TY - JOUR
T1 - On the design of a flexible delegation model for the Internet of Things using blockchain
AU - Pal, Shantanu
AU - Rabehaja, Tahiry
AU - Hitchens, Michael
AU - Varadharajan, Vijay
AU - Hill, Ambrose
PY - 2020/5
Y1 - 2020/5
N2 - The Internet of things (IoT) presents new opportunities and challenges due to its scale and dynamic nature. One significant challenge for the IoT is the need for security, in particular access control solutions, that are designed to meet the characteristics of these systems. Delegation of rights, from one entity to another, is a crucial component of an access control system. The IoT requires a secure, flexible, and fine-grained delegation model. While there has been considerable work in the area of delegation, much of it assumes a centralized, well-resourced system and these solutions have limited capacity in the context of the IoT. Where delegation models for the IoT have been proposed they typically provide only coarse-grained control over the delegation of rights. Moreover, many of them require a centralized trusted authority, which can suffer from a single-point failure and is not an ideal base for a large and dynamic system like the IoT. In this paper, we propose an identity-less, asynchronous, and decentralized delegation model for the IoT based on blockchain technology. We describe system components, architecture, and key aspects related to the security of the system. We use attributes to validate an entity rather than depending upon unique identities. We demonstrate the feasibility of our model through use-case examples and analyze the performance with a proof of concept testbed implementation using Ethereum private blockchain.
AB - The Internet of things (IoT) presents new opportunities and challenges due to its scale and dynamic nature. One significant challenge for the IoT is the need for security, in particular access control solutions, that are designed to meet the characteristics of these systems. Delegation of rights, from one entity to another, is a crucial component of an access control system. The IoT requires a secure, flexible, and fine-grained delegation model. While there has been considerable work in the area of delegation, much of it assumes a centralized, well-resourced system and these solutions have limited capacity in the context of the IoT. Where delegation models for the IoT have been proposed they typically provide only coarse-grained control over the delegation of rights. Moreover, many of them require a centralized trusted authority, which can suffer from a single-point failure and is not an ideal base for a large and dynamic system like the IoT. In this paper, we propose an identity-less, asynchronous, and decentralized delegation model for the IoT based on blockchain technology. We describe system components, architecture, and key aspects related to the security of the system. We use attributes to validate an entity rather than depending upon unique identities. We demonstrate the feasibility of our model through use-case examples and analyze the performance with a proof of concept testbed implementation using Ethereum private blockchain.
KW - Access control
KW - blockchain
KW - delegation
UR - http://www.scopus.com/inward/record.url?scp=85079776342&partnerID=8YFLogxK
U2 - 10.1109/TII.2019.2925898
DO - 10.1109/TII.2019.2925898
M3 - Article
AN - SCOPUS:85079776342
SN - 1551-3203
VL - 16
SP - 3521
EP - 3530
JO - IEEE Transactions on Industrial Informatics
JF - IEEE Transactions on Industrial Informatics
IS - 5
ER -