Decentralized Access Control for IoT Data Using Blockchain and Trusted Oracles

The Internet of Things (IoT) is a network of connected electromechanical devices that have limited computational, networking, and storage capabilities. IoT is now widely used in healthcare, smart cars, smart grids, smart homes, smart manufacturing, and smart cities. IoT devices sense, monitor, and collect data where it can be shared with legitimate users. IoT data can be aggregated, stored and made available by multiple IoT data hosting providers. IoT data storage, management, and access involve multiple stakeholders that many include admins, owners of IoT devices, data repository hosts and providers, normal users, etc. Decentralized control and trusted management of such IoT data become critical, in which the management and access control of data is not centralized, i.e., under the control of a single entity. To date, the available methods for for access control in IoT systems are mainly centralized. In this paper, we propose a decentralized access control system for IoT data using blockchain and trusted oracles. We use features of blockchain and smart contracts to propose a decentralized, scalable, and secure management solution for accessing IoT data. In addition, we use oracles as gateways that interface with the blockchain, IoT data hosts, and remote users to provide decentralized, trusted, and uniform source feeds for IoT data. The paper also presents architectural design, interactions, logic flow, algorithms, implementation details, along with cost, computation, and security evaluation. The full code of the developed smart contracts is made publicly available at GitHub.

[1]  Andreas G. Veneris,et al.  Astraea: A Decentralized Blockchain Oracle , 2018, 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData).

[2]  Khaled Salah,et al.  A User Authentication Scheme of IoT Devices using Blockchain-Enabled Fog Nodes , 2018, 2018 IEEE/ACS 15th International Conference on Computer Systems and Applications (AICCSA).

[3]  Dejan Vujičić,et al.  Blockchain technology, bitcoin, and Ethereum: A brief overview , 2018, 2018 17th International Symposium INFOTEH-JAHORINA (INFOTEH).

[4]  Khaled Salah,et al.  IoT security: Review, blockchain solutions, and open challenges , 2017, Future Gener. Comput. Syst..

[5]  Khaled Salah,et al.  Monetization of IoT data using smart contracts , 2019, IET Networks.

[6]  Albert Cabellos-Aparicio,et al.  Distributed Access Control with Blockchain , 2019, ICC 2019 - 2019 IEEE International Conference on Communications (ICC).

[7]  Matteo Maffei,et al.  A Semantic Framework for the Security Analysis of Ethereum smart contracts , 2018, POST.

[8]  Khaled Salah,et al.  Blockchain for AI: Review and Open Research Challenges , 2019, IEEE Access.

[9]  Khaled Salah,et al.  VDC-Analyst: Design and verification of virtual desktop cloud resource allocations , 2014, Comput. Networks.

[10]  Ki-Hyung Kim,et al.  Dynamic Access Control Scheme for IoT Devices using Blockchain , 2018, 2018 International Conference on Information and Communication Technology Convergence (ICTC).

[11]  Simon Duquennoy,et al.  Towards Blockchain-based Auditable Storage and Sharing of IoT Data , 2017, CCSW.

[12]  Iuon-Chang Lin,et al.  A Survey of Blockchain Security Issues and Challenges , 2017, Int. J. Netw. Secur..

[13]  Oscar Novo,et al.  Scalable Access Management in IoT Using Blockchain: A Performance Evaluation , 2019, IEEE Internet of Things Journal.

[14]  Ying Wah Teh,et al.  Mining Personal Data Using Smartphones and Wearable Devices: A Survey , 2015, Sensors.

[15]  Khaled Salah,et al.  Impact of CPU Utilization Thresholds and Scaling Size on Autoscaling Cloud Resources , 2013, 2013 IEEE 5th International Conference on Cloud Computing Technology and Science.