Decentralized Trace-Resistant Self-Sovereign Service Provisioning for Next-Generation Federated Wireless Networks

Abstract

With the advent of NextG wireless networks, the reliance on centralized identity and service management systems poses significant challenges, including limited interoperability, increased privacy vulnerabilities, and the risk of unauthorized tracking or monitoring of user activity. To address these issues, there is a critical need for a decentralized framework that empowers users with self-sovereignty over their subscription information while maintaining trust and privacy among network entities. This article presents a novel framework to enable Self-Sovereign Federated NextG (SSFXG) wireless communication networks. The SSFXG framework separates identity management from the service management layer typically controlled by network operators to foster interoperability functionalities with enhanced privacy and trace-resistant assurances in the NextG landscape. The proposed model relies on blockchain technology as an infrastructure to enable single-authority-free service provisioning and boost mutual trust among federated network components. Further, the SSFXG framework facilitates subscribers’ self-sovereignty over their subscription information while ensuring anonymity and enhanced privacy preservation, avoiding unnecessary network activity monitoring or tracking. Preliminary evaluations demonstrated the effectiveness and efficiency of the proposed framework, making it a promising solution for advancing secure and interoperable NextG wireless networks.

1. Introduction

The evolution of wireless communication has been marked by a series of generational advancements, each reshaping the boundaries of connectivity and service capabilities. The fourth generation (4G) networks introduced high-speed communication, enabling transformative applications such as real-time video streaming and enhanced mobile broadband [1]. Building on this foundation, the fifth generation (5G) further enhanced network reliability, security, and scalability to meet the demands of massive broadband and the Internet of Everything (IoE) [1]. These advancements reflect a relentless pursuit of performance improvements, driving the digital age forward.

As wireless networks progress, the demand for ubiquitous interconnectivity and seamless information exchange grows exponentially. The next generation of wireless systems must transcend the limitations of current architectures, which are predominantly centralized and operator-driven. While centralized control has facilitated growth thus far, it imposes constraints on scalability, flexibility, and user autonomy [2]. Addressing these constraints is crucial to ensuring the wireless ecosystem can support the growing number of devices, applications, and services in a hyper-connected world.

Existing wireless networks are primarily operated by Mobile Network Operators (MNOs), each offering services within isolated infrastructures. Subscribers are bound by their chosen operator’s service quality, coverage, and resource availability [1]. Although roaming services have attempted to bridge gaps in coverage and connectivity, the traditional architectures of home-routed and local breakout (LBO) roaming have notable trade-offs. Home-routed roaming prioritizes security but increases latency, while LBO roaming minimizes latency but raises privacy concerns [3,4]. These solutions, while functional, fall short of the seamless global experience users increasingly expect.

Federated wireless networks present a promising alternative, emphasizing collaboration and resource sharing among MNOs to provide consistent service across diverse regions [5,6]. By dismantling the territorial and administrative barriers that define current systems, federated networks could offer a unified infrastructure capable of serving any subscriber globally. However, implementing such systems introduces new challenges, particularly in managing subscriber identities while upholding privacy and regulatory compliance [3,7].

Ensuring secure and transparent identity management across a decentralized environment is a critical hurdle that must be overcome. The vision of self-sovereign identity (SSI) has emerged as a compelling solution to address these challenges. SSI advocates for user control over identity credentials, enabling secure interactions without dependence on centralized authorities [8,9]. This paradigm aligns with the goals of Next Generation (NextG) wireless systems, which aim to separate user identity management from MNO control, fostering a decentralized, user-driven communication framework [10]. Such an approach would empower users to autonomously manage their identities while leveraging a globally interoperable network infrastructure.

In this paper, we propose the Self-Sovereign Federated NextG (SSFXG) model, a novel framework that decentralizes identity management in wireless networks. By leveraging SSI principles and integrating blockchain technology, SSFXG establishes a decentralized layer of trust that grants users greater control over their data and interactions. This model decomposes network management into distinct stages, ensuring secure issuance, storage, and verification of identity credentials while maintaining privacy. Through this user-centric design, SSFXG addresses the limitations of traditional network architectures, paving the way for a federated, decentralized future in wireless communication.

The SSFXG framework introduces several advanced features designed to revolutionize wireless communication networks by addressing critical challenges such as scalability, privacy, and user autonomy. One of the key innovations of SSFXG is its distributed storage mechanism, which employs decentralized storage capsules (SCs) to securely manage user credentials. This approach ensures enhanced privacy during identity verification processes by reducing reliance on centralized storage systems, which are often vulnerable to breaches. Another notable aspect of SSFXG is its integration of blockchain technology, which enables immutable and transparent record-keeping, fostering trust and accountability in federated network operations. Additionally, the framework incorporates sophisticated mechanisms for untraceability, allowing subscribers to access wireless services, such as voice calls and other interactions, without revealing their identity or enabling tracking. These features collectively address current limitations in wireless communication networks while advancing scalability, enhancing privacy, and empowering users with greater control over their data and interactions.

