Abstract
The Internet of Things (IoT) providers serve better IoT services each year while producing more IoT gateways and devices to expand their services. However, the security of the IoT ecosystem remains an afterthought for most IoT providers. This action results in many cybersecurity breaches in the field, most likely due to the lack of access control mechanisms. In this paper, we propose BorderChain, an access control framework based on blockchain for IoT endpoints. The security protocol guarantees two properties. First, our proposal assures IoT users and services that they communicate with approved IoT gateways as endpoints, holding verified IoT devices that they need. Second, BorderChain also generates access tokens that the IoT service and users can use to query IoT resources legitimately inside the IoT domains. As a result, the protocol can convince IoT domain owners that the system will only authorize IoT requests that they approve. We realize our protocol in the form of a smart contract to allow many IoT entities such as IoT domain owners, IoT devices, IoT gateways, IoT vendors, IoT services, IoT users, and Internet Service Provider (ISP) to collaborate in a unified environment. We then implement entities in BorderChain as Node JS applications connecting to the Ethereum blockchain as our peer-to-peer platform. Based on our performance evaluation using several Raspberry Pi hardware and our private server, we show that BorderChain can process entities’ authentication and authorization requests efficiently using all hardware resources. Finally, we release BorderChain for public use.
Highlights
The Internet of Things (IoT) is growing, in both quality and quantity, and has helped us to live a better life each day
With the smart contract’s invention [8], it allows adopters to enforce trust in a decentralized and verifiable way. It can automate many time-consuming IoT workflows; increasing the overall IoT environment efficiency. With all of these benefits, we argue that blockchain is a suitable platform candidate to build an access control system for IoT
We present the idea of blockchain-facilitated authorization protocol to allow IoT domain owners to authorize selectively IoT users or services that they permit to access their domains
Summary
The Internet of Things (IoT) is growing, in both quality and quantity, and has helped us to live a better life each day. The possible use cases are fastly spreading as researchers are developing IoT applications in many sectors. This growth has introduced a lot of new devices to connect to the Internet. Gartner estimates that 14.2 billion things were working actively in 2019, and the number will keep increasing and reach 25 billion by 2021 [1]. Gartner predicts that the number of IoT endpoints will reach 5.8 billion in 2020 [2]
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
