skip to main content
research-article

A Blockchain-empowered Access Control Framework for Smart Devices in Green Internet of Things

Authors Info & Claims
Published:16 June 2021Publication History
Skip Abstract Section

Abstract

Green Internet of things (GIoT) generally refers to a new generation of Internet of things design concept. It can save energy and reduce emissions, reduce environmental pollution, waste of resources, and harm to human body and environment, in which green smart device (GSD) is a basic unit of GIoT for saving energy. With the access of a large number of heterogeneous bottom-layer GSDs in GIoT, user access and control of GSDs have become more and more complicated. Since there is no unified GSD management system, users need to operate different GIoT applications and access different GIoT cloud platforms when accessing and controlling these heterogeneous GSDs. This fragmented GSD management model not only increases the complexity of user access and control for heterogeneous GSDs, but also reduces the scalability of GSDs applications. To address this issue, this article presents a blockchain-empowered general GSD access control framework, which provides users with a unified GSD management platform. First, based on the World Wide Web Consortium (W3C) decentralized identifiers (DIDs) standard, users and GSD are issued visual identity (VID). Then, we extended the GSD-DIDs protocol to authenticate devices and users. Finally, based on the characteristics of decentralization and non-tampering of blockchain, a unified access control system for GSD was designed, including the registration, granting, and revoking of access rights. We implement and test on the Raspberry Pi device and the FISCO-BCOS alliance chain. The experimental results prove that the framework provides a unified and feasible way for users to achieve decentralized, lightweight, and fine-grained access control of GSDs. The solution reduces the complexity of accessing and controlling GSDs, enhances the scalability of GSD applications, as well as guarantees the credibility and immutability of permission data and identity data during access.

