ControlChain: Blockchain as a Central Enabler for Access Control Authorizations in the IoT

The IoT is pervading our daily activities and lives with devices scattered all over our cities, transport systems, buildings, homes and bodies. This invasion of devices with sensors and communication capabilities brings big concerns, mainly about the privacy and confidentiality of the collected information. These concerns hinder the wide adoption of the IoT. To overcome them, in this work, we present an Blockchain-based architecture for IoT access authorizations. Following the IoT tendency requirements, our architecture is user transparent, user friendly, fully decentralized, scalable, fault tolerant and compatible with a wide range of today's access control models used in the IoT. Finally, our architecture also has a secure way to establish relationships between users, devices and group of both, allowing the assignment of attributes for these relationships and their use in the access control authorization.

[1]  Meni Rosenfeld,et al.  Analysis of Hashrate-Based Double Spending , 2014, ArXiv.

[2]  Sooyong Park,et al.  Where Is Current Research on Blockchain Technology?—A Systematic Review , 2016, PloS one.

[3]  Ethan Heilman,et al.  Eclipse Attacks on Bitcoin's Peer-to-Peer Network , 2015, USENIX Security Symposium.

[4]  Abid Khan,et al.  Privacy aware decentralized access control system , 2019, Future Gener. Comput. Syst..

[5]  Ghassan O. Karame,et al.  Two Bitcoins at the Price of One? Double-Spending Attacks on Fast Payments in Bitcoin , 2012, IACR Cryptol. ePrint Arch..

[6]  Ahmed Serhrouchni,et al.  Bubbles of Trust: A decentralized blockchain-based authentication system for IoT , 2018, Comput. Secur..

[7]  Antonio Puliafito,et al.  Blockchain and IoT Integration: A Systematic Survey , 2018, Sensors.

[8]  Fei-Yue Wang,et al.  Towards blockchain-based intelligent transportation systems , 2016, 2016 IEEE 19th International Conference on Intelligent Transportation Systems (ITSC).

[9]  David F. Ferraiolo,et al.  Guide to Attribute Based Access Control (ABAC) Definition and Considerations , 2014 .

[10]  P. Samarati,et al.  Access control: principle and practice , 1994, IEEE Communications Magazine.

[11]  Genshe Chen,et al.  BlendCAC: A BLockchain-Enabled Decentralized Capability-Based Access Control for IoTs , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[12]  Jakob Jonsson,et al.  PKCS #1: RSA Cryptography Specifications Version 2.2 , 2016, RFC.

[13]  Sergei Tikhomirov,et al.  SmartCheck: Static Analysis of Ethereum Smart Contracts , 2018, 2018 IEEE/ACM 1st International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB).

[14]  Antonio F. Gómez-Skarmeta,et al.  DCapBAC: embedding authorization logic into smart things through ECC optimizations , 2016, Int. J. Comput. Math..

[15]  Massimo Bartoletti,et al.  A Survey of Attacks on Ethereum Smart Contracts (SoK) , 2017, POST.

[16]  Ramjee Prasad,et al.  Identity Authentication and Capability Based Access Control (IACAC) for the Internet of Things , 2012, J. Cyber Secur. Mobil..

[17]  Prabath Siriwardena User Managed Access (UMA) , 2014 .

[18]  Silvio Micali,et al.  Algorand: Scaling Byzantine Agreements for Cryptocurrencies , 2017, IACR Cryptol. ePrint Arch..

[19]  Xiaojiang Du,et al.  An Out-of-band Authentication Scheme for Internet of Things Using Blockchain Technology , 2018, 2018 International Conference on Computing, Networking and Communications (ICNC).

[20]  Ellis Solaiman,et al.  On and Off-Blockchain Enforcement Of Smart Contracts , 2018, Euro-Par Workshops.

[21]  Antonio F. Gómez-Skarmeta,et al.  TACIoT: multidimensional trust-aware access control system for the Internet of Things , 2016, Soft Comput..

[22]  Zhou Su,et al.  An Efficient and Fine-Grained Big Data Access Control Scheme With Privacy-Preserving Policy , 2017, IEEE Internet of Things Journal.