The SSFXG framework opens the door to a wide range of transformative applications across multiple domains. For instance, in disaster recovery scenarios, SSFXG can facilitate rapid and secure communication by enabling resource-sharing among different operators, ensuring uninterrupted service for affected regions. Similarly, in global travel, the framework allows seamless connectivity and secure identity verification across international borders without reliance on roaming agreements. Additionally, SSFXG can empower next-generation smart cities by supporting decentralized management of IoT devices, ensuring scalable and secure interconnectivity. By enabling privacy-preserving telehealth services, the framework can also enhance healthcare delivery in remote areas, ensuring data security and patient autonomy. These diverse use cases underscore the practical relevance of SSFXG in addressing real-world challenges while meeting the demands of an increasingly interconnected future.

To the best of our knowledge, SSFXG is the first decentralized SSI-enabled wireless communication framework that integrates untraceability features and decentralized trust layers. SSFXG introduces a novel approach to managing identity credentials by employing distributed storage capsules and blockchain technology, ensuring privacy, scalability, and anonymous communication. Therefore, the key contributions of this research can be summarized as follows:

• Introducing the SSFXG framework, a decentralized wireless communication model incorporating SSI principles for autonomous user identity management.
• Proposing a secure and anonymous communication system within SSFXG, including untraceable voice call services enabled by cascaded VPN-like tunnels.
• Developing a distributed storage capsule mechanism to securely manage user identity credentials, ensuring scalable and anonymous verification processes.

2. Related Work

Recent research has emphasized the integration of Self-Sovereign Identity (SSI) into wireless communication networks, aiming to enhance user autonomy, privacy, and security. SSI represents a transformative approach to digital identity management by shifting control over personal data from centralized entities to individuals themselves. The SSI model relies on cryptographically signed credentials that can be securely managed and shared by users. Importantly, these credentials enable selective disclosure, allowing individuals to share only the minimum required information based on specific contexts, thereby preserving their privacy. The decentralized nature of SSI makes it an ideal solution for modern communication infrastructures like 6G, which are designed to accommodate distributed systems and multi-stakeholder interactions [11,12].

The adoption of SSI within the framework of 6G networks addresses critical concerns around privacy, security, and trust in digital ecosystems. Unlike traditional identity systems that depend on centralized authorities for management and verification, SSI empowers users to autonomously create, manage, and share their credentials. This approach ensures robust privacy and security, as only contextually necessary information is disclosed to third parties. By aligning with the decentralized architecture of 6G, SSI offers a scalable and trusted environment for digital interactions. Consequently, the integration of SSI into 6G has the potential to revolutionize identity management, creating a secure, privacy-preserving, and user-centric ecosystem for next-generation wireless networks [12,13].

Building on these foundational principles, recent research has explored innovative methods and practical implementations of SSI within wireless communication networks, particularly in the context of emerging 6G technologies. In [14], a blockchain-based digital identity platform was developed to enhance privacy and security in identity management systems. This platform utilizes blockchain’s attributes for transparency, immutability, and cryptographic security, orchestrating smart contracts to automate identity verification and access control processes.

Furthermore, the concept of SSI was explored in the wireless ad hoc mesh networks in [15]. By applying SSI principles, these networks can achieve secure and efficient identity verification without relying on centralized authorities, thereby enhancing the overall security and resilience of the network.

The study in [16] introduced a decentralized identity management system for SSI integration in wireless communication, utilizing blockchain and identity-based encryption (IBE). This approach empowers users to securely generate and manage cryptographic keys linked to unique identifiers, enabling private data sharing without centralized reliance. Blockchain ensures transparency and immutability, while smart contracts automate identity verification and access control, driving secure and user-centric advancements in wireless networks.

Recent studies have further explored the application of SSI in various network contexts. For instance, the Sovrin Network has been analyzed as an emerging SSI service utility, enabling SSI for all by leveraging distributed ledger technology to provide a decentralized digital identity framework [13]. Additionally, the Degator framework has been proposed for data aggregation management, utilizing SSI in decentralized networks to address security concerns and mitigate identity-related risks [17]. A systematic mapping study examined decentralized identity and SSI, highlighting the potential of SSI in enhancing security and privacy across diverse networking environments [18]. Furthermore, design aspects of decentralized identifiers and SSI have also been discussed, emphasizing the role of emerging Web3 technologies in implementing decentralized digital identity systems [19].

Building upon the foundational work in decentralized identity management and SSI within wireless communication networks, we introduce the SSFXG framework. The SSFXG framework merges SSI principles with blockchain to create a decentralized trust layer, leveraging advancements in decentralized identity and SSI for wireless networks. It empowers users with data control, untraceable communication, and secure credential management through distributed storage. By tackling challenges in scalability, privacy, and autonomy, SSFXG offers a groundbreaking solution for secure, anonymous, and efficient identity management in next-generation wireless networks.

3. SSFXG: System Overview and Contributions

The SSFXG framework introduces a new approach to wireless communication, addressing critical concerns surrounding identity management. By separating the identity management layer from the control of MNOs, it gives network subscribers greater authority over their profile information, exchanged data, and behavioral patterns. This decentralized model enables users to take charge of their subscription identity and service details while fostering trust and security across the system [11,20].

