Enabling Decentralized and Auditable Access Control for IoT through Blockchain and Smart Contracts

The increase in the interconnection of physical devices and the emergence of the 5 G paradigm foster the generation and distribution of massive amounts of data. The complexity associated with the management of these data requires a suitable access control approach that empowers citizens to control h...

Full description

Saved in:
Bibliographic Details
Published in:Security and communication networks Vol. 2022; pp. 1 - 14
Main Authors: Truong, Hien, Hernández-Ramos, José L., Martinez, Juan A., Bernal Bernabe, Jorge, Li, Wenting, Marin Frutos, Agustin, Skarmeta, Antonio
Format: Journal Article
Language:English
Published: London Hindawi 02-06-2022
Hindawi Limited
Subjects:
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The increase in the interconnection of physical devices and the emergence of the 5 G paradigm foster the generation and distribution of massive amounts of data. The complexity associated with the management of these data requires a suitable access control approach that empowers citizens to control how their data are shared, so potential privacy issues can be mitigated. While well-known access control models are widely used in web and cloud scenarios, the IoT ecosystem needs to address the requirements of lightness, decentralization, and scalability to control the access to data generated by a huge number of heterogeneous devices. This work proposes CapBlock, a design that integrates a capability-based access control model and blockchain technology for a fully distributed evaluation of authorization policies and generation of access credentials using smart contracts. CapBlock is intended to manage the access to information in federated IoT environments where data need to be managed through access control policies defined by different data providers. The feasibility of CapBlock has been successfully evaluated in the scope of the EU research project IoTCrawler, which aims at building a secure search engine for IoT data in large-scale scenarios.
ISSN:1939-0114
1939-0122
DOI:10.1155/2022/1828747