Blockchain-Based Context-Aware Authorization Management as a Service in IoT

Internet of Things (IoT) applications bring evolved and intelligent services that can help improve users’ daily lives. These applications include home automation, health care, and smart agriculture. However, IoT development and adoption face various security and privacy challenges that need to be overcome. As a promising security paradigm, context-aware security enables one to enforce security and privacy mechanisms adaptively. Moreover, with the advancements in edge computing, context-aware security services can dynamically be placed close to a user’s location and enable the support of low latency communication and mobility. Therefore, the design of an adaptive and decentralized access control mechanism becomes a necessity. In this paper, we propose a decentralized context-aware authorization management as a service based on the blockchain. The proposed architecture extends the Authentication and Authorization for Constrained Environments (ACE) framework with blockchain technology and context-awareness capabilities. Instead of a classic Open Authorization 2.0 (OAuth) access token, it uses a new contextual access token. The evaluation results show our proposition’s effectiveness and advantages in terms of usability, security, low latency, and energy consumption.

[1]  Dick Hardt,et al.  The OAuth 2.0 Authorization Framework , 2012, RFC.

[2]  Tharam S. Dillon,et al.  Achieving security scalability and flexibility using Fog-Based Context-Aware Access Control , 2020, Future Gener. Comput. Syst..

[3]  Tidiane Sylla,et al.  Context-aware security in the internet of things: a survey , 2021, Int. J. Auton. Adapt. Commun. Syst..

[4]  Bernard Tourancheau,et al.  Securing Complex IoT Platforms with Token Based Access Control and Authenticated Key Establishment , 2017, 2017 International Workshop on Secure Internet of Things (SIoT).

[5]  F. Richard Yu,et al.  A Survey of Blockchain Technology Applied to Smart Cities: Research Issues and Challenges , 2019, IEEE Communications Surveys & Tutorials.

[6]  Ted Taekyoung Kwon,et al.  D2TLS: delegation-based DTLS for cloud-based IoT services , 2019, IoTDI.

[7]  Edsger W. Dijkstra A Tutorial on the Split Binary Semaphore , 1982 .

[8]  Aafaf Ouaddah,et al.  Chapter Eight - A blockchain based access control framework for the security and privacy of IoT with strong anonymity unlinkability and intractability guarantees , 2019, Adv. Comput..

[9]  Mohamed Aymen Chalouf,et al.  SETUCOM: Secure and Trustworthy Context Management for Context-Aware Security and Privacy in the Internet of Things , 2021, Secur. Commun. Networks.

[10]  Dipankar Raychaudhuri,et al.  Scalability and Performance Evaluation of Edge Cloud Systems for Latency Constrained Applications , 2018, 2018 IEEE/ACM Symposium on Edge Computing (SEC).

[11]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[12]  OSCAR: Object security architecture for the Internet of Things , 2015, Ad Hoc Networks.

[13]  Michael B. Jones,et al.  CBOR Web Token (CWT) , 2018, RFC.

[14]  Hector Marco-Gisbert,et al.  Assessing Blockchain Consensus and Security Mechanisms against the 51% Attack , 2019, Applied Sciences.

[15]  Bin Song,et al.  A Decentralized Context-aware Cross-domain Authorization Scheme for Pervasive Computing , 2019, ICNCC.

[16]  Masahiro Sasabe,et al.  Attribute-Based Access Control for Smart Cities: A Smart-Contract-Driven Framework , 2020, IEEE Internet of Things Journal.

[17]  Kratos , 2020, Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks.

[18]  Xiaohong Jiang,et al.  Smart Contract-Based Access Control for the Internet of Things , 2018, IEEE Internet of Things Journal.

[19]  Jorge Bernal Bernabe,et al.  Managing Context Information for Adaptive Security in IoT Environments , 2015, 2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops.

[20]  Elyes Ben Hamida,et al.  Towards Anonymous, Unlinkable, and Confidential Transactions in Blockchain , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[21]  Mohamed Hamdi,et al.  Context-aware access control and anonymous authentication in WBAN , 2020, Comput. Secur..

[22]  Michael Devetsikiotis,et al.  Blockchains and Smart Contracts for the Internet of Things , 2016, IEEE Access.

[23]  Khaled Salah,et al.  Decentralized Access Control for IoT Data Using Blockchain and Trusted Oracles , 2019, 2019 IEEE International Conference on Industrial Internet (ICII).

[24]  Fabiano Hessel,et al.  Providing Context-Aware Security for IoT Environments Through Context Sharing Feature , 2018, 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE).

[25]  Francesca Palombini,et al.  Comparison of CoAP Security Protocols , 2020 .

[26]  Soumaya Cherkaoui,et al.  Context-Aware Adaptive Authentication and Authorization in Internet of Things , 2019, ICC 2019 - 2019 IEEE International Conference on Communications (ICC).

[27]  Devesh C. Jinwala,et al.  Decentralized Context Aware Access Control Model for Internet of Things , 2020 .

[28]  Olivier Boireau,et al.  Securing the blockchain against hackers , 2018, Netw. Secur..

[29]  Engin Kirda,et al.  Kratos: multi-user multi-device-aware access control system for the smart home , 2019, WISEC.

[30]  Carsten Bormann,et al.  The Constrained Application Protocol (CoAP) , 2014, RFC.

[31]  Mohamed Aymen Chalouf,et al.  Towards a Context-Aware Security and Privacy as a Service in the Internet of Things , 2019, WISTP.

[32]  Luca Veltri,et al.  IoTChain: A blockchain security architecture for the Internet of Things , 2018, 2018 IEEE Wireless Communications and Networking Conference (WCNC).

[33]  Zibin Zheng,et al.  Blockchain challenges and opportunities: a survey , 2018, Int. J. Web Grid Serv..

[34]  Michael B. Jones,et al.  Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs) , 2016, RFC.

[35]  T. Kwon,et al.  D2TLS , 2019, Proceedings of the International Conference on Internet of Things Design and Implementation.

[36]  Giuseppe Piro,et al.  OAuth-IoT: An access control framework for the Internet of Things based on open standards , 2017, 2017 IEEE Symposium on Computers and Communications (ISCC).

[37]  Francesca Palombini,et al.  Ephemeral Diffie-Hellman Over COSE (EDHOC) , 2019 .

[38]  Arkady B. Zaslavsky,et al.  Context Aware Computing for The Internet of Things: A Survey , 2013, IEEE Communications Surveys & Tutorials.

[39]  Genshe Chen,et al.  BlendCAC: A BLockchain-Enabled Decentralized Capability-Based Access Control for IoTs , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[40]  Keon Myung Lee,et al.  Blockchain-based RBAC for user authentication with anonymity , 2019, RACS.

[41]  Mohamed Aymen Chalouf,et al.  A Scalable Blockchain-based Approach for Authentication and Access Control in Software Defined Vehicular Networks , 2020, 2020 29th International Conference on Computer Communications and Networks (ICCCN).

[42]  Hannes Tschofenig,et al.  OAuth 2.0 Proof-of-Possession: Authorization Server to Client Key Distribution , 2019 .

[43]  Paul E. Hoffman,et al.  Concise Binary Object Representation (CBOR) , 2020, RFC.