BHE-AC: a blockchain-based high-efficiency access control framework for Internet of Things

Abstract

In this information age, with the emergence of organizations, the number of various resources on the Internet of Things is also increasing. Generally, different users have different access permissions to different resources and most of the existing schemes have realized access control. But most of them are rough and not feasible in many organizations. Moreover, traditional access control schemes adopted a central entity or a trusted third party to centrally manage users’ permissions and access information, which can easily lead to single point of failure. Therefore, a kind of secure, trusted, and fine-grained access control is urgently needed in some large-scale organizations or institutions that maintain thousands of IoT devices. In order to solve the above problems, in this paper, we propose a blockchain-based high-efficiency access control framework called BHE-AC to achieve secure and efficient access to resources for users. In BHE-AC, a registration model is designed to register users and resources, and it can evaluate the ability value for users according to their attributes which is an essential factor when requesting resources. Besides, we represent a blockchain-based token requesting mechanism to compare the capability values of users with requested resources; meanwhile, the mechanism also allows users to request multiple resources at the same time, which can avoid repeated requests. Then, an unforgeable token indicates the users’ access to a specific resource is granted to a requester only if a requester meets the access requirements; from then on, the user can use a token to invoke the resource. Finally, security analysis and experiments of our framework are given in our paper. The experimental results show that BHE-AC can achieve low cost and efficient access.