IoT-CCAC: a blockchain-based consortium capability access control approach for IoT

Access control is a critical aspect for improving the privacy and security of IoT systems. A consortium is a public or private association or a group of two or more institutes, businesses, and companies that collaborate to achieve common goals or form a resource pool to enable the sharing economy aspect. However, most access control methods are based on centralized solutions, which may lead to problems like data leakage and single-point failure. Blockchain technology has its intrinsic feature of distribution, which can be used to tackle the centralized problem of traditional access control schemes. Nevertheless, blockchain itself comes with certain limitations like the lack of scalability and poor performance. To bridge the gap of these problems, here we present a decentralized capability-based access control architecture designed for IoT consortium networks named IoT-CCAC. A blockchain-based database is utilized in our solution for better performance since it exhibits favorable features of both blockchain and conventional databases. The performance of IoT-CCAC is evaluated to demonstrate the superiority of our proposed architecture. IoT-CCAC is a secure, salable, effective solution that meets the enterprise and business’s needs and adaptable for different IoT interoperability scenarios.

Download Full-text

Blockchain Platforms and Access Control Classification for IoT Systems

Symmetry ◽

10.3390/sym12101663 ◽

2020 ◽

Vol 12 (10) ◽

pp. 1663

Author(s):

Adam Ibrahim Abdi ◽

Fathy Elbouraey Eassa ◽

Kamal Jambi ◽

Khalid Almarhabi ◽

Abdullah Saad AL-Malaise AL-Ghamdi

Keyword(s):

Access Control ◽

Single Point ◽

Security And Privacy ◽

Future Research ◽

Control Mechanisms ◽

Privacy And Security ◽

Security Issues ◽

Massive Growth ◽

Blockchain Technology ◽

Comparison Table

The Internet of Things paradigm is growing rapidly. In fact, controlling this massive growth of IoT globally raises new security and privacy issues. The traditional access control mechanisms provide security to IoT systems such as DAC (discretionary access control) and mandatory access control (MAC). However, these mechanisms are based on central authority management, which raises some issues such as absence of scalability, single point of failure, and lack of privacy. Recently, the decentralized and immutable nature of blockchain technology integrated with access control can help to overcome privacy and security issues in the IoT. This paper presents a review of different access control mechanisms in IoT systems. We present a comparison table of reviewed access control mechanisms. The mechanisms’ scalability, distribution, security, user-centric, privacy and policy enforcing are compared. In addition, we provide access control classifications. Finally, we highlight challenges and future research directions in developing decentralized access control mechanisms for IoT systems.

Download Full-text

Improvement of Privacy and Security in Hybrid Cloud with Attribute Group Based Access Control

International Journal of Scientific Research in Computer Science Engineering and Information Technology ◽

10.32628/cseit19518 ◽

2019 ◽

pp. 57-61

Author(s):

Kayalvili S ◽

Sowmitha V

Keyword(s):

Cloud Computing ◽

Access Control ◽

Data Storage ◽

Service Providers ◽

Cloud Service ◽

Security Requirements ◽

Security And Privacy ◽

Data Outsourcing ◽

Privacy And Security ◽

Control Approach

Cloud computing enables users to accumulate their sensitive data into cloud service providers to achieve scalable services on-demand. Outstanding security requirements arising from this means of data storage and management include data security and privacy. Attribute-based Encryption (ABE) is an efficient encryption system with fine-grained access control for encrypting out-sourced data in cloud computing. Since data outsourcing systems require flexible access control approach Problems arises when sharing confidential corporate data in cloud computing. User-Identity needs to be managed globally and access policies can be defined by several authorities. Data is dual encrypted for more security and to maintain De-Centralization in Multi-Authority environment.

Download Full-text

Rethinking Blockchain for Access Control in the Internet of Things

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.a3120.1011121 ◽

2021 ◽

Vol 11 (1) ◽

pp. 99-108

Author(s):

Poonam N. Railkar ◽

◽

Parikshit Mahalle ◽

Dr. Gitanjali Rahul Shinde ◽

◽

...

