CCAP: A Complete Cross-Domain Authentication Based on Blockchain for Internet of Things

Abstract

The increasing diversity of Internet-of-Things (IoT) application scenarios and explosive growth of access devices have brought more frequent exchanges of resources between different administrative domains. Cross-domain authentication has become a key to safeguard communication and resource interaction among domains. Traditional centralized authentication schemes present heavy management overhead and trust challenges in cross-domain scenarios. Most of existing studies are incapable of establishing trust relationships between domains deployed with different authentication schemes, rendering such high-cost schemes difficult to be generalized. Further, the cross-domain scenario of IoT also raises additional requirements for device privacy and system overhead. In order to tackle these issues, this paper proposes a complete cross-domain authentication and privacy protection scheme, called CCAP, for the IoT based on consortium blockchain. CCAP achieves cross-domain authentication among the IoT domains which may have different configurations from each other. Further, CCAP can be cost-effectively deployed in resource-limited IoT domains and can offer privacy protection and efficient and secure communication for IoT devices. We demonstrate the effectiveness and efficiency of the scheme through experiments in virtual and physical experiment environments as well as comparing and analyzing CCAP with state-of-the-art work.