Towards SDN-based smart contract solution for IoT access control

Abstract

Access control is essential for the IoT environment to ensure that only approved and trusted parties are able to configure devices, access sensor information, and command actuators to execute activities. The IoT ecosystem is subject to various access control complications due to the limited latency between IoT devices and the Internet, low energy requirements of IoT devices, the distributed framework, ad-hoc networks, and an exceptionally large number of heterogeneous IoT devices that need to be managed. The motivation for this proposed work is to resolve the incurring challenges of IoT associated with management and access control security. Each IoT domain implementation has particular features and needs separate access control policies to be considered in order to design a secure solution. This research work aims to resolve the intricacy of policies management, forged policies, dissemination, tracking of access control policies, automation, and central management of IoT nodes and provides a trackable and auditable access control policy management system that prevents forged policy dissemination by applying Software Defined Network (SDN) and blockchain technology in an IoT environment. Integration of SDN and blockchain provides a robust solution for IoT environment security. Recently, smart contracts have become one of blockchain technology’s most promising applications. The integration of smart contracts with blockchain technology provides the capability of designing tamper-proof and independently verifiable policies. In this paper, we propose a novel, scalable solution for implementing immutable, verifiable, adaptive, and automated access control policies for IoT devices together with a successful proof of concept that demonstrates the scalability of the proposed solution. The performance of the proposed solution is evaluated in terms of throughput and resource access delay between the blockchain component and the controller as well as from node to node. The number of nodes in the IoT network and the number of resource access requests were independently and systematically increased during the evaluations. The results illustrate that the resource access delay and throughput were affected neither linearly nor exponentially; hence, the proposed solution shows no significant degradation in performance with an increase in the number of nodes and/or requests.