Abstract
Information security has become the focus problem in the Internet of Things, and the traditional centralized access control model is faced with threats such as single point failure, internal attack, and central leak. In this paper, we proposed a model to improve the access control security of the Internet of Things, which is based on zero-knowledge proof and smart contract technology in the blockchain. Firstly, we deployed the attribute information of access control in the blockchain, which relieves the pressure and credibility problem brought by the third-party information concentration; Secondly, the encrypted access control token is used to gain the access permission of the resources, which makes the user's identity invisible and effectively avoids the attribute ownership exposure problem; Besides, the use of smart contracts solves the problem of low computing efficiency of Internet of Things devices and the waste of blockchain computing power resources; Finally, a prototype of Internet of Things access control system based on blockchain and zero-knowledge proof technology is implemented. The test analysis results show that the model achieves effective attribute privacy protection, compared with the Attribute-Based Access Control model of the same security level, the access efficiency increases linearly with the increase of access scale.