A Systematic Comparison between the Ethereum and Hyperledger Fabric Blockchain Platforms for Attribute-Based Access Control in Smart Home IoT Environments

Despite the lack of blockchain systems being utilized in modern IoT environments, the prevalence of blockchain technology is increasing, due to its high level of security and accountability. The integration of blockchain technology and access control in a decentralized system for smart home networks is a promising solution to this issue. This paper compares the implementation of attribute-based access control (ABAC) with two popular blockchain platforms, Ethereum and Hyperledger Fabric, for a smart home internet of things (IoT) environment. We present a comprehensive summary of access-control and blockchain-access-control methods, to provide the necessary background for this study. Additionally, we present an original ABAC smart contract for Ethereum, and the modification of a pre-existing Hyperledger Fabric ABAC smart contract, for this comparison. Through the simulation of both implementations, the advantages and limitations will be considered, to determine which is better suited for a smart home IoT environment.

[1]  Balaji Palanisamy,et al.  Decentralized Authorization using Hyperledger Fabric , 2022, 2022 IEEE International Conference on Blockchain (Blockchain).

[2]  Auqib Hamid Lone,et al.  Blockchain Driven Access Control Mechanisms, Models and Frameworks: A Systematic Literature Review , 2022, Journal of Information Security and Cybercrimes Research.

[3]  Jingyue Li,et al.  A Vulnerability Detection Framework for Hyperledger Fabric Smart Contracts Based on Dynamic and Static Analysis , 2022, EASE.

[4]  Alaa Amjed Abdulateef,et al.  Hyperledger, Ethereum and Blockchain Technology: A Short Overview , 2021, 2021 3rd International Congress on Human-Computer Interaction, Optimization and Robotic Applications (HORA).

[5]  Sujata Pal,et al.  User authentication using Blockchain based smart contract in role-based access control , 2021, Peer-to-Peer Networking and Applications.

[6]  Ki-Hyung Kim,et al.  Attribute-Based Access Control(ABAC) with Decentralized Identifier in the Blockchain-Based Energy Transaction Platform , 2021, 2021 International Conference on Information Networking (ICOIN).

[7]  P. Nanda,et al.  Security and Privacy Implementation in Smart Home: Attributes Based Access Control and Smart Contracts , 2020, 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom).

[8]  Masahiro Sasabe,et al.  Attribute-Based Access Control for Smart Cities: A Smart-Contract-Driven Framework , 2020, IEEE Internet of Things Journal.

[9]  Rakesh Tripathi,et al.  Scalable and secure access control policy for healthcare system using blockchain and enhanced Bell–LaPadula model , 2020, Journal of Ambient Intelligence and Humanized Computing.

[10]  Yu Chen,et al.  Decentralized Access Control for IoT Based on Blockchain and Smart Contract , 2020 .

[11]  Ralph Deters,et al.  Distributed attribute-based access control system using permissioned blockchain , 2020, World Wide Web.

[12]  Abdulsalam Yassine,et al.  Blockchain for smart homes: Review of current trends and research challenges , 2020, Comput. Electr. Eng..

[13]  Ahmed E. Hassan,et al.  An exploratory study of smart contracts in the Ethereum blockchain platform , 2020, Empirical Software Engineering.

[14]  Yuhang Liu,et al.  Performance analysis of Hyperledger Fabric platform: A hierarchical model approach , 2020, Peer-to-Peer Networking and Applications.

[15]  Xiaolin Chang,et al.  Performance analysis of Hyperledger Fabric platform: A hierarchical model approach , 2020, Peer-to-Peer Networking and Applications.

[16]  Dezhi Han,et al.  Fabric-iot: A Blockchain-Based Access Control System in IoT , 2020, IEEE Access.

[17]  Masahiro Sasabe,et al.  Using Ethereum Blockchain for Distributed Attribute-Based Access Control in the Internet of Things , 2019, 2019 IEEE Global Communications Conference (GLOBECOM).

[18]  Masahiro Sasabe,et al.  Capability-Based Access Control for the Internet of Things: An Ethereum Blockchain-Based Scheme , 2019, 2019 IEEE Global Communications Conference (GLOBECOM).

[19]  Ruhi Taş,et al.  Building A Decentralized Application on the Ethereum Blockchain , 2019, 2019 3rd International Symposium on Multidisciplinary Studies and Innovative Technologies (ISMSIT).

