Capability-Based Non-fungible Tokens Approach for a Decentralized AAA Framework in IoT

The proliferation of IoT devices across various application domains led to a high level of heterogeneity which introduced new device management challenges. These challenges include, bringing the capability of the service delivery and the underlying accounting, authentication and authorization mechanisms. Moreover, IoT devices tend to no longer require a centralized authority to authenticate and authorize access to the services offered. In this work, we address this by introducing a decentralized Authentication, Authorization and Accounting (AAA) framework using Capability-based Tokens based on the ERC721 standard to provide secure authentication and authorization for IoT devices. The approach is tested on a private Ethereum Blockchain node to analyze performance factors related to access time, timeout ratio and overhead.

[1]  Guoping Zhang,et al.  An extended role based access control model for the Internet of Things , 2010, 2010 International Conference on Information, Networking and Automation (ICINA).

[2]  D. Richard Kuhn,et al.  Role-Based Access Controls , 2009, ArXiv.

[3]  Antonio F. Gómez-Skarmeta,et al.  Distributed Capability-based Access Control for the Internet of Things , 2013, J. Internet Serv. Inf. Secur..

[4]  Domenico Rotondi,et al.  A capability-based security approach to manage access control in the Internet of Things , 2013, Math. Comput. Model..

[5]  Genshe Chen,et al.  BlendCAC: A BLockchain-Enabled Decentralized Capability-Based Access Control for IoTs , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[6]  Olof Liberg,et al.  Chapter 1 – The Cellular Internet of Things , 2018 .

[7]  Drummond Reed,et al.  OpenID 2.0: a platform for user-centric identity management , 2006, DIM '06.

[8]  Madjid Nakhjiri,et al.  AAA and Network Security for Mobile Access: Radius, Diameter, EAP, PKI and IP Mobility , 2005 .

[9]  Elisa Bertino,et al.  Botnets and Internet of Things Security , 2017, Computer.

[10]  Serban I. Gavrila,et al.  Formal specification for role based access control user/role and role/role relationship management , 1998, RBAC '98.

[11]  Hajar Mousannif,et al.  Access control in the Internet of Things: Big challenges and new opportunities , 2017, Comput. Networks.

[12]  Otman A. Basir,et al.  Identity Management in IoT Networks Using Blockchain and Smart Contracts , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[13]  Anas Abou El Kalam,et al.  FairAccess: a new Blockchain-based access control framework for the Internet of Things , 2016, Secur. Commun. Networks.

[14]  Ali Ismail Awad,et al.  Cyber and Physical Security Vulnerability Assessment for IoT-Based Smart Homes , 2018, Sensors.

[15]  Genshe Chen,et al.  A federated capability-based access control mechanism for internet of things (IoTs) , 2018, Defense + Security.