A Novel Attribute-Based Access Control Scheme Using Blockchain for IoT

With the sharp increase in the number of intelligent devices, the Internet of Things (IoT) has gained more and more attention and rapid development in recent years. It effectively integrates the physical world with the Internet over existing network infrastructure to facilitate sharing data among intelligent devices. However, its complex and large-scale network structure brings new security risks and challenges to IoT systems. To ensure the security of data, traditional access control technologies are not suitable to be directly used for implementing access control in IoT systems because of their complicated access management and the lack of credibility due to centralization. In this paper, we proposed a novel attribute-based access control scheme for IoT systems, which simplifies greatly the access management. We use blockchain technology to record the distribution of attributes in order to avoid single point failure and data tampering. The access control process has also been optimized to meet the need for high efficiency and lightweight calculation for IoT devices. The security and performance analysis show that our scheme could effectively resist multiple attacks and be efficiently implemented in IoT systems.

[1]  Jin Li,et al.  Ensuring attribute privacy protection and fast decryption for outsourced data security in mobile cloud computing , 2017, Inf. Sci..

[2]  M. Iansiti,et al.  The Truth about Blockchain , 2017 .

[3]  Andrei V. Gurtov,et al.  PAuthKey: A Pervasive Authentication Protocol and Key Establishment Scheme for Wireless Sensor Networks in Distributed IoT Applications , 2014, Int. J. Distributed Sens. Networks.

[4]  Oscar Novo,et al.  Blockchain Meets IoT: An Architecture for Scalable Access Management in IoT , 2018, IEEE Internet of Things Journal.

[5]  Robert H. Deng,et al.  Security and Privacy in Smart Health: Efficient Policy-Hiding Attribute-Based Access Control , 2018, IEEE Internet of Things Journal.

[6]  Luca Veltri,et al.  IoT-OAS: An OAuth-Based Authorization Service Architecture for Secure Services in IoT Scenarios , 2015, IEEE Sensors Journal.

[7]  Anas Abou El Kalam,et al.  FairAccess: a new Blockchain-based access control framework for the Internet of Things , 2016, Secur. Commun. Networks.

[8]  Sarah Abdallah,et al.  Identity-based authentication scheme for the Internet of Things , 2016, 2016 IEEE Symposium on Computers and Communication (ISCC).

[9]  Hajar Mousannif,et al.  Access control in the Internet of Things: Big challenges and new opportunities , 2017, Comput. Networks.

[10]  Alessandro Armando,et al.  SATMC: a SAT-based model checker for security protocols, business processes, and security APIs , 2004, International Journal on Software Tools for Technology Transfer.

[11]  Sebastian Mödersheim,et al.  OFMC: A Symbolic Model-Checker for Security Protocols , 2004 .

[12]  Antonio F. Gómez-Skarmeta,et al.  DCapBAC: embedding authorization logic into smart things through ECC optimizations , 2016, Int. J. Comput. Math..

[13]  John K. Ousterhout,et al.  In Search of an Understandable Consensus Algorithm , 2014, USENIX ATC.

[14]  Dick Hardt,et al.  The OAuth 2.0 Authorization Framework , 2012, RFC.

[15]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[16]  Vijayalakshmi Atluri,et al.  Role-based Access Control , 1992 .

[17]  David F. Ferraiolo,et al.  Guide to Attribute Based Access Control (ABAC) Definition and Considerations , 2014 .

[18]  Ru-chuan Wang,et al.  An efficient authentication and access control scheme for perception layer of Internet of Things , 2014 .

[19]  Mathieu Turuani,et al.  The CL-Atse Protocol Analyser , 2006, RTA.

[20]  P. Balamuralidhar,et al.  One time password authentication scheme based on elliptic curves for Internet of Things (IoT) , 2015, 2015 5th National Symposium on Information Technology: Towards New Smart World (NSITNSW).

[21]  Juan Carlos De Martin,et al.  Blockchain for the Internet of Things: A systematic literature review , 2016, 2016 IEEE/ACS 13th International Conference of Computer Systems and Applications (AICCSA).

[22]  Miguel Oom Temudo de Castro,et al.  Practical Byzantine fault tolerance , 1999, OSDI '99.

[23]  Alex Pentland,et al.  Verifiable Anonymous Identities and Access Control in Permissioned Blockchains , 2019, ArXiv.