Combo-Chain: Towards a hierarchical attribute-based access control system for IoT with smart contract and sharding technique

Abstract

The Internet of Things (IoT) provides a collaborative environment among different entities (i.e., users, IoT devices, sensors, applications, etc.) to access resources. Despite the benefits that IoT technology brings to individuals, society, and industry, this technology faces a critical challenge in controlling access to various resources in IoT environments. To address this challenge, we propose Combo-Chain, an blockchain-based access control system deeply rooted in the concepts of the attribute-based access control (ABAC) model, smart contracts, and sharding. Combo-Chain introduces the concept of hierarchy for both subject attributes and object attributes to enhance flexibility and dynamicity when specifying ABAC policies, simplifying policy and attribute management. It not only manages access policies but also attributes by deploying a set of smart contracts. Furthermore, Combo-Chain utilizes sharding technique to distribute the overhead associated with storing and managing both access policies and attributes. Sharding also helps Combo-Chain to distribute the computational overhead when evaluating access requests among two groups of nodes, addressing the issues of low scalability and poor performance often associated with blockchain technology. Combo-Chain is implemented on a private Ethereum platform, and the experimental results demonstrate the superiority of Combo-Chain compared to existing blockchain-based access control systems.