[23]  Ítalo S. Cunha,et al.  AoT: Authentication and Access Control for the Entire IoT Device Life-Cycle , 2016, SenSys.

[24]  Chakchai So-In,et al.  A Novel IoT Authorization Architecture on Hyperledger Fabric With Optimal Consensus Using Genetic Algorithm , 2018, 2018 Seventh ICT International Student Project Conference (ICT-ISPC).

[25]  Ru-chuan Wang,et al.  An efficient authentication and access control scheme for perception layer of Internet of Things , 2014 .

[26]  Melanie Swan,et al.  Blockchain: Blueprint for a New Economy , 2015 .

[27]  Goutam Saha,et al.  Blockchain-Based Security Aspects in Internet of Things Network , 2018, Communications in Computer and Information Science.

[28]  Ralph Deters,et al.  Blockchain based access control systems: State of the art and challenges , 2019, 2019 IEEE/WIC/ACM International Conference on Web Intelligence (WI).

[29]  Hiroki Watanabe,et al.  BRIGHT: A concept for a decentralized rights management system based on blockchain , 2015, 2015 IEEE 5th International Conference on Consumer Electronics - Berlin (ICCE-Berlin).

[30]  Guoping Zhang,et al.  The Research of Access Control Based on UCON in the Internet of Things , 2011, J. Softw..

[31]  Serguei Popov,et al.  Equilibria in the Tangle , 2017, Comput. Ind. Eng..

[32]  Xiaohong Jiang,et al.  Smart Contract-Based Access Control for the Internet of Things , 2018, IEEE Internet of Things Journal.

[33]  Jie Ling,et al.  Secure and fine-grained access control on e-healthcare records in mobile cloud computing , 2018, Future Gener. Comput. Syst..

[34]  Athanasios V. Vasilakos,et al.  BSeIn: A blockchain-based secure mutual authentication with fine-grained access control system for industry 4.0 , 2018, J. Netw. Comput. Appl..

[35]  Ye Liu,et al.  ContractFuzzer: Fuzzing Smart Contracts for Vulnerability Detection , 2018, 2018 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE).

[36]  Vitalik Buterin A NEXT GENERATION SMART CONTRACT & DECENTRALIZED APPLICATION PLATFORM , 2015 .

[37]  Lin Yan,et al.  Context-aware usage control for web of things , 2014, Secur. Commun. Networks.

[38]  Genshe Chen,et al.  A federated capability-based access control mechanism for internet of things (IoTs) , 2018, Defense + Security.

[39]  Vallipuram Muthukkumarasamy,et al.  Securing Smart Cities Using Blockchain Technology , 2016, 2016 IEEE 18th International Conference on High Performance Computing and Communications; IEEE 14th International Conference on Smart City; IEEE 2nd International Conference on Data Science and Systems (HPCC/SmartCity/DSS).

[40]  Cheng Cheng,et al.  Access Control Method for Web of Things Based on Role and SNS , 2012, 2012 IEEE 12th International Conference on Computer and Information Technology.

[41]  Jing Liu,et al.  Authentication and Access Control in the Internet of Things , 2012, 2012 32nd International Conference on Distributed Computing Systems Workshops.

[42]  William C. Chu,et al.  Digital Asset Management with Distributed Permission over Blockchain and Attribute-Based Access Control , 2018, 2018 IEEE International Conference on Services Computing (SCC).

[43]  Nallapaneni Manoj Kumar,et al.  Blockchain technology for security issues and challenges in IoT , 2018 .

[44]  Blase Ur,et al.  Rethinking Access Control and Authentication for the Home Internet of Things (IoT) , 2018, USENIX Security Symposium.

[45]  Andrew Lippman,et al.  MedRec: Using Blockchain for Medical Data Access and Permission Management , 2016, 2016 2nd International Conference on Open and Big Data (OBD).

[46]  Anas Abou El Kalam,et al.  FairAccess: a new Blockchain-based access control framework for the Internet of Things , 2016, Secur. Commun. Networks.

