DABAC: Smart Contract-Based Spatio-Temporal Domain Access Control for the Internet of Things

Guo, Feifei; Shen, Guohua; Huang, Zhiqiu; Yang, Yang; Cai, Mengnan; Wei, Luqing

doi:10.1109/access.2023.3257027

Cited by 7 publications

(4 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Feifei Guo et al [36] have proposed a domain attribute-based access control (DABAC) approach to address access control challenges in dynamic IoT environments. The proposed solution relies on an intelligent gateway for regional device management, which may introduce a single point of failure and potential scalability concerns.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Smart Contract-Based Access Control Framework for Internet of Things Devices

Hasan,

Alazab,

Joy

et al. 2023

Computers

View full text Add to dashboard Cite

The Internet of Things (IoT) has recently attracted much interest from researchers due to its diverse IoT applications. However, IoT systems encounter additional security and privacy threats. Developing an efficient IoT system is challenging because of its sophisticated network topology. Effective access control is required to ensure user privacy in the Internet of Things. Traditional access control methods are inappropriate for IoT systems because most conventional access control approaches are designed for centralized systems. This paper proposes a decentralized access control framework based on smart contracts with three parts: initialization, an access control protocol, and an inspection. Smart contracts are used in the proposed framework to store access control policies safely on the blockchain. The framework also penalizes users for attempting unauthorized access to the IoT resources. The smart contract was developed using Remix and deployed on the Ropsten Ethereum testnet. We analyze the performance of the smart contract-based access policies based on the gas consumption of blockchain transactions. Further, we analyze the system’s security, usability, scalability, and interoperability performance.

show abstract

Section: Related Workmentioning

confidence: 99%

“…Usability Security Scalability Interoperability Automated [29] x x [30] x x [31] x [32] x x x [33] x x [34] x [35] x x [36] x [37] x x [38] x x Proposed Scheme…”

Section: Papermentioning

confidence: 99%

Smart Contract-Based Access Control Framework for Internet of Things Devices

Hasan,

Alazab,

Joy

et al. 2023

Computers

View full text Add to dashboard Cite

show abstract

“…Integrating smart contracts with existing access control models is the main design pattern of access control schemes. Guo et al [32] proposed a fine-grained data access control scheme using attribute-based access control (ABAC) model and Turing-complete smart contracts. Nakamura et al [33] proposed a trustworthy Capability-Based Access Control (CapBAC) scheme using the Ethereum blockchain.…”

Section: B Smart Contract-based Access Controlmentioning

confidence: 99%

A Smart Contract-Driven Access Control Schemewith Integrity Checking for Electronic Health Records

Li,

Xiao

et al. 2023

Preprint

View full text Add to dashboard Cite

The application of healthcare systems has led to an explosive growth in personal electronic health records (EHRs). These EHRs are generated from different healthcare institutions and stored in cloud data centers, respectively. However, data owners lose the authority to control and track their private and sensitive EHRs. In fact, data owners cannot establish rules for EHRs exchanging and sharing, nor can they verify the integrity of EHRs stored in semi-trusted clouds. Hence, a individual-centric access control framework is required to realize data access control. In this study, we construct a data access control framework, which integrates the decentralized smart contracts and role-based access control (RBAC) to provide fine grained data access control services. Besides, this scheme allows data owners to define access control policies using JavaScript Object Notation (JSON) and further translate these policies into immutable blockchain transactions. Furthermore, we combine blockchain and bilinear mapping to design a data integrity verification system for users to check the integrity of their cloud stored EHRs. Finally, we analyze the security of this scheme and develop a prototype system to evaluate the performance. Both theoretical analysis and experiment results indicate that this scheme can realize fine-grained data access control and efficient data integrity verification

show abstract

“…Our choice of XRPL and Ethereum was guided by their contrasting algorithmic and architectural design, which are indicative of the broad spectrum of existing blockchain platforms. While XRPL is optimized for high-speed, high-volume financial transactions, Ethereum is characterized by its versatile, Turing-complete smart contract capabilities [10]. It is essential to note that in our study, the BBF was applied to the official Docker clients of these platforms, providing a realistic testing environment for our analysis.…”

Section: Introductionmentioning

confidence: 99%

Validating the Blockchain Benchmarking Framework Through Controlled Deployments of XRPL and Ethereum

Touloupou,

Christodoulou,

Themistocleous

2024

IEEE Access

View full text Add to dashboard Cite

In the evolving domain of blockchain, a critical challenge lies in the performance analysis of blockchains under controlled test conditions. This paper focuses on validating the Blockchain Benchmarking Framework (BBF), developed for the evaluation of blockchain protocols in a controlled environment. The BBF's robustness and versatility are demonstrated through its application to the official Docker clients of Ripple's XRP Ledger (XRPL) and Ethereum, deployed in private, local and controlled environments. These deployments are utilized to simulate network dynamics, transaction throughput, and resilience in a variety of scenarios. Our methodology encompasses tests ranging from standard operational conditions to adverse scenarios, including node failures and simulated double-spend attacks. These controlled environments are essential for evaluating the BBF's efficacy in stress testing blockchain protocols and assessing their stability and robustness. The BBF's ability to accurately capture and analyze performance characteristics is highlighted, providing insights into the operational mechanics, scalability, and resilience of these blockchain clients. The findings emphasize the BBF's adaptability and effectiveness in managing different blockchain protocols, reaffirming its potential for broader application in pre-launch testing and analysis of blockchain performance. This study contributes to the understanding of how blockchain clients can be preliminarily assessed before mainnet deployment as well as to validate all the design decisions made by the protocol under different settings and synthetic scenarios.

show abstract

DABAC: Smart Contract-Based Spatio-Temporal Domain Access Control for the Internet of Things

Cited by 7 publications

References 19 publications

Smart Contract-Based Access Control Framework for Internet of Things Devices

Smart Contract-Based Access Control Framework for Internet of Things Devices

A Smart Contract-Driven Access Control Schemewith Integrity Checking for Electronic Health Records

Validating the Blockchain Benchmarking Framework Through Controlled Deployments of XRPL and Ethereum

Contact Info

Product

Resources

About