or the security for
both ratees and raters. Consequently, proposed reputation systems may be vulnerable to attack and manipulation,
not maintaining the device and data privacy. Most IoT applications discussed so far have not been analysed from a
security perspective, as discussed in Section 4. There are only 6 out of 45 scientific articles that use anonymisation
in their reputation (see Tables 2 and 3). The literature barely mentions other security requirements, indicating
that further consideration is needed.

5.4 Exploration of Deployment Reputation System in IoT Applications

Other IoT applications have been suggested to consider the reputation system in their applications; however,
these applications are not yet in use. Blockchain technology can also empower these IoT applications, such as
5G-enabled trust of heterogeneous devices, irrigation systems, water rights, water trading, sharing air quality,
physician booking systems and pharmacy supply chains. Furthermore, VCS has only been discussed in one article
and requires further development.

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications • 31:35

5.5 Fulfilment of Security Requirements for User-Centric Reputation Systems

The security requirements for user-centric reputation systems still require further development. In particular, the
anonymisation of ratee and inquirer is still not considered by many published proposals and studies as recom-
mended by [108]. Moreover, it is still necessary for user-centric reputation systems to facilitate the aggregation
and transfer of reputation among multiple pseudonyms.

5.6 Fulfilment of Security Requirements for Data-Centric Reputation Systems

Using the same approach, data-centric reputation systems still need further development regarding their security
requirements. Specifically, the privacy of the devices and their data needs to be improved, as addressed by [108].
The credibility of the ratings (authorisability) should also be considered in similar reputation systems in which
the study shall consider only those raters who had transacted with the ratee.

5.7 Investigation of Attacks Against a Broad Range of Common Attacks

As far as defending against attacks beyond violating privacy, more work must be done in privacy-preserving
reputation systems. Reputation systems, including privacy preservation systems, are fundamentally reputation
systems, so their overall success hinges on overcoming their basic challenges. It might be because anonymity
and privacy present additional obstacles to preventing attacks such as ballot stuffing, slander, random voting,
free riding and many others. The lack of robust anti-attack protection is evident. As a result, an adversary may
take advantage of the anonymity and privacy offered by a system to mount such attacks without being held
accountable.
These observations suggest that future research in reputation management should focus on developing systems
that can provide comprehensive protection against the wide range of threats such systems encounter. None of
the considered studies investigates their systems’ performance against potential attacks.

5.8 Investigation and Review IoT Applications in Detail

A review of specific IoT applications with rich studies in the literature, such as crowdsensing and ITS, would also
be beneficial, as they provide an in-depth look at the application environment, aggregation techniques and so
on. Consequently, reviewing all reputation parameters and security requirements for the rich IoT applications is
recommended to guide the researchers on a specific road map for those applications.

5.9 Investigation and Proposal of Context-Centric Reputation Systems

Most existing reputation-based systems fail to consider the context of the given reputation in addition to the
general reputation as discussed (see Section 3) [12]. It is complex but essential to establishing trust in a context-
aware manner. A physician is trustworthy for treating him but not for handling his financial affairs. A context
can refer to an area of expertise, different tags within a social network or different activity levels. One can rely on
a financial analyst for a deal involving one thousand euros but not one million euros. Therefore, there have been
several discussions regarding developing a reputation object containing the context of each reputation value.
Reputation values are calculated differently for each system, as is the perception of their meaning.

6 Conclusion
As the IoT gains acceptance, billions of devices will be deployed across many industries without establishing the
necessary trust between them. A reputation system can effectively assess the trustworthiness of IoT devices in
environments where trust has not yet been established. Various studies have been carried out on implementing
reputation systems in industries that do not yet possess a high level of trust between them. Accordingly, this article
reviews previous research on device-centric reputation systems for IoT applications, focusing on decentralised
and ones based on blockchain technology. Forty-five scientific papers have been reviewed and evaluated regarding

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:36 • H. Mahmoud et al.

security (including integrity and privacy) and non-security requirements to identify any research gaps. Continuing
the preceding discussion, 10 additional published reviews of reputation systems for IoT are reviewed. This can be
seen as an indication of the importance of this article. As can be seen, devices-centric reputation systems have
not been thoroughly examined in the literature since only two articles have addressed this field. Furthermore,
no description is given as to their potential IoT applications, as well as their motivation. In this context, it is
important to present a systematic review paper that can discuss the possible applications of IoT, their motivation,
the literature to date and the research gap to contribute to the state of the art. In addition, fewer than half of the
studies address integrity and privacy concerns, which indicates the importance of shedding light on the security
requirements for these IoT applications.
This article examines several IoT applications, their problem statement, the current literature, research gaps
and their importance, including healthcare, transportation, energy, EVs, parking, air quality, water, crowd sensing
and telecommunications. The studies in the literature in this research domain are reviewed and refined based on
the presented research methodology. Moreover, the security and other non-security-related requirements are
discussed and used in evaluating the refined studies. Based on the review of this article, it is possible to observe
the important applications of IoT and the research gaps in this field. Finally, future research directions regarding
reputation systems are examined and discussed to provide researchers with a road map for future research.

