TY - JOUR
T1 - On the integration of blockchain to the Internet of Things for enabling access right delegation
AU - Pal, Shantanu
AU - Rabehaja, Tahiry
AU - Hill, Ambrose
AU - Hitchens, Michael
AU - Varadharajan, Vijay
PY - 2020/4
Y1 - 2020/4
N2 - With the advancement of the Internet of Things (IoT) in recent years, there is a bigger potential to use online services than ever before. The use of the IoT brings numerous opportunities for both service providers and end users, however, it faces critical questions of security and privacy. Toward this, access control is one of the significant security challenges for the IoT, in particular, considering the characteristics of such IoT systems. To develop a secure access control architecture for the IoT, the propagation of access right delegation is a major issue. Many proposals present access control issues for the IoT but given the specific context of access right delegation, it is still in its infancy. This article presents an approach to address such a delegation issue for the IoT using the blockchain technology. We propose a delegation model that employv the critical issues, e.g., the use of nonunique identities, asynchronous and flexible delegation nature of communication for the IoT without the need of a centralized system. The goal of our primitive is to use attributes for validating the identity of an entity instead of relying on a concrete unique identity of an entity. To provide privacy for the attributes, we propose a dual blockchain architecture that moves the attribute storage and access of the public blockchain and onto a secure private blockchain. To demonstrate the feasibility of our proposed approach, we evaluate the system performances using the Ethereum blockchain network.
AB - With the advancement of the Internet of Things (IoT) in recent years, there is a bigger potential to use online services than ever before. The use of the IoT brings numerous opportunities for both service providers and end users, however, it faces critical questions of security and privacy. Toward this, access control is one of the significant security challenges for the IoT, in particular, considering the characteristics of such IoT systems. To develop a secure access control architecture for the IoT, the propagation of access right delegation is a major issue. Many proposals present access control issues for the IoT but given the specific context of access right delegation, it is still in its infancy. This article presents an approach to address such a delegation issue for the IoT using the blockchain technology. We propose a delegation model that employv the critical issues, e.g., the use of nonunique identities, asynchronous and flexible delegation nature of communication for the IoT without the need of a centralized system. The goal of our primitive is to use attributes for validating the identity of an entity instead of relying on a concrete unique identity of an entity. To provide privacy for the attributes, we propose a dual blockchain architecture that moves the attribute storage and access of the public blockchain and onto a secure private blockchain. To demonstrate the feasibility of our proposed approach, we evaluate the system performances using the Ethereum blockchain network.
KW - Access right delegation
KW - blockchain network
KW - Internet of Things (IoT)
UR - http://www.scopus.com/inward/record.url?scp=85083713628&partnerID=8YFLogxK
U2 - 10.1109/JIOT.2019.2952141
DO - 10.1109/JIOT.2019.2952141
M3 - Article
AN - SCOPUS:85083713628
SN - 2327-4662
VL - 7
SP - 2630
EP - 2639
JO - IEEE Internet of Things Journal
JF - IEEE Internet of Things Journal
IS - 4
ER -