SSFXG aims to decentralize the network management layer into multiple distributed components, redistributing control and establishing mutual trust among participants. This user-focused model provides subscribers with the flexibility to join networks of their choice and acquire services from various operators globally. Introducing a provider-independent service approach ensures consistency in service offerings while allowing operators to maintain responsibility for managing and securing network resources.

This framework achieves its objectives through a structured process comprising three main steps. First, trusted network authorities issue unique subscription identities and credentials to subscribers. These credentials are then securely managed using a self-directed identity system and stored within distributed storage capsules hosted in cloud environments [20]. During the subscription verification step, operators validate these anonymized credentials, authenticating users without exposing sensitive information. This process enhances privacy while building a trustworthy relationship between users and service providers.

A key feature of SSFXG is its decentralized storage system. This system ensures the secure management of subscribers’ identity credentials, serving as a digital extension for users. By using distributed storage capsules, the design safeguards the privacy and integrity of user credentials while enabling anonymous verification during service authentication. This eliminates the need to expose sensitive subscriber data and strengthens the system’s dependability.

To support the decentralized structure, SSFXG incorporates blockchain technology to manage federated operations and agreements. Blockchain’s inherent properties, such as its resistance to tampering and ability to preserve data integrity, protect the interactions and agreements between network nodes with differing interests. This integration secures operations across the federated NextG communication network and ensures transparency for all participants.

4. Key Design Requirements and System Components

This section highlights the high-level architecture, key design requirements, and main components of the SSFXG model. As shown in Figure 1, this model compartmentalizes the NW into six layers, each composed of different NW nodes/components with distinct privileges and roles, as explained in detail below.

4.1. Layer 1: NW Broker

Layer 1 is the NW brokers, which are wireless communication networking agents representing trusted entities in the wireless NW, including MNOs, service providers, and/or trusted third-party agents. The primary function of the NW brokers is to manage identities within the wireless NW. This involves issuing and authorizing digital identities for both new subscribers and resources. By doing so, they ensure that each entity within the NW is verified and authorized to engage in communications, thereby protecting the NW against unauthorized access and potential security threats. NW brokers are also responsible for managing subscriptions and overseeing resource allocation, ensuring that the NW’s capacity is optimally utilized while maintaining high service quality standards.

4.2. Layer 2: NW Subscribers

Layer 2 contains the NW subscribers, whicj represent the end-users or entities within the wireless communication ecosystem that regularly seek NW coverage and demand high-quality wireless services. These subscribers can range from individual consumers to large organizations, all of whom rely on the NW for their communication needs. NW subscribers are required to have subscription identification credentials to access the NW and its services, ensuring that only authorized users can utilize the services they subscribe to.

4.3. Layer 3: NW Providers or MNOs

Layer 3 is the NW providers or MNOs, which are pivotal entities tasked with managing NW resources and ensuring comprehensive wireless communication coverage. NW providers work collaboratively under a decentralized agreement to allocate and optimize the use of NW resources, such as bandwidth and infrastructure, to maximize efficiency and service quality. SSFXG enables a decentralized approach for flexible and responsive management of NW resources, adapting to subscribers’ needs and evolving wireless technology. It promotes a cooperative environment among NW providers, sharing resources and coverage responsibilities collectively. This ensures seamless wireless coverage and uninterrupted, high-quality communication services across different locations.

4.4. Layer 4: NW Resources

Layer 4 contains the NW resources, which are powerfully deployed hardware managed and controlled by the NW providers. These resources, including cell towers, base stations, and various networking equipment, are pivotal in bridging the gap between NW subscribers and providers. By acting as intermediaries, NW resources facilitate the seamless flow of information, enabling voice, data, and multimedia communications to traverse vast distances with reliability and efficiency.

4.5. Layer 5: Storage Capsules (SCs)

In Layer 5, the storage capsules (SCs) are custom-built and isolated storage and computational cloud containers hosted in federated cloud environments. The SCs function as avatars representing NW subscribers in the federated wireless communication NW. By doing so, storage capsules play a crucial role in protecting the digital identities of subscribers, ensuring identity credentials are protected from unauthorized access and duplication. This mechanism, orchestrated by NW brokers, ensures that each new subscriber is assigned a unique SC, thereby eliminating the risk of redundancy and enhancing the overall security framework of the NW.

4.6. Layer 6: Consortium Blockchain

The proposed model employs blockchain technology to ensure secure and transparent transactions within the federated wireless communication network. This approach facilitates reliable management of key operations, including subscriber authentication, service requests, and provisioning. Blockchain transactions between NW providers establish decentralized agreements to coordinate network coverage, share resources, and determine billing criteria for subscriber usage. NW brokers and providers take on the role of blockchain miners, validating transactions and managing the distributed ledger, which promotes transparency and accountability and ensures data integrity within the federated network.