References
[1] [n. d.]. Find & pay for parking—On-street. Retrieved June 8, 2022 from https://www.parkmobile.io/
[2] [n. d.]. Get everywhere easier: Reserve parking and save. Retrieved June 8, 2022 from https://spothero.com/
[3] [n. d.]. Parking just got a lot simpler. Retrieved June 8, 2022 from https://www.parkwhiz.com/
[4] [n. d.]. People. places. connected. Retrieved June 8, 2022 from https://www.fybr.com/
[5] [n. d.]. Sources of greenhouse gas emissions. Retrieved June 8, 2022 from https://www.epa.gov/ghgemissions/sources-greenhouse-gas-
emissions
[6] [n. d.]. We make parking easy. Retrieved June 8, 2022 from https://www.parkme.com/
[7] Ryosuke Abe. 2019. Introducing autonomous buses and taxis: Quantifying the potential benefits in Japanese transportation systems.
Transportation Research Part A: Policy and Practice 126, 94–113.
[8] Nadia Adnan, Shahrina Md Nordin, Mohamad Ariff bin Bahruddin, and Murad Ali. 2018. How trust can drive forward the user
acceptance to the technology? In-vehicle technology for autonomous vehicle. Transportation Research Part A: Policy and Practice 118,
819–836.
[9] Wesam Al Amiri. 2019. A Blockchain-Based Smart Parking System with Privacy Preservation and Reputation Management. Ph.D.
Dissertation. Tennessee Technological University.
[10] Abdullah Al Zishan, Moosa Moghimi Haji, and Omid Ardakanian. 2020. Reputation-based fair power allocation to plug-in electric
vehicles in the smart grid. In Proceedings of the ACM/IEEE 11th International Conference on Cyber-Physical Systems (ICCPS’20). IEEE,
63–74.
[11] Ahmed S Almasoud, Farookh Khadeer Hussain, and Omar K. Hussain. 2020. Smart contracts for blockchain-based reputation systems:
A systematic literature review. Journal of Network and Computer Applications 170, 102814.
[12] Rehab Alnemr and Christoph Meinel. 2008. Getting more from reputation systems: A context–aware reputation framework based on
trust Centers and agent lists. In Proceedings of the 3rd International Multi-Conference on Computing in the Global Information Technology
(ICCGI’08). IEEE, 137–142.
[13] Elli Androulaki, Seung Geol Choi, Steven M. Bellovin, and Tal Malkin. 2008. Reputation systems for anonymous networks. In Proceedings
of the International Symposium on Privacy Enhancing Technologies Symposium. Springer, 202–218.
[14] Mohd Anwar and Jim Greer. 2006. Reputation management in privacy-enhanced E-learning. In Proceedings of the 3rd Annual Scientific
Conference of the LORNET Research Network. 6.
[15] Mohd Anwar and Jim Greer. 2008. Enabling reputation-based trust in privacy-enhanced learning systems. In Proceedings of the
International Conference on Intelligent Tutoring Systems. Springer, 681–683.
[16] Muhammad Ajmal Azad, Samiran Bag, and Feng Hao. 2017. M2m-rep: Reputation of machines in the internet of things. In Proceedings
of the 12th International Conference on Availability, Reliability and Security. 1–7.
[17] Muhammad Ajmal Azad, Samiran Bag, Feng Hao, and Andrii Shalaginov. 2020. Decentralized self-enforcing trust management system
for social Internet of Things. IEEE Internet of Things Journal 7, 4 (2020), 2690–2703.
[18] Mahmoud M. Badr, Wesam Al Amiri, Mostafa M. Fouda, Mohamed M. E. A. Mahmoud, Abdulah Jeza Aljohani, and Waleed Alasmary.
2020. Smart parking system with privacy preservation and reputation management using blockchain. IEEE Access 8, 150823–150843.

