Reliable Task Management Based on a Smart Contract for Runtime Verification of Sensing and Actuating Tasks in IoT Environments

With the gradual popularization of Internet-of-Things (IoT) applications and the development of wireless networking technologies, the use of heterogeneous devices and runtime verification of task fulfillment with different constraints are required in real-world IoT scenarios. As far as IoT systems are concerned, most of them are built on centralized architectures, which reveal various assailable points in data security and privacy threats. Hence, this paper aims to investigate these issues by delegating the responsibility of a verification monitor from a centralized architecture to a decentralized manner using blockchain technology. We present a smart contract-based task management scheme to provide runtime verification of device behaviors and allows trustworthy access control to these devices. The business logic of the proposed system is specified by the smart contract, which automates all time-consuming processes cryptographically and correctly. The usability of the proposed solution is further demonstrated by implementing a prototype application in which the Hyperledger Fabric is utilized to implement the business logic for runtime verification and access control with one desktop and one Raspberry Pi. A comprehensive evaluation experiment is conducted, and the results indicate the effectiveness and efficiency of the proposed system.

Download Full-text

Research on Blockchain-Based E-Bidding System

Applied Sciences ◽

10.3390/app11094011 ◽

2021 ◽

Vol 11 (9) ◽

pp. 4011

Author(s):

Dan Wang ◽

Jindong Zhao ◽

Chunxiao Mu

Keyword(s):

Data Transmission ◽

Privacy Protection ◽

Graph Isomorphism ◽

Third Party ◽

Business Logic ◽

Core Concept ◽

The Core ◽

Blockchain Technology ◽

Smart Contract ◽

Bidding Process

In the field of modern bidding, electronic bidding leads a new trend of development, convenience and efficiency and other significant advantages effectively promote the reform and innovation of China’s bidding field. Nowadays, most systems require a strong and trusted third party to guarantee the integrity and security of the system. However, with the development of blockchain technology and the rise of privacy protection, researchers has begun to emphasize the core concept of decentralization. This paper introduces a decentralized electronic bidding system based on blockchain and smart contract. The system uses blockchain to replace the traditional database and uses chaincode to process business logic. In data interaction, encryption techniques such as zero-knowledge proof based on graph isomorphism are used to improve privacy protection, which improves the anonymity of participants, the privacy of data transmission, and the traceability and verifiable of data. Compared with other electronic bidding systems, this system is more secure and efficient, and has the nature of anonymous operation, which fully protects the privacy information in the bidding process.

Download Full-text

An ECDSA Approach to Access Control in Knowledge Management Systems Using Blockchain

Information ◽

10.3390/info11020111 ◽

2020 ◽

Vol 11 (2) ◽

pp. 111 ◽

Cited By ~ 4

Author(s):

Gabriel Nyame ◽

Zhiguang Qin ◽

Kwame Opuni-Boachie Obour Agyekum ◽

Emmanuel Boateng Sifah

Keyword(s):

Knowledge Management ◽

Access Control ◽

User Authentication ◽

Knowledge Management System ◽

System Model ◽

Management Systems ◽

Role Based Access Control ◽

Blockchain Technology ◽

Smart Contract ◽

Role Based

Access control has become problematic in several organizations because of the difficulty in establishing security and preventing malicious users from mimicking roles. Moreover, there is no flexibility among users in the participation in their roles, and even controlling them. Several role-based access control (RBAC) mechanisms have been proposed to alleviate these problems, but the security has not been fully realized. In this work, however, we present an RBAC model based on blockchain technology to enhance user authentication before knowledge is accessed and utilized in a knowledge management system (KMS). Our blockchain-based system model and the smart contract ensure that transparency and knowledge resource immutability are achieved. We also present smart contract algorithms and discussions about the model. As an essential part of RBAC model applied to KMS environment, trust is ensured in the network. Evaluation results show that our system is efficient.

