Entitlement-Based Access Control for Smart Cities Using Blockchain

Smart cities use the Internet of Things (IoT) devices such as connected sensors, lights, and meters to collect and analyze data to improve infrastructure, public utilities, and services. However, the true potential of smart cities cannot be leveraged without addressing many security concerns. In particular, there is a significant challenge for provisioning a reliable access control solution to share IoT data among various users across organizations. We present a novel entitlement-based blockchain-enabled access control architecture that can be used for smart cities (and for any ap-plication domains that require large-scale IoT deployments). Our proposed entitlement-based access control model is flexible as it facilitates a resource owner to safely delegate access rights to any entities beyond the trust boundary of an organization. The detailed design and implementation on Ethereum blockchain along with a qualitative evaluation of the security and access control aspects of the proposed scheme are presented in the paper. The experimental results from private Ethereum test networks demonstrate that our proposal can be easily implemented with low latency. This validates that our proposal is applicable to use in the real world IoT environments.

[1]  Daniel Sierra-Sosa,et al.  IoT in Smart Cities: A Survey of Technologies, Practices and Challenges , 2021, Smart Cities.

[2]  D. Richard Kuhn,et al.  Attribute-Based Access Control , 2017, Computer.

[3]  Ravi S. Sandhu,et al.  Access Control Model for AWS Internet of Things , 2017, NSS.

[4]  Antonio Puliafito,et al.  Experimenting with smart contracts for access control and delegation in IoT , 2020, Future Gener. Comput. Syst..

[5]  S. Sharma,et al.  Blockchain for smart cities: A review of architectures, integration trends and future research directions , 2020 .

[6]  Jihua Zhu,et al.  Merging Grid Maps in Diverse Resolutions by the Context-based Descriptor , 2021, ACM Trans. Internet Techn..

[7]  Nadeem Javaid,et al.  Data Sharing System Integrating Access Control Mechanism using Blockchain-Based Smart Contracts for IoT Devices , 2020, Applied Sciences.

[8]  Choong Seon Hong,et al.  Blockchain for IoT-based smart cities: Recent advances, requirements, and future challenges , 2021, J. Netw. Comput. Appl..

[9]  Xin Chen,et al.  An Access Control Model for Resource Sharing Based on the Role-Based Access Control Intended for Multi-Domain Manufacturing Internet of Things , 2017, IEEE Access.

[10]  Ru-chuan Wang,et al.  An efficient authentication and access control scheme for perception layer of Internet of Things , 2014 .

[11]  Chen Li,et al.  A Novel Attribute-Based Access Control Scheme Using Blockchain for IoT , 2019, IEEE Access.

[12]  Wang Xiaochang,et al.  Blockchain-Enabled Decentralized Trust Management and Secure Usage Control of IoT Big Data , 2020, IEEE Internet of Things Journal.

[13]  Genshe Chen,et al.  BlendCAC: A BLockchain-Enabled Decentralized Capability-Based Access Control for IoTs , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[14]  Domenico Rotondi,et al.  A capability-based security approach to manage access control in the Internet of Things , 2013, Math. Comput. Model..

[15]  Fariza Sabrina A Novel Entitlement-based Blockchain-enabled Security Architecture for IoT , 2019, 2019 29th International Telecommunication Networks and Applications Conference (ITNAC).

[16]  Nadra Guizani,et al.  Securing Smart Cities through Blockchain Technology: Architecture, Requirements, and Challenges , 2020, IEEE Network.

[17]  Xiaohui Liang,et al.  Security and Privacy in Smart City Applications: Challenges and Solutions , 2017, IEEE Communications Magazine.

[18]  Oscar Novo,et al.  Blockchain Meets IoT: An Architecture for Scalable Access Management in IoT , 2018, IEEE Internet of Things Journal.

[19]  Alex Pentland,et al.  Blockchain Use Cases in Digital Sectors: A Review of the Literature , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[20]  Xiaohong Jiang,et al.  Smart Contract-Based Access Control for the Internet of Things , 2018, IEEE Internet of Things Journal.

[21]  Prem Prakash Jayaraman,et al.  Scalable Role-Based Data Disclosure Control for the Internet of Things , 2017, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).

[22]  Mazliza Othman,et al.  Internet of Things security: A survey , 2017, J. Netw. Comput. Appl..

[23]  Yu Chen,et al.  Decentralized Access Control for IoT Based on Blockchain and Smart Contract , 2020 .

[24]  Luca Veltri,et al.  IoTChain: A blockchain security architecture for the Internet of Things , 2018, 2018 IEEE Wireless Communications and Networking Conference (WCNC).

[25]  Peng Wang,et al.  An Attribute-Based Distributed Access Control for Blockchain-enabled IoT , 2019, 2019 International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob).

[26]  Hicham Lakhlef,et al.  Internet of things security: A top-down survey , 2018, Comput. Networks.

[27]  Azzedine Boukerche,et al.  Sensing, communication and security planes: A new challenge for a smart city system design , 2018, Comput. Networks.

[28]  Joel J. P. C. Rodrigues,et al.  On the Design of Blockchain-Based Access Control Protocol for IoT-Enabled Healthcare Applications , 2020, ICC 2020 - 2020 IEEE International Conference on Communications (ICC).

[29]  Ronghua Xu,et al.  Decentralized Video Input Authentication as an Edge Service for Smart Cities , 2021, IEEE Consumer Electronics Magazine.

[30]  Masahiro Sasabe,et al.  Attribute-Based Access Control for Smart Cities: A Smart-Contract-Driven Framework , 2020, IEEE Internet of Things Journal.

[31]  Fariza Sabrina,et al.  Blockchain and Structural Relationship Based Access Control for IoT: A Smart City Use Case , 2019, 2019 IEEE 44th Conference on Local Computer Networks (LCN).

[32]  Ramjee Prasad,et al.  Identity Authentication and Capability Based Access Control (IACAC) for the Internet of Things , 2012, J. Cyber Secur. Mobil..

[33]  Anas Abou El Kalam,et al.  FairAccess: a new Blockchain-based access control framework for the Internet of Things , 2016, Secur. Commun. Networks.

[34]  Sanjay Madria,et al.  A Permissioned Blockchain Based Access Control System for IOT , 2019, 2019 IEEE International Conference on Blockchain (Blockchain).