Data Sharing System Integrating Access Control Based on Smart Contracts for IoT

Sultana, Tanzeela; Ghaffar, Abdul; Azeem, Muhammad; Abubaker, Zain; Gurmani, Muhammad Usman; Javaid, Nadeem

doi:10.1007/978-3-030-33509-0_81

Cited by 9 publications

(6 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Therefore, the real-world implementation of the system is not provided. The authors in [18] presented a bubble of trust mechanism to provide trustworthiness and confidentiality of data, identification and authentication of devices. The system is efficient in terms of cost; however, the communication between nodes in a bubble is not controlled.…”

Section: Related Workmentioning

confidence: 99%

Data Sharing System Integrating Access Control Mechanism using Blockchain-Based Smart Contracts for IoT Devices

et al. 2020

Self Cite

View full text Add to dashboard Cite

In this paper, a blockchain-based data sharing and access control system is proposed, for communication between the Internet of Things (IoT) devices. The proposed system is intended to overcome the issues related to trust and authentication for access control in IoT networks. Moreover, the objectives of the system are to achieve trustfulness, authorization, and authentication for data sharing in IoT networks. Multiple smart contracts such as Access Control Contract (ACC), Register Contract (RC), and Judge Contract (JC) are used to provide efficient access control management. Where ACC manages overall access control of the system, and RC is used to authenticate users in the system, JC implements the behavior judging method for detecting misbehavior of a subject (i.e., user). After the misbehavior detection, a penalty is defined for that subject. Several permission levels are set for IoT devices’ users to share services with others. In the end, performance of the proposed system is analyzed by calculating cost consumption rate of smart contracts and their functions. A comparison is made between existing and proposed systems. Results show that the proposed system is efficient in terms of cost. The overall execution cost of the system is 6,900,000 gas units and the transaction cost is 5,200,000 gas units.

show abstract

Section: Related Workmentioning

confidence: 99%

Data Sharing System Integrating Access Control Mechanism using Blockchain-Based Smart Contracts for IoT Devices

et al. 2020

Self Cite

View full text Add to dashboard Cite

show abstract

“…The environment attributes in this method are limited to the time attributes. Another similar system for data sharing in IoT is proposed by Sultana et al [35], [36]. In this system, the user sends an access request to a central server.…”

Section: B Using Blockchain In Access Management Processmentioning

confidence: 99%

A Novel Access Control Method Via Smart Contracts for Internet-Based Service Provisioning

et al. 2021

View full text Add to dashboard Cite

The dramatic rise in internet-based service provisioning has highlighted the importance of deploying scalable access control methods, facilitating service authorization for eligible users. Existing centralized methods suffer from single-point-of-failure, low scalability, and high computational overhead. In addition, in these methods, users pay for the service provider as well as the network provider independently for a specific service, imposing extra cost for the user. New business models are needed to resolve such shortcomings. The realization of these models calls for sophisticated access control methods which consider the requirements of all parties who want to: 1) access a service; 2) provide that service; and 3) provide the network connection. Blockchain is an enabling technology that provides unprecedented opportunities to novel distributed access control methods for new business models. We propose an Attribute-based access control solution by leveraging Blockchain to share network providers' and service providers' resources. Our solution offers access flexibility based on the requirements of the parties while fulfilling reliability, accountability, and immutability. Besides, it decreases the overall service cost which is beneficial for each party. Our solution makes it possible for service providers to outsource their access control procedures without requiring a trusted third party. The experiments confirm that our solution can provide a fast, comprehensive, and scalable access control mechanism.

show abstract

“…In addition, the CapBAC model allows subjects to delegate access rights from one to another for flexible and spontaneous access control. Recently, some initial attempts have been made to implement access control using the blockchain technology [28][29][30][31][32][33][34][35][36][37][38][39][40][41][42][43][44][45]. Among these schemes, the Blockchain-Enabled Decentralized Capability-Based Access Control (BlendCAC) scheme in [28] is the one most related to our scheme.…”

Section: Research Objectivementioning

confidence: 99%

“…The authors also provided implementations to demonstrate the feasibility of the framework. In [34], an extended version of the scheme in [33] was designed with slight modification. In [35], a smart contract was deployed to maintain the roles assigned to each user in an RBAC model, such that any service provider can verify the users' ownership of roles when providing services.…”

Section: Related Workmentioning

confidence: 99%

Exploiting Smart Contracts for Capability-Based Access Control in the Internet of Things

Nakamura

Zhang

Sasabe

et al. 2020

Sensors

View full text Add to dashboard Cite

Due to the rapid penetration of the Internet of Things (IoT) into human life, illegal access to IoT resources (e.g., data and actuators) has greatly threatened our safety. Access control, which specifies who (i.e., subjects) can access what resources (i.e., objects) under what conditions, has been recognized as an effective solution to address this issue. To cope with the distributed and trust-less nature of IoT systems, we propose a decentralized and trustworthy Capability-Based Access Control (CapBAC) scheme by using the Ethereum smart contract technology. In this scheme, a smart contract is created for each object to store and manage the capability tokens (i.e., data structures recording granted access rights) assigned to the related subjects, and also to verify the ownership and validity of the tokens for access control. Different from previous schemes which manage the tokens in units of subjects, i.e., one token per subject, our scheme manages the tokens in units of access rights or actions, i.e., one token per action. Such novel management achieves more fine-grained and flexible capability delegation and also ensures the consistency between the delegation information and the information stored in the tokens. We implemented the proposed CapBAC scheme in a locally constructed Ethereum blockchain network to demonstrate its feasibility. In addition, we measured the monetary cost of our scheme in terms of gas consumption to compare our scheme with the existing Blockchain-Enabled Decentralized Capability-Based Access Control (BlendCAC) scheme proposed by other researchers. The experimental results show that the proposed scheme outperforms the BlendCAC scheme in terms of the flexibility, granularity, and consistency of capability delegation at almost the same monetary cost.

show abstract

Data Sharing System Integrating Access Control Based on Smart Contracts for IoT

Cited by 9 publications

References 9 publications

Data Sharing System Integrating Access Control Mechanism using Blockchain-Based Smart Contracts for IoT Devices

Data Sharing System Integrating Access Control Mechanism using Blockchain-Based Smart Contracts for IoT Devices

A Novel Access Control Method Via Smart Contracts for Internet-Based Service Provisioning

Exploiting Smart Contracts for Capability-Based Access Control in the Internet of Things

Contact Info

Product

Resources

About