Privacy aware decentralized access control system

Abstract IoT security and privacy have proven to be a significant challenge. The traditional access control protocols are not suitable for IoT mainly due to a massive scale, ubiquitous connectivity and distributed nature. Blockchain based access control approaches provide decentralized security but they involve scalability problem, high transaction fees, a significant delay, and computational overhead that is not acceptable for resource-constrained IoT devices. Moreover, data published on the blockchain are public which is not ideal for many scenarios. In this paper, we proposed a new decentralized access control system based on the Tangle which empowers the users to dictate the access to their resource. In our proposed decentralized access control model the policies and access rights are published on the Tangle which guarantees distributed auditability and prevents the user from fraudulently denying the granted access rights. The main contribution of the paper is to provide privacy of the policy by leveraging Masked Authenticated Messaging (MAM) data communication protocol. The proposed work is validated by implementation and is tested with AVISPA tool which confirms security in the presence of the intruder.

[1]  Tom Mens,et al.  The Ecology of Software Ecosystems , 2015, Computer.

[2]  Anas Abou El Kalam,et al.  FairAccess: a new Blockchain-based access control framework for the Internet of Things , 2016, Secur. Commun. Networks.

[3]  Fadi Al-Turjman,et al.  Small Cells in the Forthcoming 5G/IoT: Traffic Modelling and Deployment Overview , 2019, IEEE Communications Surveys & Tutorials.

[4]  Ralph C. Merkle,et al.  A Certified Digital Signature , 1989, CRYPTO.

[5]  David F. Ferraiolo,et al.  Guide to Attribute Based Access Control (ABAC) Definition and Considerations , 2014 .

[6]  P. Samarati,et al.  Access control: principle and practice , 1994, IEEE Communications Magazine.

[7]  Lei Wang,et al.  Trust Mechanism in Distributed Access Control Model of P2P Networks , 2008, Seventh IEEE/ACIS International Conference on Computer and Information Science (icis 2008).

[8]  Adam Back,et al.  Hashcash - A Denial of Service Counter-Measure , 2002 .

[9]  Prem Prakash Jayaraman,et al.  Scalable Role-Based Data Disclosure Control for the Internet of Things , 2017, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).

[10]  Andrew W. Moore,et al.  Reinforcement Learning: A Survey , 1996, J. Artif. Intell. Res..

[11]  Nan Lin,et al.  The research on Internet of things application architecture based on web , 2014, 2014 IEEE Workshop on Advanced Research and Technology in Industry Applications (WARTIA).

[12]  Dipti Srinivasan,et al.  A comparative analysis of centralized and decentralized multi-agent architecture for service restoration , 2016, 2016 IEEE Congress on Evolutionary Computation (CEC).

[13]  Laura Ricci,et al.  Blockchain Based Access Control , 2017, DAIS.

[14]  Hajar Mousannif,et al.  Access control in the Internet of Things: Big challenges and new opportunities , 2017, Comput. Networks.

[15]  Ian F. Akyildiz,et al.  Sensor Networks , 2002, Encyclopedia of GIS.

[16]  Fadi Al-Turjman QoS - aware data delivery framework for safety-inspired multimedia in integrated vehicular-IoT , 2018, Comput. Commun..

[17]  Baijian Yang,et al.  Internet of things: Survey on security , 2017, Inf. Secur. J. A Glob. Perspect..

[18]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[19]  Aïcha Mokhtari,et al.  Representation and Reasoning on ORBAC: Description Logic with Defaults and Exceptions Approach , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[20]  David M. Eyers,et al.  Twenty Security Considerations for Cloud-Supported Internet of Things , 2016, IEEE Internet of Things Journal.

[21]  Serguei Popov,et al.  Equilibria in the Tangle , 2017, Comput. Ind. Eng..

[22]  Xiaohong Jiang,et al.  Smart Contract-Based Access Control for the Internet of Things , 2018, IEEE Internet of Things Journal.

[23]  Fadi Al-Turjman,et al.  A Novel Security Model for Cooperative Virtual Networks in the IoT Era , 2018, International Journal of Parallel Programming.

[24]  Xin Chen,et al.  An Access Control Model for Resource Sharing Based on the Role-Based Access Control Intended for Multi-Domain Manufacturing Internet of Things , 2017, IEEE Access.

[25]  Elaine Shi,et al.  On Scaling Decentralized Blockchains - (A Position Paper) , 2016, Financial Cryptography Workshops.

[26]  D. Richard Kuhn,et al.  Attribute-Based Access Control , 2017, Computer.

[27]  Rodrigo Roman,et al.  On the features and challenges of security and privacy in distributed internet of things , 2013, Comput. Networks.

[28]  Luigi Alfredo Grieco,et al.  Security, privacy and trust in Internet of Things: The road ahead , 2015, Comput. Networks.

[29]  Fadi Al-Turjman,et al.  5G-enabled devices and smart-spaces in social-IoT: An overview , 2017, Future Gener. Comput. Syst..

[30]  Yunpeng Zhang,et al.  Decentralized, BlockChain Based Access Control Framework for the Heterogeneous Internet of Things , 2018 .

[31]  Sinem Alturjman,et al.  Context-Sensitive Access in Industrial Internet of Things (IIoT) Healthcare Applications , 2018, IEEE Transactions on Industrial Informatics.

[32]  Laura Ricci,et al.  A blockchain based approach for the definition of auditable Access Control systems , 2019, Comput. Secur..

[33]  Abdellah Ait Ouahman,et al.  Towards a Novel Privacy-Preserving Access Control Model Based on Blockchain Technology in IoT , 2017 .

[34]  Aissam Outchakoucht,et al.  Dynamic Access Control Policy based on Blockchain and Machine Learning for the Internet of Things , 2017 .

[35]  Domenico Rotondi,et al.  IoT Access Control Issues: A Capability Based Approach , 2012, 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.

[36]  Tanja Lange,et al.  Post-quantum cryptography , 2008, Nature.

[37]  Ming Li,et al.  Data security and privacy in wireless body area networks , 2010, IEEE Wireless Communications.

[38]  Doo-Kwon Baik,et al.  Privacy-Preserving Attribute-Based Access Control Model for XML-Based Electronic Health Record System , 2018, IEEE Access.

[39]  Fadi Al-Turjman,et al.  Confidential smart-sensing framework in the IoT era , 2018, The Journal of Supercomputing.

[40]  Sarah Underwood,et al.  Blockchain beyond bitcoin , 2016, Commun. ACM.

[41]  Fadi Al-Turjman,et al.  5G/IoT-enabled UAVs for multimedia delivery in industry-oriented applications , 2018, Multimedia Tools and Applications.