The consortium blockchain structure in this framework inherently provides a layer of validation by involving trusted miners as stewards who verify smart contracts before deployment, ensuring alignment with business logic and system requirements. Additionally, methodologies such as formal verification [21] can mathematically prove contract correctness, while model-checking systematically evaluates all possible states to detect inconsistencies. Static analysis tools like Slither aid in early vulnerability detection [22], and symbolic execution [23] explores multiple execution paths to uncover potential flaws. These approaches collectively contribute to the safety and reliability of smart contracts and autonomous agents. While ensuring the functional correctness of smart contracts and autonomous agents is crucial, a comprehensive exploration of this topic falls outside the primary scope of this paper.

5. SSFXG Architecture and Basic Interactions

This section provides a detailed overview of the fundamental interactions and essential requirements of the proposed SSFXG model for the federated SSI-enabled wireless communication NW.

5.1. NW Subscription Identity Issuance

As new subscribers are assumed to have no prior NW service, an internet connection is required to interact with NW brokers during the identity issuance procedure. As illustrated in Figure 2, the detailed process can be summarized as follows:

5.1.1. NW Subscriber Request to Join the Federated Wireless Communication Network

As explained in Figure 2, the onboarding process for new NW subscribers within a federated wireless communication NW begins with a crucial preparatory step: the generation of lifetime cryptographic primitives (Step 1 Figure 2). These cryptographic primitives, which typically include private and public keys, are essential for facilitating secure authentication and identification within the NW. By generating these primitives, subscribers lay the foundation for secure interactions within the decentralized environment, ensuring that their identities and communications can be verified without reliance on a centralized authority.

Once the cryptographic primitives are in place, the new subscribers proceed to create a Global Decentralized Identifier (DID) (Step 2 Figure 2). This DID is a unique digital identity for the subscriber and is recorded on the blockchain. The blockchain ensures that the DID is immutable, traceable, and accessible for verification in a decentralized manner. This approach eliminates the risks associated with centralized identity management systems, such as single points of failure or unauthorized tampering, while promoting transparency and trust among NW participants.

Following the creation of the DID, the subscribers approach an available NW broker to request subscription identity credentials formally. The NW broker plays a pivotal role as the intermediary, facilitating the onboarding process and managing interactions between the subscriber and the federated NW. During this stage, the NW broker engages with the subscriber to negotiate the terms of their subscription (Step 3 Figure 2). This involves a detailed discussion about the roles, responsibilities, and regulations associated with the subscription. This negotiation aims to ensure that both parties have a clear understanding of the expectations, obligations, and benefits tied to the subscriber’s participation in the NW.

Once the terms are agreed upon, the NW broker finalizes the process by issuing the necessary credentials to the subscriber. These credentials grant the subscriber access to the NW and enable them to interact securely with other participants. To ensure secure storage and efficient management of subscriber information, the federated NW leverages blockchain technology and storage capsules (SCs). The blockchain serves as a decentralized ledger to securely store DIDs and subscription agreements, ensuring immutability and transparency. Meanwhile, storage capsules are utilized to store subscription credentials and associated data, enabling quick and secure retrieval while maintaining privacy and security.

5.1.2. NW Broker Generating the NW Identity Credentials for the New NW Subscribers

This phase involves the NW broker issuance of unique NW identification credentials for a new subscriber (Step 4 Figure 2). The process begins with generating two identification numbers for the requesting NW subscriber. The first number is private and uniquely tied to the subscriber. It serves as an authentication mechanism, allowing NW providers to verify the subscription status of the individual and grant them the necessary privileges to access the NW’s services. The second number is public and designed for broader communication. This public identifier enables other NW subscribers to recognize and interact with the holder, facilitating seamless communication.

After the NW broker generates these subscription identity credentials, it proceeds to record the information on the blockchain. This step ensures the transparency and security of the subscriber’s identity within the federated NW. Specifically, the NW broker creates a blockchain transaction encapsulating all public information associated with the requesting subscriber (Step 5 Figure 2). This transaction is formalized as $DIDDo{c}_{SUB}$, a digital document detailing the subscriber’s public credentials. The address of $DIDDo{c}_{SUB}$ in the blockchain ledger is represented as $DI{D}_{SUB}$. This unique address allows other NW participants to access and verify the subscriber’s public credentials in a decentralized and tamper-proof manner. This process ensures the integrity and security of subscriber identities within the federated wireless communication NW while promoting trust and transparency.

5.1.3. The Creation and Management of an NW-Subscriber-Governed SC

In this phase, the NW broker takes the process a step further by creating a unique and dedicated SC for the requesting NW subscriber (Steps 6 and 7 Figure 2). This SC serves as a digital representation of the subscriber within the NW and acts as a secure container for storing all the relevant NW identity credentials. The information within the SC includes both private and public credentials that are essential for authenticating and identifying the subscriber. By securely storing these credentials, the SC ensures that the subscriber’s data remain protected while being accessible for necessary NW operations.

Once the SC is created and populated with the subscriber’s identity credentials, the new subscriber is able to interact with the SC. This interaction allows the subscriber to configure the strategy by which the SC will manage authentication and verification processes on their behalf. The SC plays a pivotal role in maintaining the anonymity of the subscriber during these operations. It ensures that the subscriber’s identity and credentials are used only as necessary, without exposing sensitive information to unauthorized entities. This design promotes a balance between security, privacy, and functionality within the federated wireless communication NW.