Download Full-text

A Fine-Grained IoT Data Access Control Scheme Combining Attribute-Based Encryption and Blockchain

Security and Communication Networks ◽

10.1155/2021/5308206 ◽

2021 ◽

Vol 2021 ◽

pp. 1-13

Author(s):

Xiaofeng Lu ◽

Songbing Fu ◽

Cheng Jiang ◽

Pietro Lio

Keyword(s):

Access Control ◽

Distributed Storage ◽

Data Access ◽

Security And Privacy ◽

Privacy And Security ◽

Fine Grained ◽

Blockchain Technology ◽

Data Access Control ◽

Attribute Based Encryption ◽

Control Scheme

IoT technology has been widely valued and applied, and the resulting massive IoT data brings many challenges to the traditional centralized data management, such as performance, privacy, and security challenges. This paper proposes an IoT data access control scheme that combines attribute-based encryption (ABE) and blockchain technology. Symmetric encryption and ABE algorithms are utilized to realize fine-grained access control and ensure the security and openness of IoT data. Moreover, blockchain technology is combined with distributed storage to solve the storage bottleneck of blockchain systems. Only the hash values of the data, the hash values of the ciphertext location, the access control policy, and other important information are stored on the blockchain. In this scheme, smart contract is used to implement access control. The results of experiments demonstrate that the proposed scheme can effectively protect the security and privacy of IoT data and realize the secure sharing of data.

Download Full-text

Blockchain-Enabled Access Management System for Edge Computing

Electronics ◽

10.3390/electronics10091000 ◽

2021 ◽

Vol 10 (9) ◽

pp. 1000

Author(s):

Yong Zhu ◽

Chao Huang ◽

Zhihui Hu ◽

Abdullah Al-Dhelaan ◽

Mohammed Al-Dhelaan

Keyword(s):

Access Control ◽

Management System ◽

Trusted Computing ◽

Academic Research ◽

Data Access ◽

Edge Computing ◽

Security And Privacy ◽

Access Management ◽

Blockchain Technology ◽

Data Access Control

In the post-cloud era, edge computing is a new computing paradigm with data processed at the edge of the network, which can process the data close to the end-user in real time and offload the cloud task intelligently. Meanwhile, the decentralization, tamper-proof and anonymity of blockchain technology can provide a new trusted computing environment for edge computing. However, it does raise considerable concerns of security, privacy, fault-tolerance and so on. For example, identity authentication and access control rely on third parties, heterogeneous devices and different vendors in IoT, leading to security and privacy risks, etc. How to combine the advantages of the two has become the highlight of academic research, especially the issue of secure resource management. Comprehensive security and privacy involve all aspects of platform, data, application and access control. In. this paper, the architecture and behavior of an Access Management System (AMS) in a proof of concept (PoC) prototype are proposed with a Color Petri Net (CPN) model. The two domains of blockchain and edge computing are organically connected by interfaces and interactions. The simulation of operation, activity and role association proves the feasibility and effectiveness of the AMS. The instances of platform business access control, data access control, database services, IOT hub service are run on Advantech WISE-PaaS through User Account and Authentication (UAA). Finally, fine-grained and distributed access control can be realized with the help of a blockchain attribute. Namely, smart contracts are used to register, broadcast, and revoke access authorization, as well as to create specific transactions to define access control policies.

Download Full-text

Blockchain Platforms and Access Control Classification for IoT Systems

Symmetry ◽

10.3390/sym12101663 ◽

2020 ◽

Vol 12 (10) ◽

pp. 1663

Author(s):

Adam Ibrahim Abdi ◽

Fathy Elbouraey Eassa ◽

Kamal Jambi ◽

Khalid Almarhabi ◽

Abdullah Saad AL-Malaise AL-Ghamdi

Keyword(s):

Access Control ◽

Single Point ◽

Security And Privacy ◽

Future Research ◽

Control Mechanisms ◽

Privacy And Security ◽

Security Issues ◽

Massive Growth ◽

Blockchain Technology ◽

Comparison Table

The Internet of Things paradigm is growing rapidly. In fact, controlling this massive growth of IoT globally raises new security and privacy issues. The traditional access control mechanisms provide security to IoT systems such as DAC (discretionary access control) and mandatory access control (MAC). However, these mechanisms are based on central authority management, which raises some issues such as absence of scalability, single point of failure, and lack of privacy. Recently, the decentralized and immutable nature of blockchain technology integrated with access control can help to overcome privacy and security issues in the IoT. This paper presents a review of different access control mechanisms in IoT systems. We present a comparison table of reviewed access control mechanisms. The mechanisms’ scalability, distribution, security, user-centric, privacy and policy enforcing are compared. In addition, we provide access control classifications. Finally, we highlight challenges and future research directions in developing decentralized access control mechanisms for IoT systems.