References

  1. K. Yu, L. Tan, M. Aloqaily, and Y. Jararweh. [n.d.]. Blockchain-Enhanced data sharing with traceable and direct revocation in IIoT. IEEE Transactions on Industrial Informatics. DOI:10.1109/TII.2021.3049141Google ScholarGoogle Scholar
  2. Balasubramanian Venkatraman, Faisal Zaman, Moayad Aloqaily, Ismaeel Al Ridhawi, Yaser Jararweh, and Haythem Bany Salameh. 2019. A mobility management architecture for seamless delivery of 5G-IoT services. In Proceedings of the IEEE International Conference on Communications (ICC’19). IEEE, 1–7.Google ScholarGoogle Scholar
  3. Muhammad Bhatti, Javeria Hamza, Muhammad Usman, Ghani Khan, Razi Khan, Moayad Iqbal, Yaser Aloqaily, Jararweh, and Brij Gupta. 2019. Soft computing-based EEG classification by optimal feature selection and neural networks. IEEE Trans. Industr. Inform. 15, 10 (2019), 5747–5754.Google ScholarGoogle ScholarCross RefCross Ref
  4. Elisa Bertino, Kim-Kwang Raymond Choo, Dimitrios Georgakopolous, and Surya Nepal. 2016. Internet of things (IoT): Smart and secure service delivery. ACM Trans. Internet Technol. 16, 4 (Dec. 2016). DOI:DOI:https://doi.org/10.1145/3013520 Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. M. A. M. Albreem. 2017. Green internet of things (IoT): An overview. In Proceedings of theIEEE 4th International Conference on Smart Instrumentation, Measurement and Application (ICSIMA’17). 1–6.Google ScholarGoogle ScholarCross RefCross Ref
  6. A. Al-Fuqaha, M. Guizani, M. Mohammadi, M. Aledhari, and M. Ayyash. 2015. Internet of things: A survey on enabling technologies, protocols, and applications. IEEE Commun. Surv. Tutor. 174 (2015), 2347–2376.Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. R. Xu. 2018. BlendCAC: A. smart contract enabled decentralized capability-based access control mechanism for the IoT. Computers 7, 3 (2018), 39.Google ScholarGoogle ScholarCross RefCross Ref
  8. E. Fernandes, J. Jung, and A. Prakash. 2016. Security analysis of emerging smart home applications. In Proceedings of the 37th IEEE Symposium on Security and Privacy.Google ScholarGoogle Scholar
  9. Tseng Lewis, Liwen Wong, Safa Otoum, Moayad Aloqaily, and Jalel Ben Othman. 2020. Blockchain for managing heterogeneous internet of things: A perspective architecture. IEEE Netw. 341 (2020), 16–23.Google ScholarGoogle Scholar
  10. Christina Patsioura. 2018. Blockchain and distributed ledger technologies: What’s the value for IoT?Technical Report. GSMA Intelligence.Google ScholarGoogle Scholar
  11. Tang Bo. 2019. IoT Passport: A blockchain-based trust framework for collaborative internet-of-things. In Proceedings of the 24th ACM Symposium on Access Control Models and Technologies. ACM, 2019. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Y. Tian. 2017. Smartauth: User-centered authorization for the internet of things. In Proceedings of the USENIX Security Conference.361–378. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Al Ridhawi, Ismaeel, Safa OtoumMoayad Aloqaily, Yaser Jararweh, and Thar Baker. 2020. Providing secure and reliable communication for next generation networks in smart cities. Sustain. Cities Soc. 56 (2020), 102080.Google ScholarGoogle ScholarCross RefCross Ref
  14. World Wide Web Consortium, W3C, INC. DIDs.Retrieved from https://w3c-ccg.github.io/did-spec/.Google ScholarGoogle Scholar
  15. C. Feng, et al. 2021. Efficient and secure data sharing for 5G flying drones: A blockchain-enabled approach. IEEE Network 35, 1 (2021), 130–137. DOI:10.1109/MNET.011.2000223Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. L. Tan, H. Xiao, K. Yu, M. Aloqaily, and Y. Jararweh. 2021. A Blockchain-empowered Crowdsourcing System for 5G-enabled Smart Cities. Computer Standards & Interfaces. https://doi.org/10.1016/j.csi.2021.103517.Google ScholarGoogle Scholar
  17. H. Li, K. Yu, B. Liu, C. Feng, Z. Qin, and G. Srivastava. 2021. An efficient ciphertext-policy weighted attribute-based encryption for the Internet of health things. In IEEE Journal of Biomedical and Health Informatics. DOI:10.1109/JBHI.2021.3075995Google ScholarGoogle Scholar