The use of SCs provides an efficient and secure mechanism for subscribers to manage their identities and participate in the NW (Step 8, Figure 2). By delegating authentication and verification tasks to the SC, the NW minimizes the risk of exposure of sensitive information and ensures that all interactions are conducted seamlessly and securely. This step is a critical component of the overall onboarding process, as it equips the subscriber with the tools and mechanisms needed to operate within the federated NW while preserving privacy and security.

5.2. NW Service Provisioning

As NW subscribers are assumed to have issued global NW identification numbers generated by authorized NW brokers, any NW subscribers can request NW service from an in-service NW provider. As demonstrated in Figure 3, NW subscribers can request NW coverage from an in-service NW provider as follows:

5.2.1. NW Subscriber Requesting a Wireless Communication Service

As explained in Step 1 Figure 3, during the service request and synchronization phase, the process begins with the NW subscriber sending a service request message to a nearby NW resource. This request serves as an announcement of the subscriber’s presence and a declaration of intent to access NW services. Upon receiving the service request, the NW resource coordinates with its associated NW provider to facilitate secure communication and resource allocation.

The NW provider responds by issuing a temporary NW warrant to the NW resources within its jurisdiction (Step 2 Figure 3). This NW warrant is a critical component of the communication process, as it provides the necessary public keys for authenticating and encrypting data exchanges between the NW resource and the NW provider. The warrant ensures that all communications within the NW are secure, preventing unauthorized access or tampering.

Upon receiving the NW warrant, the NW subscriber must validate its authenticity and validity. This verification process involves checking multiple parameters, such as the timestamp of issuance, digital signatures from the NW provider or broker, and the warrant’s expiration date. These checks ensure that the warrant is legitimate and valid for secure communication (Step 3 Figure 3).

During this phase, the NW subscriber also generates verification parameters that will be used to confirm its identity within the NW further. This is achieved by concatenating the concealed $DI{D}_{SUB}$ (a secure version of the subscriber’s decentralized identifier) with the hash value of the subscriber’s NW identity subscription numbers, referred to as $HASHID$ (Step 3 Figure 3). These concatenated values form a unique verification signature that can be used to securely identify and authenticate the subscriber within the federated wireless communication NW.

This process establishes a secure and reliable connection between the NW subscriber and the NW, ensuring that all subsequent communications and interactions are both authenticated and encrypted. By integrating mechanisms such as NW warrants, public key cryptography, and verification parameters, the NW maintains a high level of security and trust among all participating entities.

5.2.2. NW Subscriber Identity Verification

After the NW subscriber generates and transmits the verification parameters, the NW provider undertakes a crucial step in securely handling the subscriber’s identity. The NW provider sends the concealed $DI{D}_{SUB}$—a secure and obfuscated version of the subscriber’s decentralized identifier—to the SC platform where the subscriber’s SC is hosted (Step 4 Figure 3). This ensures that the interaction with the subscriber’s identity is secure and follows decentralized principles.

The SC platform is designed to actively monitor and listen for incoming NW requests related to its associated subscribers. Once the SC identifies a concealed $DI{D}_{SUB}$ within the NW request, it initiates the de-concealment process (Step 5 Figure 3). This involves securely revealing the original $DI{D}_{SUB}$ from its obfuscated form. This step is critical for authenticating the subscriber without exposing sensitive information during transmission or storage.

Upon successfully de-concealing $DI{D}_{SUB}$, the SC securely responds to the NW provider. The response includes the extracted $DI{D}_{SUB}$, allowing the NW provider to validate the subscriber’s identity further and proceed with service provisioning. This interaction ensures that only verified subscribers are granted access to the NW resources while maintaining strict confidentiality and security of the subscriber’s identity.

This process highlights the role of SCs in securely mediating interactions between subscribers and the NW provider. The federated wireless communication NW balances efficient service delivery and privacy protection for its participants by leveraging concealed identifiers and secure de-concealment mechanisms.

5.2.3. Attach NW Subscriber to the NW After Being Verified

At this final stage of the process, the NW provider retrieves the $DIDDo{c}_{SUB}$ associated with the subscriber’s $DI{D}_{SUB}$ from the blockchain ledger (Step 6 Figure 3). This document contains all the public details related to the subscriber, including their NW identity subscription number. Using the subscription number, the NW provider computes its hash value and compares it with the $HASHID$ received earlier from the subscriber during the verification phase.

If the computed hash value matches the $HASHID$, it serves as proof that the subscriber’s identity and credentials are valid and consistent with the records stored in the blockchain. This verification process ensures that the subscriber has a legitimate and globally recognized subscription within the federated NW.

Once the validation is complete, the NW provider formally confirms the subscriber’s attachment to the NW. This confirmation signifies that the subscriber is authorized to access and utilize the NW services under the terms agreed upon in their subscription (Step 7 Figure 3). Additionally, the NW provider sets up mechanisms to frequently update the subscriber about their billing and settlement status. This includes providing transparent information on service usage, billing cycles, and payment updates, ensuring the subscriber is informed and their NW access remains uninterrupted (Step 8 Figure 3).