[20]  Keon Myung Lee,et al.  Blockchain-based RBAC for user authentication with anonymity , 2019, RACS.

[21]  Ralph Deters,et al.  Blockchain based access control systems: State of the art and challenges , 2019, 2019 IEEE/WIC/ACM International Conference on Web Intelligence (WI).

[22]  S. Cummings,et al.  Benefits and Challenges , 2019, SpringerBriefs in Aging.

[23]  Laura Ricci,et al.  A blockchain based approach for the definition of auditable Access Control systems , 2019, Comput. Secur..

[24]  Sanjay Madria,et al.  A Permissioned Blockchain Based Access Control System for IOT , 2019, 2019 IEEE International Conference on Blockchain (Blockchain).

[25]  Ralph Deters,et al.  Security, Performance, and Applications of Smart Contracts: A Systematic Survey , 2019, IEEE Access.

[26]  Chen Li,et al.  A Novel Attribute-Based Access Control Scheme Using Blockchain for IoT , 2019, IEEE Access.

[27]  Chien-Chung Shen,et al.  Multi-Authority Attribute-Based Access Control with Smart Contract , 2019, ICBCT.

[28]  S. Bonilla,et al.  Blockchain and supply chain management integration: a systematic review of the literature , 2019, Supply Chain Management: An International Journal.

[29]  Ivan Kotuliak,et al.  Management and Monitoring of IoT Devices Using Blockchain † , 2019, Sensors.

[30]  Sherali Zeadally,et al.  A survey on privacy protection in blockchain system , 2019, J. Netw. Comput. Appl..

[31]  Chen Feng,et al.  Selfish Mining in Ethereum , 2019, 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS).

[32]  Minh Son Nguyen,et al.  An Approach to Data Privacy in Smart Home using Blockchain Technology , 2018, 2018 International Conference on Advanced Computing and Applications (ACOMP).

[33]  D. Richard Kuhn,et al.  Access Control for Emerging Distributed Systems , 2018, Computer.

[34]  William C. Chu,et al.  TBAC: Transaction-Based Access Control on Blockchain for Resource Sharing with Cryptographically Decentralized Authorization , 2018, 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC).

[35]  Yaling Zhang,et al.  A Blockchain-Based Framework for Data Sharing With Fine-Grained Access Control in Decentralized Storage Systems , 2018, IEEE Access.

[36]  Jun Sun,et al.  Using Ethereum Blockchain in Internet of Things: A Solution for Electric Vehicle Battery Refueling , 2018, ICBC.

[37]  Nikos Fotiou,et al.  Smart Contracts for the Internet of Things: Opportunities and Challenges , 2018, 2018 European Conference on Networks and Communications (EuCNC).

[38]  Christopher D. Clack,et al.  Smart Contract Templates: Legal semantics and code validation , 2018 .

[39]  Uwe Zdun,et al.  Smart contracts: security patterns in the ethereum ecosystem and solidity , 2018, 2018 International Workshop on Blockchain Oriented Software Engineering (IWBOSE).

[40]  Naoto Yanai,et al.  RBAC-SC: Role-Based Access Control Using Smart Contract , 2018, IEEE Access.

[41]  Jian Mao,et al.  Application of learning algorithms in smart home IoT system security , 2018, Math. Found. Comput..

[42]  Xiaohong Jiang,et al.  Smart Contract-Based Access Control for the Internet of Things , 2018, IEEE Internet of Things Journal.

[43]  Khaled Salah,et al.  IoT security: Review, blockchain solutions, and open challenges , 2017, Future Gener. Comput. Syst..

[44]  Ahmed Serhrouchni,et al.  Decentralized Access Control Mechanism with Temporal Dimension Based on Blockchain , 2017, 2017 IEEE 14th International Conference on e-Business Engineering (ICEBE).

[45]  D. Richard Kuhn,et al.  Attribute-Based Access Control , 2017, Computer.

[46]  Ravi S. Sandhu,et al.  Access Control Model for AWS Internet of Things , 2017, NSS.

[47]  Nir Kshetri,et al.  Can Blockchain Strengthen the Internet of Things? , 2017, IT Professional.

[48]  Mohsen Guizani,et al.  MeDShare: Trust-Less Medical Data Sharing Among Cloud Service Providers via Blockchain , 2017, IEEE Access.

