Abstract
The Internet of things (IoT) is an active, real-world area in need of more investigation. One of the top weaknesses in security challenges that IoTs face, the centralized access control server, which can be a single point of failure. In this paper, Dynamic-IoTrust, a decentralized access control smart contract based aims to overcome distrusted, dynamic, trust and authentication issues for access control in IoT. It also integrates dynamic trust value to evaluate users based on behavior. In particular, the Dynamic-IoTrust contains multiple Main Smart Contract, one Register Contract, and one Judging Contract to achieve efficient distributed access control management. Dynamic-IoTrust provides both static access rights by allowing predefined access control policies and also provides dynamic access rights by checking the trust value and the behavior of the user. The system also provides to detected user misbehavior and make a decision for user trust value and penalty. There are several levels of trusted users to access the IoTs device. Finally, the case study demonstrates the feasibility of the Dynamic-IoTrust model to offer a dynamic decentralized access control system with trust value attribute to evaluate the internal user used IoTs devices.
Highlights
Introduction withWith the growing number of communication and networking technologies, more physical devices are connected to the Internet, leading to the ‘Internet of things’ (IoT) [1]
IoT devices may belong to different organizations or users, and the IoT environment usually consists of a large number of constrained devices with high mobility and limited power and performance, which makes traditional access control difficult
Lacked the dynamic trust value feature provide by Dynamic-IoTrust. to address the limitations of the above works, this paper proposes a Dynamic-IoTrust, which consists of multiple smart contracts and trust value permission control to achieve dynamic distributed and trustworthy access control for IoT systems
Summary
The access control taxonomy of the IoT environment can be centralized and decentralized [13]. FairAccess uses a new type of transaction using smart contracts to trade access control policies for access tokens. Novo [10] proposed a fully decentralized access control for IoT using blockchain to store and distribute information This solution designed to overcame issues of network overheads. Contains a single smart contract that covers all processes and defines all allowed access control policies by using management hub nodes to request access control alternatives including IoT devices in the blockchain. To address the limitations of the above works, this paper proposes a Dynamic-IoTrust, which consists of multiple smart contracts and trust value permission control to achieve dynamic distributed and trustworthy access control for IoT systems. The Dynamic-IoTrust, has multiple main smart contracts (MSCs), one register contract (RC), and one judge contract (JC)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have