This final step concludes the onboarding and verification process, establishing a secure, transparent, and trusted connection between the subscriber and the NW provider. By utilizing blockchain technology and cryptographic verification, the NW guarantees the integrity and authenticity of subscriber credentials, enabling seamless service provisioning and maintaining privacy and security standards.

5.3. Bidding-Based Service Provisioning

The preceding discussion assumes that NW subscribers request an NW service from the first available nearby NW provider. However, the SSFXG model can support other service provisioning scenarios. For instance, NW providers serving the same geographical location can compete to attract NW subscribers by offering competitive costs and special service quality. After completing the synchronization and identity verification phases with the NW subscribers-owned SC, the SC will search for available NW providers within the same geographic area. This is illustrated in Figure 4.

This diagram outlines a decentralized service provisioning strategy where an SC deploys a bidding-oriented smart contract to facilitate fair competition among NW providers for delivering services to a subscriber. The process begins with the SC, representing the NW subscriber, initiating the smart contract deployment. The contract includes specific details about the subscriber’s communication service needs, such as coverage requirements, bandwidth demands, and other preferences.

Once the smart contract is deployed, nearby NW providers are notified of the opportunity to bid for the subscriber’s service request. These providers submit their bids, specifying their capabilities, service levels, and pricing to match the subscriber’s requirements. The SC acts as an intermediary, collecting and evaluating the bids based on the criteria outlined in the smart contract.

After receiving and reviewing the bids, the SC selects the NW provider that offers the best match for the subscriber’s needs. Factors such as service quality, coverage, cost, and reputation may influence the selection process. Once a provider is chosen, the subscriber is seamlessly transferred to the selected NW provider. The smart contract ensures the agreed-upon terms are upheld, and billing settlement is managed transparently based on the winning bid.

The use of a bidding-oriented smart contract introduces a fair, transparent, and competitive mechanism for service provisioning. It ensures that NW providers compete based on service quality and pricing, creating an efficient marketplace. The smart contract enforces the terms of the agreement, applying penalties automatically in case of any violations, such as service interruptions or failure to meet promised service levels. This enhances accountability and trust in the system.

This decentralized strategy benefits both NW subscribers and providers. Subscribers gain access to a wide range of service options, allowing them to choose the best solution based on their preferences and needs. Simultaneously, NW providers can improve their services and attract more subscribers by offering competitive bids.

5.4. Anonymous Untraceable Voice Call Services

Previous generations of wireless communication NWs have evolved towards Voice over Internet Protocol (VoIP) NWs [24], transforming how subscribers communicate. VoIP enables subscribers to transmit voice calls over the internet faster and more efficiently than traditional phone lines. Accordingly, the SSFXG model proposes a VoIP application that enables NW subscribers to communicate with each other anonymously, free from tracking or communication packet interception.

SSFXG offers a global service where digital agents acting on behalf of NW subscribers can create obfuscated cascaded VPN-like tunnels, enabling secure and anonymous connections between subscribers. This model employs a multi-step approach to provide an anonymous and untraceable voice calling service, illustrated in Figure 5. To prevent the in-service NW providers’ activity tracking, the proposed model utilizes a common SC platform to handle voice call connectivity establishment for NW subscribers anonymously and untraceably. A dedicated SC controller, which manages phone call requests among available NW subscribers, is therefore assumed to be deployed.

In a federated wireless communication NW, initiating and managing a phone call between two NW subscribers is a sophisticated process designed to ensure security, privacy, and seamless functionality. This process begins with NW Subscriber A identifying NW Subscriber B using the public identifier assigned during the initial subscription phase. NW Subscriber A’s SC forwards the call request to the SC controller through encrypted VPN tunnels. The SC controller then relays this request to NW Subscriber B’s SC, which notifies NW Subscriber B about the incoming call request, providing relevant details about the caller.

NW Subscriber B has the option to either accept or decline the call. If NW Subscriber B rejects the request, their SC terminates the process and informs the SC controller. Subsequently, the SC controller sends a notification to NW Subscriber A’s SC, ensuring that the caller is promptly updated about the rejection. In cases where NW Subscriber B does not respond within a predetermined time limit, the SC controller triggers a timeout mechanism. This mechanism sends a series of cascaded notifications to NW Subscriber A, indicating that the call request has expired. These measures ensure that resources are managed efficiently and subscribers are kept informed of the call status.

If NW Subscriber B accepts the call, their SC interacts with NW Subscriber A’s SC via the SC controller to establish a secure communication channel. The SC controller dynamically creates a disposable voice service agent, which acts as a temporary computational container for managing the session. This agent is designed with tamper-proof logic to ensure the integrity and security of the call. The agent establishes an encrypted VPN-like tunnel between the SCs of both subscribers, which is then extended to their respective devices. This setup ensures that all voice data transmitted during the call remain confidential and protected from unauthorized access.

The voice service agent is synchronized with the duration of the call and is automatically deleted once the session ends. This ensures that no residual data or vulnerabilities remain, maintaining the privacy and security of the subscribers. The SC controller efficiently releases all resources associated with the call, including dismantling the encrypted tunnel and terminating the agent. This streamlined process not only enhances security but also optimizes the use of NW resources.