[47]  Hokey Min,et al.  Blockchain technology for enhancing supply chain resilience , 2019, Business Horizons.

[48]  Karl N. Levitt,et al.  Privacy-preserving coordination for smart communities , 2016, 2016 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS).

[49]  Shruti Bansal,et al.  Data Security and Privacy in the Internet of Things (IoT) Environment , 2016 .

[50]  Yuanyuan Yang,et al.  Flexible, Fine Grained Access Control for Internet of Things: Poster Abstract , 2017, IoTDI.

[51]  Michael Devetsikiotis,et al.  Blockchains and Smart Contracts for the Internet of Things , 2016, IEEE Access.

[52]  Qi Liu,et al.  Behavior pattern clustering in blockchain networks , 2017, Multimedia Tools and Applications.

[53]  Arputharaj Kannan,et al.  A comprehensive presentation to XACML , 2013 .

[54]  Rocio Maciel,et al.  A Use Case in Cybersecurity based in Blockchain to deal with the security and privacy of citizens and Smart Cities Cyberinfrastructures , 2018, 2018 IEEE International Smart Cities Conference (ISC2).

[55]  Hubert Ritzdorf,et al.  Tampering with the Delivery of Blocks and Transactions in Bitcoin , 2015, IACR Cryptol. ePrint Arch..

[56]  Yunpeng Zhang,et al.  Decentralized, BlockChain Based Access Control Framework for the Heterogeneous Internet of Things , 2018 .

[57]  Wim Raymaekers Cryptocurrency Bitcoin: Disruption, challenges and opportunities , 2015 .

[58]  Hajar Mousannif,et al.  Access control in the Internet of Things: Big challenges and new opportunities , 2017, Comput. Networks.

[59]  Mia Consalvo,et al.  Using your friends: social mechanics in social games , 2011, FDG.

[60]  Soohyung Kim,et al.  Managing IoT devices using blockchain platform , 2017, 2017 19th International Conference on Advanced Communication Technology (ICACT).

[61]  Neeli R. Prasad,et al.  A fuzzy approach to trust based access control in internet of things , 2013, Wireless VITAE 2013.

[62]  Sunny King,et al.  PPCoin: Peer-to-Peer Crypto-Currency with Proof-of-Stake , 2012 .

[63]  Luca Veltri,et al.  IoT-OAS: An OAuth-Based Authorization Service Architecture for Secure Services in IoT Scenarios , 2015, IEEE Sensors Journal.

[64]  Aziz Mohaisen,et al.  Exploring the Attack Surface of Blockchain: A Systematic Overview , 2019, ArXiv.

[65]  Dragan Cabarkapa,et al.  Authorization Architecture for SWoT , 2013 .

[66]  Marco Picone,et al.  Effective authorization for the Web of Things , 2015, 2015 IEEE 2nd World Forum on Internet of Things (WF-IoT).

[67]  Zibin Zheng,et al.  Blockchain challenges and opportunities: a survey , 2018, Int. J. Web Grid Serv..

[68]  Pieter Wuille,et al.  Enabling Blockchain Innovations with Pegged Sidechains , 2014 .

[69]  Ricardo Neisse,et al.  A Model-Based Security Toolkit for the Internet of Things , 2014, 2014 Ninth International Conference on Availability, Reliability and Security.

[70]  Luca Veltri,et al.  IoTChain: A blockchain security architecture for the Internet of Things , 2018, 2018 IEEE Wireless Communications and Networking Conference (WCNC).

[71]  Yacine Atif,et al.  Securing the Web of Things with Role-Based Access Control , 2015, C2SI.

[72]  Adam Shostack,et al.  Threat Modeling: Designing for Security , 2014 .

[73]  Daniel Mossé,et al.  Seamless Integration of Heterogeneous Devices and Access Control in Smart Homes , 2012, 2012 Eighth International Conference on Intelligent Environments.

[74]  S A R A H M E I K L E J O H N,et al.  A Fistful of Bitcoins Characterizing Payments Among Men with No Names , 2013 .

