A Novel Access Control for Internet of Things Based on Blockchain Smart Contract

Abstract

Since more and more devices join the Internet of Things(IoT) network, a large amount of user sensitive data is generated. The leakage of these data will cause very serious consequences. Traditional access control is prone to single point of failure. The existing researches on the combination of blockchain and access control have some disadvantages, such as the difficulty of managing access rights, inefficient access efficiency, and the difficulty of supporting lightweight IOT devices. This paper proposes an IoT access control model based on blockchain smart contract, called SCBAC. Firstly, by adopting the idea of IoT Attributes Based Access Control(ABAC), the model supports a dynamic, fine-grained access control. Secondly, by deploying the access control strategy on the blockchain in the form of smart contracts, the computing pressure of IoT devices is reduced, so that the model can be applied to lightweight IoT devices and has tamper resistance and traceability characteristics. The idea of tokens is adopted into the strategy, and subjects obtain access rights by applying for tokens in advance, which improves access efficiency. In addition, Trust recommendation algorithm is adopted in the model, which effectively solves the problem of identity fraud in access control. Finally, we build a prototype system to verify this proposed model, through case analysis and security analysis, it shows that this access control model is effective and versatile. Furthermore, the model can be used as a reference for other IoT applications with access control security requirements.