Internet of Things (IoT) devices are widely considered in smart cities, intelligent medicine, and intelligent transportation, among other fields that facilitate people's lives, producing a large amount of private data. However, due to the mobility, limited performance, and distributed deployment of IoT, traditional access control methods cannot support the security of private data's access control process in current IoT environments. To address such problems, this article proposes an auditable access control model, based on an attribute-based access control model, and manages the access control policy for private data through the request record, the response record, and the access record stored in the blockchain network. Additionally, a Blockchain-based auditable access control system is also proposed based on the auditable access control model, ensuring private data security in IoT environments and realizing effective management and auditable access to these data. Experimental results show that the proposed system can maintain high throughput while ensuring private data security for real application scenarios in IoT environments.
Read full abstract