Blockchain for IoT Access Control: Recent Trends and Future Research Directions

Pal, Shantanu; Dorri, Ali; Jurdak, Raja

doi:10.48550/arxiv.2106.04808

Cited by 3 publications

(1 citation statement)

References 92 publications

(123 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For example, Role-Based Access Control (RBAC) [6] links user access levels to their roles in an organisation's structure, Attribute-based access control (ABAC) [7] links different access control levels to a user's attributes, and Capability-based Access Control (Cap-BAC) [8] assesses a user's capabilities to determine the appropriate access control level. Although many studies indicate that these traditional access control methods can be used in IoTbased environments, implementing them in real-world situations raises concerns due to architecture-level capabilities such as centralised networks, protocol constraints, device heterogeneity, scalability requirements, and functional limitations in IoT-based environments [9]. Further, untrustworthy parties can potentially tamper with access policies in distributed environments, compromising system security by giving access unauthorised access to the users [10].…”

Section: Introductionmentioning

confidence: 99%

A Blockchain-based Decentralised and Dynamic Authorisation Scheme for the Internet of Things

Hameed¹,

Raza²,

Garg³

et al. 2022

Preprint

View full text Add to dashboard Cite

An authorisation has been recognised as an important security measure for preventing unauthorised access to critical resources, such as devices and data, within the Internet of Things (IoT) networks. To achieve authorisation, access control mechanisms are extensively utilised, restricting the user's actions within the network or system based on predetermined access control policies with specific control actions. Existing authorisation methods for the IoT network is based on traditional access control models, which have several drawbacks, including architecture centralisation, policy tampering, access rights validation, malicious third party policy assignment and control, and network-related overheads. The increasing trend of integrating Blockchain technology with IoT networks demonstrates its importance and potential to address the shortcomings of traditional IoT network authorisation mechanisms. However, existing Blockchain-based authorisation solutions for IoT networks overlook the importance of utilising the full potential of Blockchain technology and under-perform to handle the dynamicity of the underlying network in terms of malicious user behaviour, static policies, and auditability of user requests and resources. This paper proposes a decentralised secure, dynamic, and flexible authorisation scheme for IoT networks based on attribute-based access control (ABAC) fine-grained policies stored on a distributed immutable ledger. We design a Blockchain-based ABAC policy management framework divided into Attribute Management Authority (AMA) and Policy Management Authority (PMA) frameworks that use smart contract features to initialise, store, and manage attributes and policies on the Blockchain. To achieve flexibility and dynamicity in the authorisation process, we capture and utilise the environmental-related attributes in conjunction with the subject and object attributes of the ABAC model to define the policies. Furthermore, we designed the Blockchain-based Access Management Framework (AMF) to manage user requests to access IoT devices while maintaining the privacy and auditability of user requests and assigned policies. We implemented a prototype of our proposed scheme and executed it on the local Ethereum Blockchain. Finally, we demonstrated the applicability and flexibility of our proposed scheme for an IoT-based smart home scenario, taking into account deployment, execution and financial costs.

show abstract