Yuanyu Zhang,Shoji Kasahara,Yulong Shen,Xiaohong Jiang,Jianxiong Wan

DOI: https://doi.org/10.1109/jiot.2018.2847705

IF: 10.6

2018-01-01

IEEE Internet of Things Journal

Abstract:This paper investigates a critical access control issue in the Internet of Things (IoT). In particular, we propose a smart contract-based framework, which consists of multiple access control contracts (ACCs), one judge contract (JC) and one register contract (RC), to achieve distributed and trustworthy access control for IoT systems. Each ACC provides one access control method for a subject-object pair, and implements both static access right validation based on predefined policies and dynamic access right validation by checking the behavior of the subject. The JC implements a misbehavior-judging method to facilitate the dynamic validation of the ACCs by receiving misbehavior reports from the ACCs, judging the misbehavior and returning the corresponding penalty. The RC registers the information of the access control and misbehavior-judging methods as well as their smart contracts, and also provides functions (e.g., register, update and delete) to manage these methods. To demonstrate the application of the framework, we provide a case study in an IoT system with one desktop computer, one laptop and two Raspberry Pi single-board computers, where the ACCs, JC and RC are implemented based on the Ethereum smart contract platform to achieve the access control.

Mpyana Mwamba Merlec,Hoh Peter In

DOI: https://doi.org/10.1109/jiot.2024.3371504

IF: 10.6

2024-01-01

IEEE Internet of Things Journal

Abstract:Integrating blockchain technology with the Internet of Things (IoT) facilitates seamless interaction between IoT devices and systems to securely share, access, and exchange data. However, ensuring adequate access control within blockchain-enabled IoT (BIoT) systems remains a significant challenge. It is often difficult to adapt existing access control mechanisms to the dynamic and context-dependent nature of IoT environments, necessitating a robust context-aware approach to ensure adequate security and the privacy of resources within BIoT systems. In this paper, we propose a novel smart contract-enabled context-aware access control (SC-CAAC) scheme for BIoT systems. It utilizes context-aware access control models that consider contextual information, including user profile, purpose, date, time, location, resource, and operating environment specifications, to make access control decisions. Smart contracts dynamically enforce access control policies and manage access permissions, ensuring that sensitive data and resources are accessible only to authorized users. The proposed scheme leverages the immutability, transparency, and decentralization of a blockchain that is shared by multiple participants in a consortium network, removing the need for a central authority to record and audit access control policies and decisions and promoting accountability and trust. The implementation and evaluation of our proposed scheme using the Hyperledger Besu blockchain demonstrates its effectiveness and scalability in real-world scenarios.

computer science, information systems,telecommunications,engineering, electrical & electronic

Chen Zhonghua,S. B. Goyal,Anand Singh Rajawat

DOI: https://doi.org/10.1007/s11227-023-05517-4

IF: 3.3

2023-07-18

The Journal of Supercomputing

Abstract:In order to solve the problem of data security and management between IoT edge nodes and massive heterogeneous devices, combined with the wide application of blockchain technology in distributed system data security management, a blockchain-based Internet of Things access control model (SC-ABAC) is proposed by combining smart contracts and attribute-based access control. The traditional consensus algorithm PoW (Proof of Work) and SC-ABAC access control management process are optimized. By quantitative analysis, the time to call contracts in the query process increases linearly, the time of the policy addition and judgment process is constant, and the energy consumption of the optimized consensus mechanism is smaller than that of the PoW unit. This model provides decentralized, fine-grained, and dynamic access control management in IoT environments, enabling distributed systems to reach consensus faster and ensure data consistency.

computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

Aqsa Rashid,Asif Masood,Atta ur Rehman Khan

DOI: https://doi.org/10.1007/s11277-024-11266-1

IF: 2.017

2024-06-27

Wireless Personal Communications

Abstract:Centralized access control systems are unsuitable for IoT due to their resource-constrained, heterogeneous, and dynamic nature. Blockchain-assisted decentralized access control systems exist for IoT, but those approaches are tokenization-based. In some cases, IoT devices are not part of the blockchain network due to which they cannot interact with the access control system directly. Instead, they need a trusted admin, management hub, or a fog node for permissions verification and access to resources. This paper presents a smart contract and blockchain-assisted framework for the access control systems in the IoT enterprise environment, called ACS-IoT. In the proposed framework, resource-constrained IoT devices belong to the blockchain network. Therefore, these devices can directly access the permitted resources without any centrally administered authority and management hub's verification. We used smart contract and Ethereum blockchain for the new framework. Smart contract allows automated enforcement of access policies and serves as an autonomous agent running exactly as programmed. The proposed framework is validated through implementation of the proof of concept, and implemented prototype is deployed and tested on the Ethereum test network. The obtained results confirm that usage of blockchain and smart contract can be used as access management technology in the IoT enterprise environment.