Download Full-text

Security and Privacy of Patient Information in Medical Systems Based on Blockchain Technology

ACM Transactions on Multimedia Computing Communications and Applications ◽

10.1145/3408321 ◽

2021 ◽

Vol 17 (2s) ◽

pp. 1-17

Author(s):

Hongjiao Wu ◽

Ashutosh Dhar Dwivedi ◽

Gautam Srivastava

Keyword(s):

Access Control ◽

Private Information ◽

Control Process ◽

Transmission Efficiency ◽

Information Storage ◽

Security And Privacy ◽

Medical Systems ◽

Bandwidth Utilization ◽

Maximum Information ◽

Blockchain Technology

The essence of “blockchain” is a shared database in which information stored is un-falsifiable, traceable, open, and transparent. Therefore, to improve the security of private information in medical systems, this article uses blockchain technology to design a method to protect private information in medical systems and effectively realize anti-theft control of private information. First, the Patient-oriented Privacy Preserving Access Control model is introduced into the access control process of private information in medical systems. Next, a private information storage platform is built by using blockchain technology, and information transmission is realized using standard cryptographic algorithms. In this process, file authorization contracts are also used to guarantee the security of private information and further prevent theft of medical private information. Our simulation results show that the storage response time of this method is kept below 1,000 ms, and the maximum information throughput rate reaches 550 kbit/s, which indicates that this method has strong performance in information storage and transmission efficiency. Moreover, the reliability and bandwidth utilization of data transmission across domains is higher, so the method has higher information security control performance and superior overall performance.

Download Full-text

BlendCAC: A Smart Contract Enabled Decentralized Capability-Based Access Control Mechanism for the IoT

Computers ◽

10.3390/computers7030039 ◽

2018 ◽

Vol 7 (3) ◽

pp. 39 ◽

Cited By ~ 40

Author(s):

Ronghua Xu ◽

Yu Chen ◽

Erik Blasch ◽

Genshe Chen

Keyword(s):

Access Control ◽

Large Scale ◽

Smart Cities ◽

Single Point ◽

Raspberry Pi ◽

Role Based Access Control ◽

Privacy And Security ◽

Smart Contract ◽

Attribute Based Access Control ◽

Role Based

While Internet of Things (IoT) technology has been widely recognized as an essential part of Smart Cities, it also brings new challenges in terms of privacy and security. Access control (AC) is among the top security concerns, which is critical in resource and information protection over IoT devices. Traditional access control approaches, like Access Control Lists (ACL), Role-based Access Control (RBAC) and Attribute-based Access Control (ABAC), are not able to provide a scalable, manageable and efficient mechanism to meet the requirements of IoT systems. Another weakness in today’s AC is the centralized authorization server, which can cause a performance bottleneck or be the single point of failure. Inspired by the smart contract on top of a blockchain protocol, this paper proposes BlendCAC, which is a decentralized, federated capability-based AC mechanism to enable effective protection for devices, services and information in large-scale IoT systems. A federated capability-based delegation model (FCDM) is introduced to support hierarchical and multi-hop delegation. The mechanism for delegate authorization and revocation is explored. A robust identity-based capability token management strategy is proposed, which takes advantage of the smart contract for registration, propagation, and revocation of the access authorization. A proof-of-concept prototype has been implemented on both resources-constrained devices (i.e., Raspberry PI nodes) and more powerful computing devices (i.e., laptops) and tested on a local private blockchain network. The experimental results demonstrate the feasibility of the BlendCAC to offer a decentralized, scalable, lightweight and fine-grained AC solution for IoT systems.

Download Full-text

Access Control Mechanism for IoT using Blockchain

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.f1137.038620 ◽

2020 ◽

Vol 8 (6) ◽

pp. 5473-5481

Keyword(s):

Access Control ◽

Control Mechanism ◽

Vital Role ◽

Raspberry Pi ◽

Client Server ◽

Distributed Approach ◽

Smart Contract ◽

Share Data ◽

Failure Point

In our everyday lives, IoT plays a vital role. It is crucial to sense, capture and share data from connected devices via internet. Existing system proposed centralized client/server approach where central authority keeps a record of all the activities. Failure of such centralized authority makes the whole system fail. A decentralized / distributed approach is therefore needed if a single failure point is avoided. In this paper contains information to integrating Blockchain in IoT ecosystem in order to achieve access control. We proposed smart contract based architecture which consist multiple permission contract, one decision contract and one entry contract, to achieve distributed and secure IoT device access control. To conclude system framework, we provide a case study in an IoT system with two laptops and one Raspberry Pi single-board computers, where the PCs, DC and EC are implemented based on the Ethereum smart contract platform to achieve the access control