[75]  Alex Pentland,et al.  Decentralizing Privacy: Using Blockchain to Protect Personal Data , 2015, 2015 IEEE Security and Privacy Workshops.

[76]  Goutam Saha,et al.  Blockchain‐based security aspects in heterogeneous Internet‐of‐Things networks: A survey , 2019, Trans. Emerg. Telecommun. Technol..

[77]  Björn Scheuermann,et al.  Bitcoin and Beyond: A Technical Survey on Decentralized Digital Currencies , 2016, IEEE Communications Surveys & Tutorials.

[78]  Jordi Herrera-Joancomartí,et al.  Research and Challenges on Bitcoin Anonymity , 2014, DPM/SETOP/QASA.

[79]  Domenico Rotondi,et al.  A capability-based security approach to manage access control in the Internet of Things , 2013, Math. Comput. Model..

[80]  Ramjee Prasad,et al.  Evaluation of secure capability-based access control in the M2M local cloud platform , 2014, 2016 10th International Conference on Telecommunication Systems Services and Applications (TSSA).

[81]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[82]  Michael Kunz,et al.  Towards Blockchain-Based Identity and Access Management for Internet of Things in Enterprises , 2018, TrustBus.

[83]  Donald E. Eastlake,et al.  US Secure Hash Algorithms (SHA and SHA-based HMAC and HKDF) , 2011, RFC.

[84]  Hannes Tschofenig,et al.  Authentication and Authorization for Constrained Environments (ACE) , 2017 .

[85]  Sachin Shetty,et al.  Exploring the Attack Surfaces in Blockchain Enabled Smart Cities , 2018, 2018 IEEE International Smart Cities Conference (ISC2).

[86]  Oscar Novo,et al.  Blockchain Meets IoT: An Architecture for Scalable Access Management in IoT , 2018, IEEE Internet of Things Journal.

[87]  Frédéric Cuppens,et al.  Organization based access control , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[88]  Ivan Marsá-Maestre,et al.  Applying an Unified Access Control for IoT-based Intelligent Agent Systems , 2015, 2015 IEEE 8th International Conference on Service-Oriented Computing and Applications (SOCA).

[89]  Vijayalakshmi Atluri,et al.  Role-based Access Control , 1992 .

[90]  Abdellah Ait Ouahman,et al.  Towards a Novel Privacy-Preserving Access Control Model Based on Blockchain Technology in IoT , 2017 .

[91]  Dirk Fox,et al.  Digital Signature Standard (DSS) , 2001, Datenschutz und Datensicherheit.

[92]  Eve Maler,et al.  Authentication and Authorization for Constrained Environments Using OAuth and UMA , 2015 .

[93]  Dick Hardt,et al.  The OAuth 2.0 Authorization Framework , 2012, RFC.

[94]  Iuon-Chang Lin,et al.  A Survey of Blockchain Security Issues and Challenges , 2017, Int. J. Netw. Secur..

[95]  Petar Tsankov,et al.  Securify: Practical Security Analysis of Smart Contracts , 2018, CCS.

[96]  Ludwig Seitz,et al.  Authorization framework for the Internet-of-Things , 2013, 2013 IEEE 14th International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM).

[97]  Anas Abou El Kalam,et al.  Harnessing the power of blockchain technology to solve IoT security & privacy issues , 2017, ICC.

[98]  Zinaida Benenson,et al.  Access control in wireless sensor networks , 2008 .

[99]  Emina Torlak,et al.  Precise Attack Synthesis for Smart Contracts , 2019, ArXiv.

[100]  Jaehong Park,et al.  The UCONABC usage control model , 2004, TSEC.

[101]  Ramjee Prasad,et al.  Secure Access Control and Authority Delegation Based on Capability and Context Awareness for Federated IoT , 2013 .

[102]  Ghassan O. Karame,et al.  On the Security and Scalability of Bitcoin's Blockchain , 2016, CCS.

[103]  Guoping Zhang,et al.  An extended role based access control model for the Internet of Things , 2010, 2010 International Conference on Information, Networking and Automation (ICINA).