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications • 31:37

[19] Samiran Bag, Muhammad Ajmal Azad, and Feng Hao. 2018. A privacy-aware decentralized and personalized reputation system.
Computers & Security 77, 514–530.
[20] Ping Bai, Xun Zhang, and Fang Ye. 2017. Reputation-based Beta reputation system against SSDF attack in cognitive radio networks. In
Proceedings of the Progress in Electromagnetics Research Symposium-Fall (PIERS-FALL’17). IEEE, 792–799.
[21] Emanuele Bellini, Youssef Iraqi, and Ernesto Damiani. 2020. Blockchain-based distributed trust and reputation management systems:
A survey. IEEE Access 8 (2020), 21127–21151.
[22] Diego De Siqueira Braga, Marco Niemann, Bernd Hellingrath, and Fernando Buarque De Lima Neto. 2018. Survey on computational
trust and reputation models. ACM Computing Surveys (CSUR) 51, 5 (2018), 1–40.
[23] Davide Calvaresi, Maxine Leis, Alevtina Dubovitskaya, Roland Schegg, and Michael Schumacher. 2019. Trust in tourism via blockchain
technology: Results from a systematic review. Information and Communication Technologies in Tourism 2019 , 304–317.
[24] Yue Cao, Tao Jiang, Omprakash Kaiwartya, Hongjian Sun, Huan Zhou, and Ran Wang. 2019. Toward pre-empted EV charging
recommendation through V2V-based reservation system. IEEE Transactions on Systems, Man, and Cybernetics: Systems 51, 5 (2019),
3026–3039.
[25] Minnie Chan. 2017. South China Morning Post. Retrieved 5, 2 (2017), 2018.
[26] Abdullahi Chowdhury, Gour Karmakar, and Joarder Kamruzzaman. 2019. Trusted autonomous vehicle: Measuring trust using on-board
unit data. In Proceedings of the 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th
IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE’19). IEEE, 787–792.
[27] Sergey Chuprov, Ilya Viksnin, Iuliia Kim, Egor Marinenkov, Maria Usova, Eduard Lazarev, Timofey Melnikov, and Danil Zakoldaev.
2019. Reputation and trust approach for security and safety assurance in intersection management system. Energies 12, 23 (2019), 4527.
[28] Sergey Chuprov, Ilya Viksnin, Iuliia Kim, Leon Reznikand, and Igor Khokhlov. 2020. Reputation and trust models with data quality
metrics for improving autonomous vehicles traffic security and safety. In Proceedings of theIEEE systems security symposium (SSS’20).
IEEE, 1–8.
[29] Hana Creger, Joel Espino, and Alvaro S. Sanchez. 2019. Autonomous vehicle heaven or hell? Creating a transportation revolution that
benefits all. Retrieved from https://trid.trb.org/View/1591302
[30] Syed Muhammad Danish, Kaiwen Zhang, and Hans-Arno Jacobsen. 2020a. A blockchain-based privacy-preserving intelligent charging
station selection for electric vehicles. In Proceedings of the IEEE International Conference on Blockchain and Cryptocurrency (ICBC’20).
IEEE, 1–3.
[31] Syed Muhammad Danish, Kaiwen Zhang, Hans-Arno Jacobsen, Nouman Ashraf, and Hassaan Khaliq Qureshi. 2020b. Blockev: Efficient
and secure charging station selection for electric vehicles. IEEE Transactions on Intelligent Transportation Systems 22, 7 (2020), 4194–4211.
[32] Mazin Debe, Haya R. Hasan, Khaled Salah, Ibrar Yaqoob, and Raja Jayaraman. 2021. Blockchain-based energy trading in electric
vehicles using an auctioning and reputation scheme. IEEE Access 9, 165542–165556.
[33] Mazin Debe, Khaled Salah, Muhammad Habib Ur Rehman, and Davor Svetinovic. 2019. IoT public fog nodes reputation system: A
decentralized solution using Ethereum blockchain. IEEE Access 7, 178082–178093.
[34] Richard Dennis and Gareth Owen. 2015. Rep on the block: A next generation reputation system based on the blockchain. In Proceedings
of the 10th International Conference for Internet Technology and Secured Transactions (ICITST’15). IEEE, 131–138.
[35] D. Dhinakaran, S. M. Sankar, D. Selvaraj, and S. Edwin Raja. 2024. Privacy-preserving data in IoT-based cloud systems: A comprehensive
survey with AI integration. arXiv:2401.00794. Retrieved from https://arxiv.org/abs/2401.00794
[36] Li Fangwei, Liu Fan, Zhu Jiang, and Nie Yifang. 2015. Reputation-based secure spectrum situation fusion in distributed cognitive radio
networks. The Journal of China Universities of Posts and Telecommunications 22, 3 (2015), 110–117.
[37] Angelo Feraudo, Nicolo Romandini, Carlo Mazzocca, Rebecca Montanari, and Paolo Bellavista. 2024. DIVA: A DID-based reputation
system for secure transmission in VANETs using IOTA. Computer Networks, 244, 110332.
[38] Claudio Piccolo Fernandes, Carlos Montez, Daniel Domingos Adriano, Azzedine Boukerche, and Michelle S. Wangham. 2023. A
blockchain-based reputation system for trusted VANET nodes. Ad Hoc Networks 140, 103071.
[39] Sheng Gao, Xiuhua Chen, Jianming Zhu, Xuewen Dong, and Jianfeng Ma. 2021. TrustWorker: A trustworthy and privacy-preserving
worker selection scheme for blockchain-based crowdsensing. IEEE Transactions on Services Computing, 15, 3577–3590.
[40] Tullio Giuffrè, Sabato Marco Siniscalchi, and Giovanni Tesoriere. 2012. A novel architecture of parking management for smart cities.
Procedia-Social and Behavioral Sciences 53, 16–28.
[41] Jia Guo, Ing-Ray Chen, Ding-Chau Wang, Jeffrey J. P. Tsai, and Hamid Al-Hamadi. 2019. Trust-based IoT cloud participatory sensing
of air quality. Wireless Personal Communications 105, 4 (2019), 1461–1474.
[42] Omar Hasan, Lionel Brunie, and Elisa Bertino. 2012. Preserving privacy of feedback providers in decentralized reputation systems.
Computers & Security 31, 7 (2012), 816–826.
[43] Omar Hasan, Lionel Brunie, and Elisa Bertino. 2022. Privacy-preserving reputation systems based on blockchain and other cryptographic
building blocks: A survey. ACM Computing Surveys (CSUR) 55, 2 (2022), 1–37.
[44] Andreas Herzig, Emiliano Lorini, Jomi F. Hübner, and Laurent Vercouter. 2010. A logic of trust and reputation. Logic Journal of the
IGPL 18, 1 (2010), 214–244.

