Dynamic Secure Access Control and Data Sharing Through Trusted Delegation and Revocation in a Blockchain-Enabled Cloud-IoT Environment

Abstract

The Internet of Things (IoT) is vulnerable to leakage of private information during data sharing. To avoid this problem, access control and secure data sharing have been introduced in IoT; however, many challenges are faced because of centralized access control and single delegator selection. Additionally, blockchain is integrated into IoT to enhance the security of the environment. For that purpose, this research proposes dynamic secure access control using the blockchain (DSA-Block) model, which performs secure access control and data sharing. Initially, the IoT device attributes and user attributes are registered at a local domain authority (LDA) for generating private and public keys using the hyperelliptic curve cryptography (HECC) algorithm, which ensures the legitimacy of the users and devices. Then, the IoT devices send a request message to the edge nodes (ENs) via a gateway, which performs request filtration by validating the user’s authenticity. The filtered requests are sent to the edge server to perform access delegation using rock hyraxes swarm optimization (RHSO), which selects a set of delegator nodes. The access control decision is made by using the Trusted practical Byzantine fault tolerance (PBFT) consensus algorithm. The IoT data are stored in the cloud server for secure storage, in which the data are secured using a differential privacy mechanism. Finally, dual revocations, such as user attribute revocation and user revocation, are used to maintain security. The performance of DSA-Block is evaluated and the results demonstrate that the proposed DSA-Block model achieves superior performance compared to previous works.