Towards a Novel Privacy-Preserving Access Control Model Based on Blockchain Technology in IoT

Access control face big challenges in IoT. Unfortunately, it is hard to implement current access control standards on smart object due to its constrained nature while the introduction of powerful and trusted third party to handle access control logic could harm user privacy. In this work we show how blockchain, the promising technology behind Bitcoin, can be very attractive to face those arising challenges. We therefore propose FairAccess as a new decentralized pseudonymous and privacy preserving authorization management framework that leverages the consistency of blockchain technology to manage access control on behalf of constrained devices.

[1]  Dick Hardt,et al.  The OAuth 2.0 Authorization Framework , 2012, RFC.

[2]  Ludwig Seitz,et al.  Authorization framework for the Internet-of-Things , 2013, 2013 IEEE 14th International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM).

[3]  Antonio F. Gómez-Skarmeta,et al.  DCapBAC: embedding authorization logic into smart things through ECC optimizations , 2016, Int. J. Comput. Math..

[4]  Nick Szabo,et al.  Formalizing and Securing Relationships on Public Networks , 1997, First Monday.

[5]  Guoping Zhang,et al.  An extended role based access control model for the Internet of Things , 2010, 2010 International Conference on Information, Networking and Automation (ICINA).

[6]  Luca Veltri,et al.  IoT-OAS: An OAuth-Based Authorization Service Architecture for Secure Services in IoT Scenarios , 2015, IEEE Sensors Journal.

[7]  Peter Friess,et al.  Internet of Things Strategic Research Roadmap , 2011 .

[8]  Alex Pentland,et al.  Decentralizing Privacy: Using Blockchain to Protect Personal Data , 2015, 2015 IEEE Security and Privacy Workshops.