SFAC:A Smart Contract-Based Fine-Grained Access Control for Internet of Things

Abstract

With the development of Internet of things, more and more objects are connected to the Internet. It will lead to data leakage caused by arbitrary access easily. Thus, an effective method to prevent data leakage is needed. Traditional access control schemes include role-based access control (RBAC), attribute-based access control (ABAC), and capability-based access control (CapBAC) are all using a central or a third trusted party to manage user information, which is prone to single failure. In order to solve the problems, in this paper, a fine-grained access control scheme based on blockchain technology named SFAC is proposed. In recent years, blockchain technology has been widely studied and applied in various fields. It has the advantages of decentralization, imitation tampering, and traceability, and is a distributed public ledger. Therefore, combined with blockchain, SFAC can not only solve the problem of centralization, but also allow users to request resources in batches, and uses token mechanism to facilitate users’ requests. After the user gets a token, it can directly use the token to revoke resources. Besides, we use a smart contract to implement our proposed scheme and carrying out a series of experiments on the test network of Ethereum. The experimental results show that our SAFC is feasible.