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:38 • H. Mahmoud et al.

[45] Liviu-Adrian HîrÅ£an, Ciprian Dobre, and Horacio González-Vélez. 2020. Blockchain-based reputation for intelligent transportation
systems. Sensors 20, 3 (2020), 791.
[46] Kevin Hoffman, David Zage, and Cristina Nita-Rotaru. 2009. A survey of attack and defense techniques for reputation systems. ACM
Computing Surveys (CSUR) 42, 1 (2009), 1–31.
[47] Nazrul Hoque, Dhruba K. Bhattacharyya, and Jugal K. Kalita. 2015. Botnet in DDoS attacks: Trends and challenges. IEEE Communications
Surveys & Tutorials 17, 4 (2015), 2242–2270.
[48] Chenyu Huang, Yongjun Zhao, Huangxun Chen, Xu Wang, Qian Zhang, Yanjiao Chen, Huaxiong Wang, and Kwok-Yan Lam. 2021.
ZkRep: A privacy-preserving scheme for reputation-based blockchain system. IEEE Internet of Things Journal 9, 6 (2021), 4330–4342.
[49] Youssef Inedjaren, Mohamed Maachaoui, Besma Zeddini, and Jean-Pierre Barbot. 2021. Blockchain-based distributed management
system for trust in VANET. Vehicular Communications 30, 100350.
[50] Samantha Janko and Nathan G. Johnson. 2020. Reputation-based competitive pricing negotiation and power trading for grid-connected
microgrid networks. Applied Energy 277, 115598.
[51] Hyo Jin Jo and Wonsuk Choi. 2019. BPRF: Blockchain-based privacy-preserving reputation framework for participatory sensing
systems. PloS One 14, 12 (2019), e0225688.
[52] Audun Jøsang, Roslan Ismail, and Colin Boyd. 2007. A survey of trust and reputation systems for online service provision. Decision
Support Systems 43, 2 (2007), 618–644.
[53] Arijit Karati, S. K. Hafizul Islam, and Marimuthu Karuppiah. 2018. Provably secure and lightweight certificateless signature scheme for
IIoT environments. IEEE Transactions on Industrial Informatics 14, 8 (2018), 3701–3711.
[54] Staffs Keele and Stuart M. Charters. 2007. Guidelines for Performing SYSTEMATIC Literature Reviews in Software Engineering. Technical
Report. Version 2.3 EBSE Technical Report. EBSE.
[55] Florian Kerschbaum. 2009. A verifiable, centralized, coercion-free reputation system. In Proceedings of the 8th ACM Workshop on
Privacy in the Electronic Society. 61–70.
[56] Khamila Nurul Khaqqi, Janusz J. Sikorski, Kunn Hadinoto, and Markus Kraft. 2018. Incorporating seller/buyer reputation-based system
in blockchain-enabled emission trading application. Applied Energy 209, 8–19.
[57] Hakima Khelifi, Senlin Luo, Boubakr Nour, Hassine Moungla, and Syed Hassan Ahmed. 2018. Reputation-based blockchain for secure
NDN caching in vehicular networks. In Proceedings of the IEEE Conference on Standards for Communications and Networking (CSCN’18).
IEEE, 1–6.
[58] Darius Kianersi, Suraj Uppalapati, Anirudh Bansal, and Jeremy Straub. 2022. Evaluation of a reputation management technique for
autonomous vehicles. Future Internet 14, 2 (2022), 31.
[59] Fabian Knirsch, Andreas Unterweger, and Dominik Engel. 2018. Privacy-preserving blockchain-based electric vehicle charging with
dynamic tariff decisions. Computer Science-Research and Development 33, 1 (2018), 71–79.
[60] Sowmya Kudva, Shahriar Badsha, Shamik Sengupta, Hung La, Ibrahim Khalil, and Mohammed Atiquzzaman. 2021. A scalable
blockchain based trust management in VANET routing protocol. Journal of Parallel and Distributed Computing 152, 144–156.
[61] Dawei Li, Enzhun Zhang, Ming Lei, and Chunxiao Song. 2022. Zero trust in edge computing environment: a blockchain based practical
scheme. Mathematical Biosciences and Engineering 19, 4 (2022), 4196–4216.
[62] He Li, Kaoru Ota, and Mianxiong Dong. 2016. Network virtualization optimization in software defined vehicular ad-hoc networks. In
Proceedings of the IEEE 84th Vehicular Technology Conference (VTC-Fall’16). IEEE, 1–5.
[63] Mee Hong Ling, Kok-Lim Alvin Yau, and Geong Sen Poh. 2014. Trust and reputation management in cognitive radio networks: A
survey. Security and Communication Networks 7, 11 (2014), 2160–2179.
[64] Todd Litman. 2020. Autonomous vehicle implementation predictions: Implications for transport planning. Retrieved from https:
//trid.trb.org/View/1678741
[65] J. Liu. 2010. Fuzzy modularity and fuzzy community structure in networks. European Physical Journal B 77, 547–557.
[66] Luning Liu, Xiangming Wen, Luhan Wang, Zhaoming Lu, Wenpeng Jing, and Yawen Chen. 2020. Incentive-aware recruitment of
intelligent vehicles for edge-assisted mobile crowdsensing. IEEE Transactions on Vehicular Technology 69, 10 (2020), 12085–12097.
[67] Zhaojun Lu, Wenchao Liu, Qian Wang, Gang Qu, and Zhenglin Liu. 2018a. A privacy-preserving trust model based on blockchain for
VANETs. Ieee Access 6, 45655–45664.
[68] Zhaojun Lu, Qian Wang, Gang Qu, and Zhenglin Liu. 2018b. BARS: A blockchain-based anonymous reputation system for trust
management in VANETs. In Proceedings of the 17th IEEE International Conference On Trust, Security And Privacy In Computing And
Communications/12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE’18). IEEE, 98–103.
[69] James Manyika, Michael Chui, Peter Bisson, Jonathan Woetzel, Richard Dobbs, Jacques Bughin, and Dan Aharon. 2015. Unlocking the
Potential of the Internet of Things. McKinsey Global Institute.
[70] Félix Gómez Mármol and Gregorio Martínez Pérez. 2009. Security threats scenarios in trust and reputation models for distributed
systems. Computers & Security 28, 7 (2009), 545–556.
[71] Kevin McCoy. 2017. Drivers spend an average of 17 hours a year searching for parking spots. USA Today, 1–2.
[72] Nikhil Menon, Abdul Pinjari, Yu Zhang, and Linghong Zou. 2016. Consumer Perception and Intended Adoption of Autonomous-Vehicle
Technology: Findings from a University Population Survey. Technical Report.

