Abstract
Due to the rapid penetration of the Internet of Things (IoT) into human life, illegal access to IoT resources (e.g., data and actuators) has greatly threatened our safety. Access control, which specifies who (i.e., subjects) can access what resources (i.e., objects) under what conditions, has been recognized as an effective solution to address this issue. To cope with the distributed and trust-less nature of IoT systems, we propose a decentralized and trustworthy Capability-Based Access Control (CapBAC) scheme by using the Ethereum smart contract technology. In this scheme, a smart contract is created for each object to store and manage the capability tokens (i.e., data structures recording granted access rights) assigned to the related subjects, and also to verify the ownership and validity of the tokens for access control. Different from previous schemes which manage the tokens in units of subjects, i.e., one token per subject, our scheme manages the tokens in units of access rights or actions, i.e., one token per action. Such novel management achieves more fine-grained and flexible capability delegation and also ensures the consistency between the delegation information and the information stored in the tokens. We implemented the proposed CapBAC scheme in a locally constructed Ethereum blockchain network to demonstrate its feasibility. In addition, we measured the monetary cost of our scheme in terms of gas consumption to compare our scheme with the existing Blockchain-Enabled Decentralized Capability-Based Access Control (BlendCAC) scheme proposed by other researchers. The experimental results show that the proposed scheme outperforms the BlendCAC scheme in terms of the flexibility, granularity, and consistency of capability delegation at almost the same monetary cost.
Highlights
Thanks to the maturation and commercialization of the Internet of Things (IoT), recent years have witnessed explosive growth of smart devices connected to the Internet
We focus on the critical access control issue for IoT resources
Access control scheme called BlendCAC proposed by other researchers, to provide more fine-grained and flexible access control
Summary
Thanks to the maturation and commercialization of the Internet of Things (IoT), recent years have witnessed explosive growth of smart devices (e.g., appliances, wearables, and industrial equipment) connected to the Internet. It was reported that over 200 billion IoT devices will be connected to form an extremely huge IoT network by 2020 [1]. These devices make our lives more convenient and intelligent, they are vulnerable to illegal access by malicious users, posing significant threats to our personal and property safety [2]. Malicious users may know the contents of private conversations inside a home by illegally accessing some appliances [3,4,5,6]. Malicious users may be able to gain illegal access to the control unit (e.g., brake and accelerator) of a self-driving car to cause severe accidents [7]. Our research focuses on the access control issue in the IoT
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
