TY - GEN
T1 - A blockchain-based interoperable architecture for IoT with selective disclosure of information
AU - Mukta, Rahma
AU - Pal, Shantanu
AU - Mishra, Shailesh
AU - Paik, Hye-Young
AU - Kanhere, Salil S.
AU - Hitchens, Michael
PY - 2023
Y1 - 2023
N2 - With the improvement of Internet of Things (IoT) technologies, services, and applications, there is a proliferation of access to smart devices in everyday life. However, granting access and controlling access rights for each resource is challenging in highly dynamic and large-scale IoT deployments. In particular, multiple access information may need to be provided to an entity when granting access rights to several resources. The situation becomes more complex when an entity is required to share its identity attribute to receive the access information. These raise the question of what identity information an entity needs to provide to obtain the required access to a particular resource and, subsequently, what access information needs to be provided when accessing that resource. That said, there is a need for a flexible approach where an entity can share a distinct identity and access attributes for accessing a resource without revealing additional information. Such flexibility in sharing information is significant given the privacy risk of an entity's identity. This paper presents an architecture that delivers access rights to an entity with selective disclosure of information. Our approach ensures the minimum exchange of information (identity and access attribute) to enhance an entity's privacy when granting access rights to an entity. We use blockchain to provide data authenticity (i.e., tamper-proof), transparency and automatic execution of access rights based on shared attributes using smart contracts. We implement a proof of concept of the proposed system using Hyperledger fabric as a permissioned blockchain network. Our results demonstrate the feasibility of the proposed system showing efficiency in granting access rights.
AB - With the improvement of Internet of Things (IoT) technologies, services, and applications, there is a proliferation of access to smart devices in everyday life. However, granting access and controlling access rights for each resource is challenging in highly dynamic and large-scale IoT deployments. In particular, multiple access information may need to be provided to an entity when granting access rights to several resources. The situation becomes more complex when an entity is required to share its identity attribute to receive the access information. These raise the question of what identity information an entity needs to provide to obtain the required access to a particular resource and, subsequently, what access information needs to be provided when accessing that resource. That said, there is a need for a flexible approach where an entity can share a distinct identity and access attributes for accessing a resource without revealing additional information. Such flexibility in sharing information is significant given the privacy risk of an entity's identity. This paper presents an architecture that delivers access rights to an entity with selective disclosure of information. Our approach ensures the minimum exchange of information (identity and access attribute) to enhance an entity's privacy when granting access rights to an entity. We use blockchain to provide data authenticity (i.e., tamper-proof), transparency and automatic execution of access rights based on shared attributes using smart contracts. We implement a proof of concept of the proposed system using Hyperledger fabric as a permissioned blockchain network. Our results demonstrate the feasibility of the proposed system showing efficiency in granting access rights.
UR - http://www.scopus.com/inward/record.url?scp=85182397908&partnerID=8YFLogxK
U2 - 10.1109/PRDC59308.2023.00016
DO - 10.1109/PRDC59308.2023.00016
M3 - Conference proceeding contribution
AN - SCOPUS:85182397908
SN - 9798350358773
SP - 53
EP - 63
BT - 2023 IEEE 28th Pacific Rim International Symposium on Dependable Computing PRDC 2023
PB - Institute of Electrical and Electronics Engineers (IEEE)
CY - Piscataway, NJ
T2 - 28th IEEE Pacific Rim International Symposium on Dependable Computing, PRDC 2023
Y2 - 24 October 2023 through 27 October 2023
ER -