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
A Systematic Review of Blockchain-Based Privacy-Preserving Reputation Systems for IoT Applications • 31:39

[73] Seyed Amid Moeinzadeh Mirhosseini, Ali Fanian, and T. Aaron Gulliver. 2021. A trust and reputation system for IoT exploiting
distributed ledger technology. arXiv:2111.13500. Retrieved from https://arxiv.org/abs/2111.13500
[74] Ahmed A Mohamed, Mohammed Shawky, Hatem M. Abdel-Latif, and Mostafa S. Sabry. 2019. Enhancement of parking management
system in cairo using smartphones. International Journal of Engineering and Advanced Technology 8, 3292–3300.
[75] Venus Mohammadi, Amir Masoud Rahmani, Aso Mohammed Darwesh, and Amir Sahafi. 2019. Trust-based recommendation systems
in Internet of Things: A systematic literature review. Human-Centric Computing and Information Sciences 9, 1 (2019), 1–61.
[76] Thomas Morstyn and Malcolm D. McCulloch. 2018. Multiclass energy management for peer-to-peer energy trading driven by prosumer
preferences. IEEE Transactions on Power Systems 34, 5 (2018), 4005–4014.
[77] Rasmus Munksgaard. 2023. Building a case for trust: Reputation, institutional regulation and social ties in online drug markets. Global
Crime 24, 1 (2023), 49–72.
[78] Mohammad Nikravan and Mostafa Haghi Kashani. 2022. A review on trust management in fog/edge computing: Techniques, trends,
and challenges. Journal of Network and Computer Applications 204, 103402.
[79] Amy Nordrum. 2016. The internet of fewer things [news]. IEEE Spectrum 53, 10 (2016), 12–13.
[80] Sabrina Nusrat and Julita Vassileva. 2011. Recommending services in a trust-based decentralized user modeling system. In Proceedings
of the International Conference on User Modeling, Adaptation, and Personalization. Springer, 230–242.
[81] Yustus Eko Oktian, Sang-Gon Lee, and Hoon Jae Lee. 2020. Hierarchical multi-blockchain architecture for scalable Internet of Things
environment. Electronics 9, 6 (2020), 1050.
[82] Jelena Pajic, José Rivera, Kaiwen Zhang, and Hans-Arno Jacobsen. 2018. Eva: Fair and auditable electric vehicle charging service using
blockchain. In Proceedings of the 12th ACM International Conference on Distributed and Event-based Systems. 262–265.
[83] Maryam Pouryazdan, Burak Kantarci, Tolga Soyata, Luca Foschini, and Houbing Song. 2017. Quantifying user reputation scores, data
trustworthiness, and user incentives in mobile crowd-sensing. IEEE Access 5 (2017), 1382–1397.
[84] Guntur Dharma Putrat, Sidra Malik, Volkan Dedeoglu, Salil S. Kanhere, and Raja Jurdak. 2023. Trust and reputation management for
blockchain-enabled iot. In Proceedings of the 15th International Conference on COMmunication Systems & NETworkS (COMSNETS’23).
IEEE, 529–536.
[85] Mourad Rabah, Ronan Champagnat, Yacine Ghamri-Doudane, and Mouhamed Amine Bouchiha. 2024. DARS: Empowering trust in
blockchain-based real-world applications with a decentralized anonymous reputation system. In Proceedings of the 38th International
Conference on Advanced Information Networking and Applications (AINA-2024) (AINA’24). 48–61.