Keyword(s):

Access Control ◽

Trust Management ◽

Gap Analysis ◽

Control Mechanism ◽

Research Area ◽

Iot Security ◽

Control Approach ◽

Blockchain Technology ◽

Access Control Mechanism ◽

The Internet Of Things

IoT is a network of interconnected heterogeneous devices which sense, accumulate the data and forward the same to the cloud platform for analytical purposes. There are various IoT verticals in which huge research is going on. IoT security is the most challenging research area in which researchers are investing a huge number of efforts. The challenges in IoT security include access control, trust management, authentication, authorization, privacy, and secured device to device communication. To overcome these, this paper gives an overview of proposed trust based distributed access control approach in IoT. Some of the challenges and threats can be controlled by blockchain technology. Basically, blockchain is an open and distributed ledger of records that can be verified efficiently and stored permanently. This paper checks the feasibility study of the applicability of blockchain in the IoT ecosystem to apply access control mechanism and privacy-preserving policies. This paper discusses how access control and privacy can be addressed by blockchain without compromising security. This paper consists of rigorous gap analysis which is done on the top of comprehensive literature survey. The paper also addresses the challenges and issues which can be faced while applying access control mechanism using blockchain in the context of IoT.

Download Full-text

A Fine-Grained IoT Data Access Control Scheme Combining Attribute-Based Encryption and Blockchain

Security and Communication Networks ◽

10.1155/2021/5308206 ◽

2021 ◽

Vol 2021 ◽

pp. 1-13

Author(s):

Xiaofeng Lu ◽

Songbing Fu ◽

Cheng Jiang ◽

Pietro Lio

Keyword(s):

Access Control ◽

Distributed Storage ◽

Data Access ◽

Security And Privacy ◽

Privacy And Security ◽

Fine Grained ◽

Blockchain Technology ◽

Data Access Control ◽

Attribute Based Encryption ◽

Control Scheme

IoT technology has been widely valued and applied, and the resulting massive IoT data brings many challenges to the traditional centralized data management, such as performance, privacy, and security challenges. This paper proposes an IoT data access control scheme that combines attribute-based encryption (ABE) and blockchain technology. Symmetric encryption and ABE algorithms are utilized to realize fine-grained access control and ensure the security and openness of IoT data. Moreover, blockchain technology is combined with distributed storage to solve the storage bottleneck of blockchain systems. Only the hash values of the data, the hash values of the ciphertext location, the access control policy, and other important information are stored on the blockchain. In this scheme, smart contract is used to implement access control. The results of experiments demonstrate that the proposed scheme can effectively protect the security and privacy of IoT data and realize the secure sharing of data.

Download Full-text

Rogue Device Mitigation in the Internet of Things: A Blockchain-Based Access Control Approach

Mobile Information Systems ◽

10.1155/2020/8831976 ◽

2020 ◽

Vol 2020 ◽

pp. 1-13

Author(s):

Uzair Javaid ◽

Furqan Jameel ◽

Umair Javaid ◽

Muhammad Toaha Raza Khan ◽

Riku Jäntti

Keyword(s):

Internet Of Things ◽

Access Control ◽

Security Analysis ◽

Superior Performance ◽

Control Approach ◽

Everyday Objects ◽

Blockchain Technology ◽

Control Scheme ◽

Technological Developments ◽

Iot Devices

Recent technological developments in wireless and sensor networks have led to a paradigm shift in interacting with everyday objects, which nurtured the concept of Internet of Things (IoT). However, low-powered nature of IoT devices generally becomes a hindrance that makes them vulnerable to a wide array of attacks. Among these, the emergence of rogue devices is quickly becoming a major security concern. Rogue devices are malicious in nature which typically execute different kinds of cyberattacks by exploiting the weaknesses of access control schemes in IoT environments. Therefore, access control is one of the crucial aspects of an IoT ecosystem that defines an entry point for a device or a user in the network. This paper investigates this issue and presents an access control scheme by integrating an IoT network with blockchain technology, thereby arguing to replace the traditional centralized IoT-server architecture with a decentralized one. The blockchain is used with smart contracts to establish a secure platform for device registration. Due to this reason, the IoT devices are first required to register themselves and access the network via contracts thereafter. Moreover, the contracts host a device registry, the access control list, to grant or deny access to devices. This allows the proposed scheme to authorize registered devices only and block unregistered ones, which facilitates the mitigation of rogue devices. To demonstrate the feasibility and improvements of the proposed scheme, security analysis along with in-depth performance evaluation are conducted, where the obtained results indicate its applicability. A case study is also formulated with a comparative analysis that confirms the superior performance of the proposed scheme for low-powered IoT systems.

Download Full-text

An Attribute-Based Access Control for IoT Using Blockchain and Smart Contracts

Sustainability ◽

10.3390/su131910556 ◽

2021 ◽

Vol 13 (19) ◽

pp. 10556

Author(s):

Syed Yawar Abbas Zaidi ◽

Munam Ali Shah ◽

Hasan Ali Khattak ◽

Carsten Maple ◽

Hafiz Tayyab Rauf ◽

...

