A Blockchain-Based IoT Cross-Domain Delegation Access Control Method

The collaborative demand in the Internet of Things (IoT) is becoming stronger. One of the collaborative challenges is the security of interoperability between different management domains. Although cross-domain access control mechanisms exist in IoT, the majority of them are based on a trusted third party. In addition, the heterogeneity of multidomain policies makes it difficult for authority delegation to satisfy the principle of least authority. In this paper, we propose a blockchain-based IoT cross-domain delegation access control method (CDDAC). The delegation-trajectory-on-blockchain strategy proposed enhances the scalability of the cross-domain delegation system. The presented multidomain delegation trajectory aggregation scheme supports the forensic analysis of the cross-domain delegation system. The performance of CDDAC is evaluated in the Ropsten, which is the Ethereum’s official public blockchain test network. The experimental results show that CDDAC has faster delegation verification speed and higher decision-making efficiency than existing work, demonstrating the lightweight and scalability of the method.

Download Full-text

Secure and Efficient Access Control Scheme for Wireless Sensor Networks in the Cross-Domain Context of the IoT

Security and Communication Networks ◽

10.1155/2018/6140978 ◽

2018 ◽

Vol 2018 ◽

pp. 1-10 ◽

Cited By ~ 14

Author(s):

Ming Luo ◽

Yi Luo ◽

Yuwei Wan ◽

Ze Wang

Keyword(s):

Wireless Sensor Networks ◽

Sensor Networks ◽

Access Control ◽

Wireless Sensor ◽

Cross Domain ◽

Efficient Access ◽

Control Scheme ◽

Control Schemes ◽

The Cross ◽

The Internet Of Things

Nowadays wireless sensor network (WSN) is increasingly being used in the Internet of Things (IoT) for data collection, and design of an access control scheme that allows an Internet user as part of IoT to access the WSN becomes a hot topic. A lot of access control schemes have been proposed for the WSNs in the context of the IoT. Nevertheless, almost all of these schemes assume that communication nodes in different network domains share common system parameters, which is not suitable for cross-domain IoT environment in practical situations. To solve this shortcoming, we propose a more secure and efficient access control scheme for wireless sensor networks in the cross-domain context of the Internet of Things, which allows an Internet user in a certificateless cryptography (CLC) environment to communicate with a sensor node in an identity-based cryptography (IBC) environment with different system parameters. Moreover, our proposed scheme achieves known session-specific temporary information security (KSSTIS) that most of access control schemes cannot satisfy. Performance analysis is given to show that our scheme is well suited for wireless sensor networks in the cross-domain context of the IoT.

Download Full-text

IRBA: An Identity-Based Cross-Domain Authentication Scheme for the Internet of Things

Electronics ◽

10.3390/electronics9040634 ◽

2020 ◽

Vol 9 (4) ◽

pp. 634 ◽

Cited By ~ 2

Author(s):

Xudong Jia ◽

Ning Hu ◽

Shen Su ◽

Shi Yin ◽

Yan Zhao ◽

...

Keyword(s):

Internet Of Things ◽

Single Point ◽

Authentication Scheme ◽

Third Party ◽

The Internet ◽

Cross Domain ◽

Application Systems ◽

Identity Based ◽

Internet Of Things Technology ◽

The Internet Of Things

The incredible development of Internet of things technology promotes the integration of application systems, which enable people to enjoy the convenience of multiple application services through a single intelligent device or terminal. In order to implement value exchange and information sharing between different applications, cross-domain access is inevitable. In order to prevent illegal access, identity authentication is necessary before the terminal accesses the service. Because of the need to introduce a trusted third party, the traditional centralized authentication model not only destroys the autonomy and flexibility of the application system, but also causes issues such as single point of failure and hidden dangers of unilateral control. This paper proposes an identity-based cross-domain authentication scheme for the Internet of Things. This scheme uses the Blockchain as a decentralized trust anchor instead of the traditional certificate of authority, and uses the identity-based self-authentication algorithm to replace the traditional PKI authentication algorithm. The scheme proposed in this paper implements a decentralized authentication model, which can guarantee the autonomy and initiative of the security domain.

Download Full-text

A Cross-Domain Access Control Method for Large Organizations

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.513-517.941 ◽

2014 ◽

Vol 513-517 ◽

pp. 941-946 ◽

Cited By ~ 1

Author(s):

Chao Wang ◽

Ji Zhou Chen ◽

Yu Jun Liu ◽

An Qi Li

Keyword(s):

Information Systems ◽

Access Control ◽

Control Method ◽

Dynamic Mechanism ◽

Security Threats ◽

Rule Based ◽

Cross Domain ◽

System Realization ◽

Global Strategies ◽

Large Enterprises

In order to eliminate the security threats faced by the information systems of large organizations which usually involve multiple autonomous domains, this paper introduces an architecture of access control collaboration, which takes a distributed authoritative domain as the leading core of the unified cross-domain access control. Through applying the ABAC model in the authoritative domain, the global strategies formulated by the authoritative domain can be compatible with those local strategies of each autonomous domain. The global strategies are designed to be described by a group of authoritative attributes, which are limited in quantity but adequate to generalize all the subjects within the global scope. For system realization, a rule-based dynamic mechanism of attributes conversion is used to automatically generate the information of authoritative attributes. The cross-domain access control method in this paper can be directly applied to typical large organizations, such as government, military and large enterprises.