[86] Hasnae Rahimi and Hanan El Bekkali. 2017. State of the art of trust and reputation systems in E-commerce context. arXiv:1710.10061.
[87] Harrison Rainie, Janna Quitney Anderson, and Jonathan Albright. 2017. The Future of Free Speech, Trolls, Anonymity and Fake News
Online. Pew Research Center, Washington, DC.
[88] Paul Resnick and Richard Zeckhauser. 2002. Trust among strangers in Internet transactions: Empirical analysis of eBay’s reputation
system. In The Economics of the Internet and E-commerce, Michael R. Baye (Ed.), Emerald Group Publishing Limited. 127–157.
[89] Helena Rifa-Pous, Mercedes Jiménez Blasco, and Carles Garrigues. 2012. Review of robust cooperative spectrum sensing techniques
for cognitive radio networks. Wireless Personal Communications 67, 2 (2012), 175–198.
[90] Jose Rivera and Hans Arno Jacobsen. 2017. On the effects of distributed electric vehicle network utility maximization in low voltage
feeders. arXiv:1706.10074. Retrieved from https://arxiv.org/abs/1706.10074
[91] Shreya Sangal, Achint Nigam, and Chitrakshi Bhutani. 2022. Conceptualizing the role of blockchain in omnichannel healthcare: A
Delphi study. Aslib Journal of Information Management 74, 5 (2022), 782–800.
[92] Maximilian Schiedermeier, Omar Hasan, Lionel Brunie, Tobias Mayer, and Harald Kosch. 2019. A transparent referendum protocol
with immutable proceedings and verifiable outcome for trustless networks. In Proceedings of the International Conference on Complex
Networks and Their Applications. Springer, 647–658.
[93] Stefan Schiffner, Sebastian Clauß, and Sandra Steinbrecher. 2009. Privacy and liveliness for reputation systems. In Proceedings of the
European Public Key Infrastructure Workshop. Springer, 209–224.
[94] Steven E. Shladover. 2009. Cooperative (rather than autonomous) vehicle-highway automation systems. IEEE Intelligent Transportation
Systems Magazine 1, 1 (2009), 10–19.
[95] Donald C. Shoup. 2006. Cruising for parking. Transport Policy 13, 6 (2006), 479–486.
[96] Sachchidanand Singh and Nirmala Singh. 2015. Internet of Things (IoT): Security challenges, business opportunities & reference
architecture for E-commerce. In Proceedings of the International Conference on Green Computing and Internet of Things (ICGCIoT’15).
IEEE, 1577–1581.
[97] Jeremy Straub, John McMillan, Brett Yaniero, Mitchell Schumacher, Abdullah Almosalami, Kelvin Boatey, and Jordan Hartman. 2017.
CyberSecurity considerations for an interconnected self-driving car system of systems. In Proceedings of the 12th System of Systems
Engineering Conference (SoSE’17). IEEE, 1–6.
[98] Zhou Su, Yuntao Wang, Qichao Xu, Minrui Fei, Yu-Chu Tian, and Ning Zhang. 2018. A secure charging scheme for electric vehicles
with smart communities in energy blockchain. IEEE Internet of Things Journal 6, 3 (2018), 4601–4613.
[99] R. Sujatha, C. Navaneethan, Rajesh Kaluri, and S. Prasanna. 2020. Optimized digital transformation in government services with
blockchain. In Blockchain Technology and Applications. Auerbach Publications, 79–100.