This approach offers numerous benefits. The process ensures a high level of security and privacy for all communications by utilizing encrypted VPN-like tunnels and tamper-proof agents. The dynamic creation and deletion of service agents allow for efficient resource allocation, preventing wastage. Subscribers are given full control over their interactions, with clear notifications about call statuses and the ability to accept or decline requests. Moreover, the decentralized nature of SCs and SC controllers ensures that the system can scale effectively to accommodate a growing number of subscribers and call requests.

6. Quantitative Evaluation

In this section, we present the quantitative evaluation metrics to assess the scalability and cost-effectiveness of the proposed SSFXG model. The following system environment assumptions are considered to emulate the network operations and interactions designed for each phase in the proposed SSFXG model. The blockchain environment is assumed to use an Ethereum-compatible test network for simulating public blockchain transactions and smart contract deployment. Ganache-CLI is utilized to emulate the blockchain operations, providing an in-memory blockchain environment capable of hosting the system’s smart contracts on a local machine. The smart contracts are developed using Solidity and interact with the blockchain through the Web3.py Python library. The SCs are deployed in Docker containers, hosted on virtual machines (VMs) with the following specifications: x86_64 architecture, Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz, and 4 GB of RAM.

The evaluation metrics used in this study are System Throughput, Blockchain Transaction Latency, Computation Cost, and Total Blockchain Cost. The first two metrics assess the scalability of the SSFXG model, measuring the system’s ability to handle increasing subscriber requests and the impact of concurrent requests on transaction latency. The latter two metrics evaluate the computational overhead and gas fees incurred during identity issuance, service provisioning, and voice call operations and the cost-effectiveness of a competitive bidding mechanism among network providers.

6.1. Scalability Evaluation

As shown in Figure 6, analyzing system throughput and transaction latency under varying loads of concurrent subscriber requests revealed critical insights into performance dynamics. As depicted in the results, blockchain transaction latency exhibited a predictable, gradual increase in response to the growing number of concurrent requests. Starting at a baseline of 0.5 s, latency scaled linearly with the request volume, reaching a peak of 0.6 s at 1000 concurrent requests. This linear behavior reflects the proportional relationship between the incoming request load and processing requirements, demonstrating that the system’s performance is consistent and aligned with theoretical expectations for this workload. It further indicates that the system effectively handles scaling demands without introducing inefficiencies or bottlenecks under higher loads.

System throughput demonstrated stability up to a threshold of 500 requests per second, aligning seamlessly with the system’s designed processing capacity, as demonstrated in Figure 6. However, throughput reached a plateau beyond this point, signaling a bottleneck imposed by the current resource allocation and processing framework. This observed limit highlights the need for strategic scalability enhancements to address future demand surges while maintaining the system’s integrity and efficiency.

The performance plateau observed in the system arises from a combination of architectural and operational constraints. Key factors include resource limitations, such as CPU and memory capacity, coupled with the blockchain network’s finite transaction throughput. As concurrent requests increase, the system faces additional overhead from tasks like request queuing and synchronization, which amplify the strain. The computational demands of executing smart contracts further exacerbate delays, while network bandwidth constraints within the distributed system add to the bottleneck. Collectively, these challenges define the saturation point where the system reaches its performance limits.

6.2. Cost of Operation

The quantitative evaluation of the SSFXG model provides insights into its cost-efficiency and scalability for blockchain-based identity management and network service provisioning, as illustrated in Figure 7. The analysis examined the breakdown of gas fees for blockchain transactions, computational overhead for executing smart contracts, and the overall impact of a competitive bidding mechanism. Gas fees were observed to increase proportionally with the number of subscribers and the complexity of smart contracts, ranging from $2.4\times {10}^{18}$ Wei to $2.4\times {10}^{19}$ Wei as the subscriber count scaled up to 1000. This linear cost progression is due to the deterministic nature of blockchain operations, where transaction costs are tied to the number and complexity of operations performed. Each additional subscriber introduces a similar computational and storage overhead, resulting in a predictable increase in cost. Such behavior confirms that the system scales in a controlled and consistent manner, making it viable for handling large-scale deployments with transparency in resource utilization.

Similarly, computational overhead exhibited a linear growth pattern with an increase in the number of requests, indicating consistent efficiency in handling smart contract operations as demand rises. The implementation of a competitive bidding mechanism resulted in significant cost savings, reducing the total service provisioning costs by approximately 20%. For instance, the estimated cost for 1000 subscribers without bidding was $3.0\times {10}^{19}$ Wei, while the cost decreased to $2.4\times {10}^{19}$ Wei with bidding.

7. Qualitative Evaluation and Open Discussion

The benefits of realizing the proposed SSFXG model as a standalone identity management system can then be envisaged as follows.

7.1. NW Interoperability and Identity Portability

In the SSFXG model, the unique identifier eliminates the need for NW providers to constantly update their systems for roaming services when subscribers switch between MNOs. Meanwhile, blockchain’s decentralized management system enables MNOs to integrate and share NW services and resources seamlessly. This approach simplifies the process of maintaining subscriber identities across different NWs and ensures that subscribers can effortlessly access services and maintain their identity regardless of the MNO they choose to use. Consequently, this enhances both interoperability among NWs and the portability of subscriber identities.