Download Full-text

Privacy-aware Decentralized and Scalable Access Control Management for IoT Environment

Journal of King Abdulaziz University-Computing and Information Technology Sciences ◽

10.4197/comp.8-1.7 ◽

2019 ◽

Vol 8 (1) ◽

pp. 71-84 ◽

Cited By ~ 1

Author(s):

Abrar O. Alkhamisi and Fathy Alboraei Abrar O. Alkhamisi and Fathy Alboraei

Keyword(s):

Access Control ◽

Contextual Information ◽

Vital Role ◽

Control Mechanisms ◽

Resource Constrained ◽

Blockchain Technology ◽

Smart Contract ◽

Authentication And Authorization ◽

Security Concerns ◽

Iot Devices

In recent years, the Internet of Things (IoT) plays a vital role in our daily activities .Owing to the increased number of vulnerabilities on the IoT devices, security becomes critical in the untrustworthy IoT environment. Access control is one of the top security concerns, however, implementing the traditional access control mechanisms in the resource-constrained nature of the IoT devices is a challenging task. With the emergence of blockchain technology, several recent research works have focused on the adoption of blockchain in IoT to resolve the security concerns. Despite, integrating the blockchain in the resource-constrained IoT context is difficult. To overcome these obstacles, the proposed work presents a privacy-aware IoT security architecture to ensure the access control based on Smart contract for resource-constrained and distributed IoT devices. The design of the proposed architecture incorporates three main components such as the contextual blockchain gateway, decentralized revocation manager, and non-interactive zero-knowledge proof based validation. By modeling the contextual blockchain gateway, the proposed architecture ensures the dynamic authentication and authorization based on the contextual information and access policies. Instead of integrating the blockchain technology into resource-constrained IoT devices, the smart contract-based distributed access control system with the contextual blockchain gateway provides the scalable solution. With the association of decentralized revocation manager in the smart contract, it prevents the resource access from the unauthorized users by dynamically generating and updating the revoked user list of all the nodes in the smart contract. Moreover, the proposed architecture employs the non-interactive zeroknowledge proof cryptographic protocol to ensure the transaction privacy within the smart contract. Consequently, it maintains the trade-off between the transparency and privacy while ensuring the security for the distributed IoT environment.

Download Full-text

BlendCAC: A Smart Contract Enabled Decentralized Capability-Based Access Control Mechanism for IoT

10.20944/preprints201805.0079.v1 ◽

2018 ◽

Cited By ~ 2

Author(s):

Ronghua Xu ◽

Yu Chen ◽

Erik Blasch ◽

Genshe Chen

Keyword(s):

Access Control ◽

Large Scale ◽

Smart Cities ◽

Single Point ◽

Raspberry Pi ◽

Role Based Access Control ◽

Privacy And Security ◽

Smart Contract ◽

Attribute Based Access Control ◽

Role Based

While the Internet of Things (IoT) technology has been widely recognized as the essential part of Smart Cities, it also brings new challenges in terms of privacy and security. Access control (AC) is among the top security concerns, which is critical in resource and information protection over IoT devices. Traditional access control approaches, like Access Control Lists (ACL), Role-based Access Control (RBAC) and Attribute-based Access Control (ABAC), are not able to provide a scalable, manageable and efficient mechanism to meet the requirements of IoT systems. Another weakness in today's AC is the centralized authorization server, which can be the performance bottleneck or the single point of failure. Inspired by the smart contract on top of a blockchain protocol, this paper proposes BlendCAC, which is a decentralized, federated capability-based AC mechanism to enable an effective protection for devices, services and information in large scale IoT systems. A federated capability-based delegation model (FCDM) is introduced to support hierarchical and multi-hop delegation. The mechanism for delegate authorization and revocation is explored. A robust identity-based capability token management strategy is proposed, which takes advantage of the smart contract for registering, propagating and revocating of the access authorization. A proof-of-concept prototype has been implemented on both resources-constrained devices (i.e., Raspberry PI node) and more powerful computing devices (i.e., laptops), and tested on a local private blockchain network. The experimental results demonstrate the feasibility of the BlendCAC to offer a decentralized, scalable, lightweight and fine-grained AC solution for IoT systems.

Download Full-text