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.
31:40 • H. Mahmoud et al.

[100] Tali Trigg, Paul Telleen, R. Boyd, F. Cuenot, D. D’Ambrosio, R. Gaghen, J. Gagné, A. Hardcastle, D. Houssin, A. Jones, et al. 2013. Global
EV outlook: Understanding the electric vehicle landscape to 2020. International Energy Agency, Thibaut Abergel, Till Bunsen, Marine
Gorner, Pierre Leduc, Sarbojit Pal, Leonardo Paoli, Seshadri Raghavan, Jacopo Tattini, Jacob Teter, Sadanand Wachche and Per-Anders
Widell. Hanjiro Ambrose, Jessica Dunn, Margaret Slattery, California Davis and Shahmeer Mohsin (Eds.), 1 (2013), 1–40.
[101] Amit Tyagi, A. Krishna, Shaveta Malik, Meghna Nair, and Sreenath Niladhuri. 2020. Trust and reputation mechanisms in vehicular
ad-hoc networks: A systematic review. Advances in Science, Technology and Engineering Systems Journal 5, 387–402.
[102] Amit Kumar Tyagi, S. U. Aswathy, G. Aghila, and N. Sreenath. 2021. AARIN: Affordable, accurate, reliable and innovative mechanism
to protect a medical cyber-physical system using blockchain technology. International Journal of Intelligent Networks 2, 175–183.
[103] Muhammad Habib ur Rehman, Khaled Salah, Ernesto Damiani, and Davor Svetinovic. 2020. Towards blockchain-based reputation-aware
federated learning. In Proceedings of the IEEE INFOCOM 2020-IEEE Conference on Computer Communications Workshops (INFOCOM
WKSHPS). IEEE, 183–188.
[104] Annika Veh, Markus Göbel, and Rick Vogel. 2019. Corporate reputation in management research: A review of the literature and
assessment of the concept. Business Research 12, 2 (2019), 315–353.
[105] Jingzhong Wang, Mengru Li, Yunhua He, Hong Li, Ke Xiao, and Chao Wang. 2018. A blockchain based privacy-preserving incentive
mechanism in crowdsensing applications. IEEE Access 6, 17545–17556.
[106] Tonghe Wang, Jian Guo, Songpu Ai, and Junwei Cao. 2021. RBT: A distributed reputation system for blockchain-based peer-to-peer
energy trading with fairness consideration. Applied Energy 295, 117056.
[107] Xiaoding Wang, Sahil Garg, Hui Lin, Georges Kaddoum, Jia Hu, and M. Shamim Hossain. 2020. PPCS: An intelligent privacy-preserving
mobile-edge crowdsensing strategy for industrial IoT. IEEE Internet of Things Journal 8, 13 (2020), 10288–10298.
[108] Ponlawat Weerapanpisit, Sergio Trilles, Joaquín Huerta, and Marco Painho. 2022. A decentralised location-based reputation management
system in the IoT using blockchain. IEEE Internet of Things Journal 9, 16 (2022), 15100–15115.
[109] Mintesnot Woldeamanuel and Dang Nguyen. 2018. Perceived benefits and concerns of autonomous vehicles: An exploratory study of
millennials’ sentiments of an emerging market. Research in Transportation Economics 71, 44–53.
[110] Yulei Wu, Hong-Ning Dai, Hao Wang, and Kim-Kwang Raymond Choo. 2021. Blockchain-based privacy preservation for 5g-enabled
drone communications. IEEE Network 35, 1 (2021), 50–56.
[111] Liang Xiao, Yanda Li, Guoan Han, Huaiyu Dai, and H. Vincent Poor. 2017. A secure mobile crowdsensing game with deep reinforcement