7.2. Privacy Preservation and Identity Protection

The SSFXG model eradicates the need for a central authority to manage subscription services. The design allows NW subscribers to control their subscription information and determine when and how to access NW services. Furthermore, the NW subscriber and the in-service MNO anonymously handle the identity verification process during service provisioning requests. To prevent potential misuse of subscribers’ identity information, access to the blockchain ledger containing this information is restricted to blockchain moderators (NW brokers and providers). This design feature addresses traceability concerns associated with NW subscribers.

7.3. Cost of NW Operation

Regarding the cost of operation, the SSFXG model can adopt a hierarchy-based cost calculation involving the management of the blockchain NW, issuing subscription identities, and resource operations. The responsibility for managing the blockchain NW is given exclusively to NW brokers and providers, with the associated costs shared equally among them. Additionally, the initial service cost is considered part of the NW CapEx, with new subscribers bearing the cost to balance operational expenses. This initial cost includes fees paid to NW brokers for issuing subscriber identities, deploying smart contracts, and running the developed SCs. Furthermore, this model ensures fairness through a decentralized agreement between MNOs that determines the management of NW OpEx and resources.

7.4. SSFXG Challenges and Open Discussion

7.4.1. Threat Model and Security Analysis

The proposed SSFXG framework introduces several security enhancements to protect user identity and privacy in a decentralized wireless communication environment. However, like any system, it must address potential threats across various attack vectors. One key threat category is identity theft and impersonation attacks, where malicious actors attempt to gain unauthorized access to a subscriber’s identity credentials. To counter this, the SSFXG framework leverages secure distributed SCs for storing identity credentials, which are protected with strong cryptographic mechanisms. These SCs ensure that subscriber data remain isolated and tamper-proof, preventing unauthorized modifications or duplication. Additionally, the use of blockchain technology fortifies the system against data-tampering by maintaining an immutable and transparent record of transactions. In the event of attempted identity forgery, the framework’s reliance on cryptographic verification ensures that only valid credentials can be authenticated by network providers.

Another major threat vector is man-in-the-middle (MITM) attacks and eavesdropping, especially during identity verification and communication sessions. The decentralized architecture of SSFXG inherently reduces exposure to centralized points of failure, mitigating the risk of large-scale data breaches. Moreover, during the identity verification process, the system utilizes anonymized credentials and cascaded VPN-like tunnels to safeguard user privacy. This ensures that sensitive identity details are never exposed, even to network providers, and eliminates traceability. Furthermore, the use of consortium blockchain in SSFXG ensures the integrity of the interactions between network participants, such as providers and brokers, by securing transactions with cryptographic signatures and distributed validation. By decentralizing operations and anonymizing interactions, the SSFXG framework minimizes opportunities for adversaries to intercept or compromise sensitive data, offering a robust defense against these threats.

7.4.2. SSFXG and Quantum Computing Attacks

The SSFXG framework, though innovative with its blockchain-based decentralized management, is vulnerable to quantum attacks due to its use of classical cryptographic algorithms. Quantum computers can rapidly solve complex problems like factoring large numbers and calculating discrete logarithms, potentially compromising the cryptographic infrastructure of blockchain transactions and identity data [25]. This vulnerability underscores the need for quantum-resistant cryptographic algorithms to secure such systems against quantum threats.

7.4.3. Blockchain Scalability and Energy Consumption

As the number of users and transactions on the NW increases, the blockchain system must maintain performance without significant delays or increased costs. Scalability is a critical issue for blockchain NWs, especially in complex and high-demand environments like wireless communication. Additionally, blockchain operations, particularly those using consensus mechanisms like Proof of Work, are energy-intensive. The environmental impact and energy costs pose significant challenges for deploying blockchain sustainably and cost-effectively.

7.4.4. Integration with Existing Infrastructure

Integrating SSFXG with existing MNO infrastructure could face technical and administrative hurdles, such as compatibility with legacy systems and transitioning from centralized to decentralized models. Ensuring seamless service during the transition is crucial. Widespread adoption by MNOs and subscribers is necessary, requiring overcoming inertia and skepticism toward new technologies.

8. Conclusions

This paper presented SSFXG, a decentralized self-sovereign identity management and control system that promotes privacy-friendly communication in NextG wireless networks. SSFXG decouples subscriber identities from wireless communication network management, empowering subscribers to control and govern their subscription identity information while ensuring trustworthy and decentralized network coverage and service provisioning. This model’s unique structure and proposed approach represent a significant step toward the future of federated NextG wireless communication systems, addressing potential design obstacles such as identity management scalability, subscriber privacy protection, and secure coordination between service providers.

Future work will focus on enhancing the scalability and efficiency of the SSFXG model to handle increasingly diverse and large-scale deployments. Additionally, efforts will be directed toward further optimizing the integration of SSFXG with existing communication standards and exploring its adaptability to emerging paradigms such as AI-driven network orchestration.