  18. R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. 1996. Role-based access control models. Computer 29, 2 (1996), 38–47. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. G. Zhang and J. Tian. 2010. An extended role-based access control model for the internet of things. In Proceedings of the IEEE International Conference onInformation Networking and Automation (ICINA’10). IEEE, V1–319.Google ScholarGoogle Scholar
  20. L. M. S. De Souza, P. Spiess, D. Guinard, M. Köhler, S. Karnouskos, and D. Savio. 2008. Socrades: A web service-based shop floor integration infrastructure. In The Internet of Things. Springer, 50–67. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. P. Spiess, S. Karnouskos, D. Guinard, D. Savio, O. Baecker, L. M. S. De Souza, and V. Trifa. 2009. SOA-based integration of the internet of things in enterprise services. In Proceedings of the IEEE International Conference onWeb Services(ICWS’09). IEEE, 968–975. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. R. Pandita, X. Xiao, W. Yang, W. Enck, and T. Xie. 2013. WHYPER: Towards automating risk assessment of mobile applications. In Proceedings of the 22nd USENIX Security Symposium (USENIX Security’13). 527–542. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. M. Zhang, Y. Duan, Q. Feng, and H. Yin. 2015. Towards automatic generation of security-centric descriptions for Android apps. In Proceedings of the22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, 518–529. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. N. Ye. 2014. An efficient authentication and access control scheme for perception layer of internet of things. Appl. Math. & Info. Sci. 8, 4 (2014), 1–8.Google ScholarGoogle Scholar
  25. Maanak Gupta and Ravi Sandhu. 2018. Authorization framework for secure cloud assisted connected cars and vehicular internet of things. In Proceedings of the23rd ACM on Symposium on Access Control Models and Technologies. ACM, 193–204. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. G. Ho, D. Leung, P. Mishra, A. Hosseini, D. Song, and D. Wagner. 2016. Smart locks: Lessons for securing commodity internet of things devices. In Proceedings of the 11th ACM Asia Conference on Computer and Communications Security.ACM, 461–472. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. I. Bouij-Pasquier, A. Ouahman, A. El Kalam, and M. Ouabiba de Montfort. 2015. SmartOrBAC security and privacy in the Internet of Things. In Proceedings of the IEEE/ACS 12th International Conference on Computer Systems and Applications.IEEE, 1–8.Google ScholarGoogle Scholar
  28. SMARTTHINGS, INC. Samsung SmartThings. 2017. Retrieved fromhttps://www.smartthings.com/.Google ScholarGoogle Scholar
  29. GOOGLE, INC. Brillo. 2016. Retrieved from https://developers.google.com/brillo/.Google ScholarGoogle Scholar
  30. GOOGLE, INC. Weave. 2016. Retrieved from https://developers.google.com/weave/.Google ScholarGoogle Scholar
  31. APPLE, INC. Apple HomeKit. 2016. Retrieved from http://www.apple.com/ios/home/.Google ScholarGoogle Scholar
  32. FCCONTROL 4, INC. fccontrol4. 2019. Retrieved from https://www.fccontrol4.com/.Google ScholarGoogle Scholar
  33. H. Shafagh, L. Burkhalter, A. Hithnawi, and S. Duquennoy. 2017. Towards blockchain-based auditable storage and sharing of IoT data. In Proceedings of theCloud Computing Security Workshop. ACM, 45–50. DOI:10.1145/3140649.3140656. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Y. Mei. 2017. Simplification model construction of internet access control based on blockchain. J. Commun. Univ. China 24,5 (2017), 7–12.Google ScholarGoogle Scholar
  35. A. Dorri, S. S. Kanhere, R. Jurdak, and P. Gauravaram. 2017. Blockchain for IoT security and privacy: The case study of a smart home. In Proceedings of the International Conference onPervasive Computing and Communications Workshops (PerCom Workshops’17). IEEE, 618–623.Google ScholarGoogle Scholar
  36. G. Zyskind and O. Nathan. 2015. Decentralizing privacy: Using blockchain to protect personal data. In Proceedings of the IEEE Security and Privacy Workshops (SPW’15). IEEE, 180–184. DOI:10.1109/SPW.2015.27 Google ScholarGoogle ScholarCross RefCross Ref
  37. Y. Zhang, S. Kasahara, Y. Shen, X. Jiang, and J. Wan. 2019. Smart contract-based access control for the Internet of things. IEEE Internet of Things Journal 6, 2 (2019), 1594–1605. DOI:10.1109/JIOT.2018.2847705Google ScholarGoogle ScholarCross RefCross Ref