Keyword(s):

Access Control ◽

Single Point ◽

File Systems ◽

Personal Data ◽

Trace Function ◽

Smart Contracts ◽

Distributed File Systems ◽

Volume Data ◽

Blockchain Technology ◽

Attribute Based Access Control

With opportunities brought by the Internet of Things (IoT), it is quite a challenge to maintain concurrency and privacy when a huge number of resource-constrained distributed devices are involved. Blockchain have become popular for its benefits, including decentralization, persistence, immutability, auditability, and consensus. Great attention has been received by the IoT based on the construction of distributed file systems worldwide. A new generation of IoT-based distributed file systems has been proposed with the integration of Blockchain technology, such as the Swarm and Interplanetary File System. By using IoT, new technical challenges, such as Credibility, Harmonization, large-volume data, heterogeneity, and constrained resources are arising. To ensure data security in IoT, centralized access control technologies do not provide credibility. In this work, we propose an attribute-based access control model for the IoT. The access control lists are not required for each device by the system. It enhances access management in terms of effectiveness. Moreover, we use blockchain technology for recording the attribute, avoiding data tempering, and eliminating a single point of failure at edge computing devices. IoT devices control the user’s environment as well as his or her private data collection; therefore, the exposure of the user’s personal data to non-trusted private and public servers may result in privacy leakage. To automate the system, smart contracts are used for data accessing, whereas Proof of Authority is used for enhancing the system’s performance and optimizing gas consumption. Through smart contracts, ciphertext can be stored on a blockchain by the data owner. Data can only be decrypted in a valid access period, whereas in blockchains, the trace function is achieved by the storage of invocation and the creation of smart contracts. Scalability issues can also be resolved by using the multichain blockchain. Eventually, it is concluded from the simulation results that the proposed system is efficient for IoT.

Download Full-text

Privacy protection for fog computing and the internet of things data based on blockchain

Cluster Computing ◽

10.1007/s10586-020-03190-3 ◽

2020 ◽

Author(s):

Yanhui Liu ◽

Jianbiao Zhang ◽

Jing Zhan

Keyword(s):

Internet Of Things ◽

Access Control ◽

Data Storage ◽

Data Transfer ◽

Fog Computing ◽

Single Point ◽

The Internet ◽

Least Significant Bit ◽

Blockchain Technology ◽

The Internet Of Things

Abstract With the development of the Internet of Things (IoT) field, more and more data are generated by IoT devices and transferred over the network. However, a large amount of IoT data is sensitive, and the leakage of such data is a privacy breach. The security of sensitive IoT data is a big issue, as the data is shared over an insecure network channel. Current solutions include symmetric encryption and access controls to secure the data transfer, but they have some drawbacks such as a single point of failure. Blockchain is a promising distributed ledger technology that can prevent the malicious tampering of data, offering reliable data storage. This paper proposes a distributed access control system based on blockchain technology to secure IoT data. The proposed mechanism is based on fog computing and the concept of the alliance chain. This method uses mixed linear and nonlinear spatiotemporal chaotic systems (MLNCML) and the least significant bit (LSB) to encrypt the IoT data on an edge node and then upload the encrypted data to the cloud. The proposed mechanism can solve the problem of a single point of failure of access control by providing the dynamic and fine-grained access control for IoT data. The experimental results of this method demonstrated that it can protect the privacy of IoT data efficiently.

Download Full-text

Comprehensive Study on Incorporation of Blockchain Technology With IoT Enterprises

Advances in Data Mining and Database Management - Opportunities and Challenges for Blockchain Technology in Autonomous Vehicles ◽

10.4018/978-1-7998-3295-9.ch002 ◽

2021 ◽

pp. 22-33

Author(s):

Ashok Kumar Yadav

Keyword(s):

Process Management ◽

Single Point ◽

Future Research ◽

Portable Devices ◽

Privacy And Security ◽

Consensus Algorithms ◽

Security Issues ◽

Blockchain Technology ◽

Computation Process ◽

Security Challenges

Unprecedented advancement in wireless technology, storage, and computing power of portable devices with the gigabyte speed of internet connectivity enables the possibility of communication among machine to machine. IoT has a different way to connect many nodes simultaneously to store, access, and share the information to improve the quality of life by the elimination of the involvement of human. Irrespective of unlimited benefit, IoT has so many issues that arise to eclipse IoT in reality because of its centralized model. Scalability, reliability, privacy, and security challenges are rising because of the huge numbers of IoT nodes, centralized architecture, and complex networks. Centralized architecture may lead to problems like a single point of failure, single way traffic, huge infrastructure cost, privacy, security, and single source of trust. Therefore, to overcome the issues of the centralized infrastructure of the IoT, the authors diverted to decentralized infrastructure. It may be the best decision in terms of performance, reliability, security, privacy, and trust. Blockchain is an influential latest decentralization technology to decentralize computation, process management, and trust. A combination of blockchain with IoT may have the potential to solve scalability, reliability, privacy, and security issues of IoT. This chapter has an overview of some important consensus algorithms, IoT challenges, integration of the blockchain with IoT, its challenges, and future research issues of a combination of blockchain and IoT are also discussed.