Download Full-text

Cross-domain access control based on trusted third-party and attribute mapping center

Journal of Systems Architecture ◽

10.1016/j.sysarc.2020.101957 ◽

2020 ◽

pp. 101957

Author(s):

Liyang Bai ◽

Kai Fan ◽

Yuhan Bai ◽

Xiaochun Cheng ◽

Hui Li ◽

...

Keyword(s):

Access Control ◽

Third Party ◽

Trusted Third Party ◽

Cross Domain

Download Full-text

Research on the cross-domain access control model in wind power plant

2009 International Conference on Sustainable Power Generation and Supply ◽

10.1109/supergen.2009.5348115 ◽

2009 ◽

Author(s):

Yan Zhang ◽

Bin Duan ◽

Lingxiang Huang ◽

Yuanyuan Lin

Keyword(s):

Power Plant ◽

Access Control ◽

Wind Power ◽

Control Model ◽

Wind Power Plant ◽

Access Control Model ◽

Cross Domain ◽

The Cross

Download Full-text

Trusted and Efficient Cross-Domain Access Control System Based on Blockchain

Scientific Programming ◽

10.1155/2020/8832568 ◽

2020 ◽

Vol 2020 ◽

pp. 1-13

Author(s):

Shuang Sun ◽

Shudong Chen ◽

Rong Du

Keyword(s):

Control System ◽

Access Control ◽

Single Server ◽

Control Mechanisms ◽

Blockchain Technology ◽

Cross Domain ◽

Role Mapping ◽

Mapping Technology ◽

Access Control System ◽

Access Policies

In a distributed system, cross-domain access control is an important mechanism to realize secure data sharing among multiple domains. Most of the existing cross-domain access control mechanisms are generally based on a single-server architecture, which has limitations in terms of security and reliability (the access decision may be incorrect) and completeness and confidentiality (the access records can be modified). Blockchain technology with decentralization, verifiability, and immutability properties can solve these problems. Motivated by these facts, in this article, we construct a trusted and efficient cross-domain access control system based on blockchain. Consequently, we integrate blockchain and role mapping technology to provide reliable and verifiable cross-domain access process. We use blockchain to record user roles, role mapping rules, access policies, and audit records, realizing user self-validation, and access nonreputation. Considering the low throughput of the blockchain, we design an efficient smart contract to make the access decision based on the access history of users. Finally, a performance evaluation of the system is presented to demonstrate the feasibility of the proposed system.

Download Full-text

A distributed access control method for wireless LANs in shadowing environments

Electronics and Communications in Japan (Part I Communications) ◽

10.1002/ecja.1037.abs ◽

2001 ◽

Vol 84 (9) ◽

pp. 16-26

Author(s):

Tadao Saito ◽

Hitoshi Aida ◽

Terumasa Aoki ◽

Soichiro Hidaka ◽

Tredej Toranawigtrai ◽

...

Keyword(s):

Access Control ◽

Control Method ◽

Wireless Lans ◽

Distributed Access Control

Download Full-text

An access control model for the Internet of Things based on zero-knowledge token and blockchain

EURASIP Journal on Wireless Communications and Networking ◽

10.1186/s13638-021-01986-4 ◽

2021 ◽

Vol 2021 (1) ◽

Author(s):

Lihua Song ◽

Xinran Ju ◽

Zongke Zhu ◽

Mengchen Li

Keyword(s):

Internet Of Things ◽

Access Control ◽

Single Point ◽

Control Model ◽

Third Party ◽

Security Level ◽

Zero Knowledge ◽

Access Control Model ◽

Test Analysis ◽

Zero Knowledge Proof

AbstractInformation security has become a hot topic in Internet of Things (IoT), and traditional centralized access control models are faced with threats such as single point failure, internal attack, and central leak. In this paper, we propose a model to improve the access control security of the IoT, which is based on zero-knowledge proof and smart contract technology in the blockchain. Firstly, we deploy attribute information of access control in the blockchain, which relieves the pressure and credibility problem brought by the third-party information concentration. Secondly, encrypted access control token is used to gain the access permission of the resources, which makes the user's identity invisible and effectively avoids attribute ownership exposure problem. Besides, the use of smart contracts solves the problem of low computing efficiency of IoT devices and the waste of blockchain computing power resources. Finally, a prototype of IoT access control system based on blockchain and zero-knowledge proof technology is implemented. The test analysis results show that the model achieves effective attribute privacy protection, compared with the Attribute-Based Access Control model of the same security level, the access efficiency increases linearly with the increase of access scale.

Download Full-text