[49]  Vladimiro Sassone,et al.  Decentralised Runtime Monitoring for Access Control Systems in Cloud Federations , 2017, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).

[50]  Laura Ricci,et al.  Blockchain Based Access Control , 2017, DAIS.

[51]  Prem Prakash Jayaraman,et al.  Scalable Role-Based Data Disclosure Control for the Internet of Things , 2017, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).

[52]  Xin Chen,et al.  An Access Control Model for Resource Sharing Based on the Role-Based Access Control Intended for Multi-Domain Manufacturing Internet of Things , 2017, IEEE Access.

[53]  Vladimiro Sassone,et al.  A Distributed Access Control System for Cloud Federations , 2017, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).

[54]  Praveen Gauravaram,et al.  Blockchain for IoT security and privacy: The case study of a smart home , 2017, 2017 IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom Workshops).

[55]  Emmanuel Bertin,et al.  A Community-Driven Access Control Approach in Distributed IoT Environments , 2017, IEEE Communications Magazine.

[56]  Ahmed Banafa,et al.  IoT and Blockchain Convergence: Benefits and Challenges , 2017 .

[57]  Andrew Lippman,et al.  MedRec: Using Blockchain for Medical Data Access and Permission Management , 2016, 2016 2nd International Conference on Open and Big Data (OBD).

[58]  Gareth W. Peters,et al.  Understanding Modern Banking Ledgers Through Blockchain Technologies: Future of Transaction Processing and Smart Contracts on the Internet of Money , 2015, ArXiv.

[59]  David F. Ferraiolo,et al.  Guide to Attribute Based Access Control (ABAC) Definition and Considerations , 2014 .

[60]  Domenico Rotondi,et al.  A capability-based security approach to manage access control in the Internet of Things , 2013, Math. Comput. Model..

[61]  Stefan Berger,et al.  Shamon: A System for Distributed Mandatory Access Control , 2006, 2006 22nd Annual Computer Security Applications Conference (ACSAC'06).

[62]  Jin Tong,et al.  Attributed based access control (ABAC) for Web services , 2005, IEEE International Conference on Web Services (ICWS'05).

[63]  Ravi S. Sandhu,et al.  Peer-to-peer access control architecture using trusted computing technology , 2005, SACMAT '05.

[64]  Miguel P Caldas,et al.  Research design: qualitative, quantitative, and mixed methods approaches , 2003 .

[65]  Howard J. Hamilton,et al.  TABI: Trust-Based ABAC Mechanism for Edge-IoT Using Blockchain Technology , 2023, IEEE Access.

[66]  Satpal Singh Kushwaha,et al.  Systematic Review of Security Vulnerabilities in Ethereum Blockchain Smart Contract , 2022, IEEE Access.

[67]  Xiangjian He,et al.  Privacy-Preserving Mechanism in Smart Home Using Blockchain , 2021, IEEE Access.

[68]  Zheming Yang,et al.  Internet of Things Access Control System Based on Hyperledger , 2021, Journal of Physics: Conference Series.

[69]  Yi Wang,et al.  Blockchain System Defensive Overview for Double-Spend and Selfish Mining Attacks: A Systematic Approach , 2021, IEEE Access.

[70]  Lihua Song,et al.  Attribute-Based Access Control Using Smart Contracts for the Internet of Things , 2020 .

[71]  Madhusudan Singh,et al.  Chapter Four - Blockchain technology for decentralized autonomous organizations , 2019, Adv. Comput..

[72]  Xinyu Yang,et al.  A Survey on the Edge Computing for the Internet of Things , 2018, IEEE Access.

[73]  Mahadev Satyanarayanan,et al.  The Emergence of Edge Computing , 2017, Computer.

[74]  Nn Van,et al.  A Blockchain-based Access Control for Big Data , 2017 .

[75]  Philipp G. Sandner,et al.  Comparison of Ethereum, Hyperledger Fabric and Corda , 2017 .

[76]  Vitalik Buterin A NEXT GENERATION SMART CONTRACT & DECENTRALIZED APPLICATION PLATFORM , 2015 .

[77]  Stefan Berger,et al.  IBM Research Report DeuTeRiuM - A System for Distributed Mandatory Access Control , 2006 .