Download Full-text

An Attribute-Based Access Control Model in RFID Systems Based on Blockchain Decentralized Applications for Healthcare Environments

Computers ◽

10.3390/computers8030057 ◽

2019 ◽

Vol 8 (3) ◽

pp. 57 ◽

Cited By ~ 8

Author(s):

Figueroa ◽

Añorga ◽

Arrizabalaga

Keyword(s):

Supply Chain ◽

Access Control ◽

Radio Frequency Identification ◽

Surgical Instruments ◽

Privacy And Security ◽

Rfid Systems ◽

Blockchain Technology ◽

Access Control Policies ◽

Attribute Based Access Control ◽

The One

The growing adoption of Radio-frequency Identification (RFID) systems, particularly in the healthcare field, demonstrates that RFID is a positive asset for healthcare institutions. RFID offers the ability to save organizations time and costs by enabling data of traceability, identification, communication, temperature and location in real time for both people and resources. However, the RFID systems challenges are financial, technical, organizational and above all privacy and security. For this reason, recent works focus on attribute-based access control (ABAC) schemes. Currently, ABAC are based on mostly centralized models, which in environments such as the supply chain can present problems of scalability, synchronization and trust between the parties. In this manuscript, we implement an ABAC model in RFID systems based on a decentralized model such as blockchain. Common criteria for the selection of the appropriate blockchain are detailed. Our access control policies are executed through the decentralized application (DApp), which interfaces with the blockchain through the smart contract. Smart contracts and blockchain technology, on the one hand, solve current centralized systems issues as well as being flexible infrastructures that represent the relationship of trust and support essential in the ABAC model in order to provide the security of RFID systems. Our system has been designed for a supply chain environment with an use case suitable for healthcare systems, so that assets such as surgical instruments containing an associated RFID tag can only access to specific areas. Our system is deployed in both a local and Testnet environment in order to stablish a deep comparison and determining the technical feasibility.

Download Full-text

BlendCAC: A Smart Contract Enabled Decentralized Capability-Based Access Control Mechanism for the IoT

Computers ◽

10.3390/computers7030039 ◽

2018 ◽

Vol 7 (3) ◽

pp. 39 ◽

Cited By ~ 40

Author(s):

Ronghua Xu ◽

Yu Chen ◽

Erik Blasch ◽

Genshe Chen

Keyword(s):

Access Control ◽

Large Scale ◽

Smart Cities ◽

Single Point ◽

Raspberry Pi ◽

Role Based Access Control ◽

Privacy And Security ◽

Smart Contract ◽

Attribute Based Access Control ◽

Role Based

While Internet of Things (IoT) technology has been widely recognized as an essential part of Smart Cities, it also brings new challenges in terms of privacy and security. Access control (AC) is among the top security concerns, which is critical in resource and information protection over IoT devices. Traditional access control approaches, like Access Control Lists (ACL), Role-based Access Control (RBAC) and Attribute-based Access Control (ABAC), are not able to provide a scalable, manageable and efficient mechanism to meet the requirements of IoT systems. Another weakness in today’s AC is the centralized authorization server, which can cause a performance bottleneck or be the single point of failure. Inspired by the smart contract on top of a blockchain protocol, this paper proposes BlendCAC, which is a decentralized, federated capability-based AC mechanism to enable effective protection for devices, services and information in large-scale IoT systems. A federated capability-based delegation model (FCDM) is introduced to support hierarchical and multi-hop delegation. The mechanism for delegate authorization and revocation is explored. A robust identity-based capability token management strategy is proposed, which takes advantage of the smart contract for registration, propagation, and revocation of the access authorization. A proof-of-concept prototype has been implemented on both resources-constrained devices (i.e., Raspberry PI nodes) and more powerful computing devices (i.e., laptops) and tested on a local private blockchain network. The experimental results demonstrate the feasibility of the BlendCAC to offer a decentralized, scalable, lightweight and fine-grained AC solution for IoT systems.

Download Full-text