  38. N. Rifi, E. Rachkidi, N. Agoulmine, and N. C. Taher. 2017. Towards using blockchain technology for IoT data access protection. In Proceedings of theIEEE 17th International Conference on Ubiquitous Wireless Broadband (ICUWB’17)IEEE, 1–5. DOI:10.1109/ICUWB.2017.8251003Google ScholarGoogle Scholar
  39. N. Fotiou, I. Pittaras, V. A. Siris, and G. C. Polyzos. 2019. Enabling opportunistic users in multi-tenant IoT systems using decentralized identifiers and permissioned blockchains. In Proceedings of the 2nd International ACM Workshop on Security and Privacy for the Internet-of-Things (IoT S&P’19). Association for Computing Machinery, New York, NY, USA, 22–23. DOI:https://doi.org/10.1145/3338507.3358622 Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Y. Kortesniemi, D. Lagutin, T. Elo, and N. Fotiou. 2019. Improving the Privacy of IoT with Decentralised Identifiers (DIDs). Journal of Computer Networks and Communications 2019, Article 8706760 (2019), 10 pages. https://doi.org/10.1155/2019/8706760.Google ScholarGoogle Scholar
  41. FISCO BCOS, INC. FISCO BCOS. 2020. Retrieved from http://www.fisco-bcos.org/.Google ScholarGoogle Scholar
  42. E. Yuan and J. Tong. 2005. Attributed based access control (ABAC) for web services. In Proceedings of theIEEE International Conference on Web Services. DOI:10.1109/ICWS.2005.25 Google ScholarGoogle ScholarDigital LibraryDigital Library
  43. M. Hemdi and R. Deters. 2016. Using REST based protocol to enable ABAC within IoT systems. In Proceedings of theInformation Technology, Electronics and Mobile Communication Conference. IEEE, 1–7. DOI:10.1109/IEMCON.2016.7746297Google ScholarGoogle Scholar
  44. J. Wu, M. Dong, K. Ota, and B. Pei. 2014. A fine-grained cross-domain access control mechanism for social internet of things. In Ubiquitous Intelligence and Computing. IEEE, 666–671. DOI:10.1109/UIC-ATC-ScalCom.2014.140 Google ScholarGoogle ScholarDigital LibraryDigital Library
  45. I. A. Ridhawi, S. Otoum, M. Aloqaily, and A. Boukerche. 2014. Generalizing AI: challenges and opportunities for plug and play AI solutions. IEEE Network 35, 1 (2014), 372–379. DOI:10.1109/MNET.011.2000371Google ScholarGoogle ScholarDigital LibraryDigital Library
  46. K. Sun and L. Yin. 2014. Attribute-role-based hybrid access control in the internet of things. In Proceedings of theAsia-Pacific Web Conference. Springer International Publishing, 333–343. DOI:10.1007/978-3-319-11119-3_31Google ScholarGoogle Scholar
  47. G. Zhang and Gong W.2011. The research of access control based on UCON in the internet of things. J. Softw. 6,4 (2011), 724–731. DOI:10.4304/jsw.6.4.724-731Google ScholarGoogle Scholar
  48. G. Zhang and W. Gong. 2012. The research of access control in the application of VANET based on UCON. Procedia Eng. 29 (2012), 4091–4095. DOI:10.1016/j.proeng.2012.01.625Google ScholarGoogle ScholarCross RefCross Ref
  49. J. Park and R. Sandhu. 2002. Towards usage control models: Beyond traditional access control. In Proceedings of the ACM Symposium on Access Control Models and Technologies (SACMAT’02). Association for Computing Machinery, 57–64. DOI:10.1145/507711.507722 Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. H. Shen and S. Liu. 2014. Context-aware capability-based access control framework for the internet of things. Journal of Wuhan University60 (2014), 424–428. DOI:10.14188/j.1671-8836. 2014.05.008Google ScholarGoogle Scholar
  51. S. Gusmeroli, S. Piccione, and D. A. Rotondi. Capability-based becurity approach to manage access control in the internet of things. Math. Comput. Model. 58, 5–6 (2013), 1189–1205. DOI:10.1016/j.mcm.2013.02.006Google ScholarGoogle Scholar
  52. R. Want. 2006. An introduction to RFID technology. IEEE Pervas. Comput. 5, 1 (2006), 25–33. Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. Yuan Yong and Wang Feiyue. 2016. Current status and prospects of blockchain technology development. J. Automat. 42, 4 (2016), 481–494.Google ScholarGoogle Scholar

Index Terms

  1. A Blockchain-empowered Access Control Framework for Smart Devices in Green Internet of Things

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    HTML Format

    View this article in HTML Format .

    View HTML Format
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!