BSAF: A blockchain-based secure access framework with privacy protection for cloud-device service collaborations

Abstract

In an open Internet-of-Things (IoT) environment, cloud-device collaborative development brings more functional services to users. However, privacy disclosure risks concerning service provision and users’ accessing behavior also increase. Traditional privacy protection approaches involve a centralized system with a third-party administrative server, which has the risk of single-point failures and overlooks the issue of privacy information leakage concerning users’ behaviors. Blockchain is a decentralized and traceable technology that provides a reliable solution for secure access by users. This paper proposes a novel blockchain-based secure access framework (BSAF) for cloud-device service collaborations with privacy protection. Specifically, a key matrix encryption mechanism is used to protect the privacy of users’ behaviors, and a fully homomorphic encryption mechanism is designed to protect the privacy of service content. Two smart contracts are designed: a request verification smart contract to verify the access rights of users, and a behavior punishment smart contract to audit users’ access behaviors. Comprehensive experiments on the Ethereum blockchain network show that the proposed BSAF framework outperforms existing schemes in latency reduction and cost saving, and is more suitable for low-profile IoT devices.