On the design of a flexible delegation model for the Internet of Things using blockchain

Shantanu Pal*, Tahiry Rabehaja, Michael Hitchens, Vijay Varadharajan, Ambrose Hill

*Corresponding author for this work

Research output: Contribution to journalArticle

Abstract

The Internet of things (IoT) presents new opportunities and challenges due to its scale and dynamic nature. One significant challenge for the IoT is the need for security, in particular access control solutions, that are designed to meet the characteristics of these systems. Delegation of rights, from one entity to another, is a crucial component of an access control system. The IoT requires a secure, flexible, and fine-grained delegation model. While there has been considerable work in the area of delegation, much of it assumes a centralized, well-resourced system and these solutions have limited capacity in the context of the IoT. Where delegation models for the IoT have been proposed they typically provide only coarse-grained control over the delegation of rights. Moreover, many of them require a centralized trusted authority, which can suffer from a single-point failure and is not an ideal base for a large and dynamic system like the IoT. In this paper, we propose an identity-less, asynchronous, and decentralized delegation model for the IoT based on blockchain technology. We describe system components, architecture, and key aspects related to the security of the system. We use attributes to validate an entity rather than depending upon unique identities. We demonstrate the feasibility of our model through use-case examples and analyze the performance with a proof of concept testbed implementation using Ethereum private blockchain.

Original languageEnglish
Pages (from-to)3521-3530
Number of pages10
JournalIEEE Transactions on Industrial Informatics
Volume16
Issue number5
DOIs
Publication statusPublished - May 2020

    Fingerprint

Keywords

  • Access control
  • blockchain
  • delegation

Cite this