learning. IEEE Transactions on Information Forensics and Security 13, 1 (2017), 35–47.
[112] Zheng Yan, Peng Zhang, and Athanasios V. Vasilakos. 2014. A survey on trust management for Internet of Things. Journal of Network
and Computer Applications 42, 120–134.
[113] Kan Yang, Kuan Zhang, Ju Ren, and Xuemin Shen. 2015. Security and privacy in mobile crowdsourcing networks: challenges and
opportunities. IEEE Communications Magazine 53, 8 (2015), 75–81.
[114] Zhe Yang, Kan Yang, Lei Lei, Kan Zheng, and Victor C. M. Leung. 2018. Blockchain-based decentralized trust management in vehicular
networks. IEEE Internet of Things Journal 6, 2 (2018), 1495–1505.
[115] Zuobin Ying, Maode Ma, Zijun Zhao, Ximeng Liu, and Jianfeng Ma. 2021. A reputation-based leader election scheme for opportunistic
autonomous vehicle platoon. IEEE Transactions on Vehicular Technology 71, 4 (2021), 3519–3532.
[116] Tongjie Zhang, Zongpeng Li, and Reihaneh Safavi-Naini. 2014. Incentivize cooperative sensing in distributed cognitive radio networks
with reputation-based pricing. In Proceedings of the IEEE INFOCOM 2014-IEEE Conference on Computer Communications. IEEE,
2490–2498.
[117] Tongjie Zhang, Reihaneh Safavi-Naini, and Zongpeng Li. 2013. ReDiSen: Reputation-based secure cooperative sensing in distributed
cognitive radio networks. In Proceedings of the IEEE International Conference on Communications (ICC’13). IEEE, 2601–2605.
[118] Wenjing Zhang, Yuchuan Luo, Shaojing Fu, and Tao Xie. 2020. Privacy-preserving reputation management for blockchain-based
mobile crowdsensing. In Proceedings of the 17th Annual IEEE International Conference on Sensing, Communication, and Networking
(SECON’20). IEEE, 1–9.
[119] Yinghui Zhang, Robert H. Deng, Dong Zheng, Jin Li, Pengfei Wu, and Jin Cao. 2019. Efficient and robust certificateless signature for
data crowdsensing in cloud-assisted industrial IoT. IEEE Transactions on Industrial Informatics 15, 9 (2019), 5099–5108.
[120] Ke Zhao, Shaohua Tang, Bowen Zhao, and Yiming Wu. 2019. Dynamic and privacy-preserving reputation management for blockchain-
based mobile crowdsensing. IEEE Access 7, 74694–74710.
[121] Yifeng Zheng, Huayi Duan, and Cong Wang. 2018. Learning the truth privately and confidently: Encrypted confidence-aware truth
discovery in mobile crowdsensing. IEEE Transactions on Information Forensics and Security 13, 10 (2018), 2475–2489.
[122] Yifeng Zheng, Huayi Duan, Xingliang Yuan, and Cong Wang. 2017. Privacy-aware and efficient mobile crowdsensing with truth
discovery. IEEE Transactions on Dependable and Secure Computing 17, 1 (2017), 121–133.
[123] Ming Zhou, Jiafeng Shen, Huifang Chen, and Lei Xie. 2013. A cooperative spectrum sensing scheme based on the Bayesian reputation
model in cognitive radio networks. In Proceedings of the IEEE Wireless Communications and Networking Conference (WCNC’13). IEEE,
614–619.

Received 6 November 2023; revised 4 April 2024; accepted 8 June 2024

Distributed Ledger Technologies: Research and Practice, Vol. 3, No. 4, Article 31. Publication date: December 2024.