telecommunications

Syed Yawar Abbas Zaidi,Munam Ali Shah,Hasan Ali Khattak,Carsten Maple,Hafiz Tayyab Rauf,Ahmed M. El-Sherbeeny,Mohammed A. El-Meligy

DOI: https://doi.org/10.3390/su131910556

IF: 3.9

2021-09-23

Sustainability

Abstract:With opportunities brought by the Internet of Things (IoT), it is quite a challenge to maintain concurrency and privacy when a huge number of resource-constrained distributed devices are involved. Blockchain have become popular for its benefits, including decentralization, persistence, immutability, auditability, and consensus. Great attention has been received by the IoT based on the construction of distributed file systems worldwide. A new generation of IoT-based distributed file systems has been proposed with the integration of Blockchain technology, such as the Swarm and Interplanetary File System. By using IoT, new technical challenges, such as Credibility, Harmonization, large-volume data, heterogeneity, and constrained resources are arising. To ensure data security in IoT, centralized access control technologies do not provide credibility. In this work, we propose an attribute-based access control model for the IoT. The access control lists are not required for each device by the system. It enhances access management in terms of effectiveness. Moreover, we use blockchain technology for recording the attribute, avoiding data tempering, and eliminating a single point of failure at edge computing devices. IoT devices control the user’s environment as well as his or her private data collection; therefore, the exposure of the user’s personal data to non-trusted private and public servers may result in privacy leakage. To automate the system, smart contracts are used for data accessing, whereas Proof of Authority is used for enhancing the system’s performance and optimizing gas consumption. Through smart contracts, ciphertext can be stored on a blockchain by the data owner. Data can only be decrypted in a valid access period, whereas in blockchains, the trace function is achieved by the storage of invocation and the creation of smart contracts. Scalability issues can also be resolved by using the multichain blockchain. Eventually, it is concluded from the simulation results that the proposed system is efficient for IoT.

environmental sciences,environmental studies,green & sustainable science & technology

Qinghua Gong,Jinnan Zhang,Zheng Wei,Xinmin Wang,Xia Zhang,Xin Yan,Yang Liu,Liming Dong

DOI: https://doi.org/10.3390/s24072267

IF: 3.9

2024-04-03

Sensors

Abstract:With the rapid growth of the Internet of Things (IoT), massive terminal devices are connected to the network, generating a large amount of IoT data. The reliable sharing of IoT data is crucial for fields such as smart home and healthcare, as it promotes the intelligence of the IoT and provides faster problem solutions. Traditional data sharing schemes usually rely on a trusted centralized server to achieve each attempted access from users to data, which faces serious challenges of a single point of failure, low reliability, and an opaque access process in current IoT environments. To address these disadvantages, we propose a secure and dynamic access control scheme for the IoT, named SDACS, which enables data owners to achieve decentralized and fine-grained access control in an auditable and reliable way. For access control, attribute-based control (ABAC), Hyperledger Fabric, and interplanetary file system (IPFS) were used, with four kinds of access control contracts deployed on blockchain to coordinate and implement access policies. Additionally, a lightweight, certificateless authentication protocol was proposed to minimize the disclosure of identity information and ensure the double-layer protection of data through secure off-chain identity authentication and message transmission. The experimental and theoretical analysis demonstrated that our scheme can maintain high throughput while achieving high security and stability in IoT data security sharing scenarios.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Yong Zhu,Xiao Wu,Zhihui Hu

DOI: https://doi.org/10.3390/electronics11010167

IF: 2.9

2022-01-05

Electronics

Abstract:Traditional centralized access control faces data security and privacy problems. The core server is the main target to attack. Single point of failure risk and load bottleneck are difficult to solve effectively. And the third-party data center cannot protect data owners. Traditional distributed access control faces the problem of how to effectively solve the scalability and diversified requirements of IoT (Internet of Things) applications. SCAC (Smart Contract-based Access Control) is based on ABAC (Attributes Based Access Control) and RBAC (Role Based Access Control). It can be applied to various types of nodes in different application scenarios that attributes are used as basic decision elements and authorized by role. The research objective is to combine the efficiency of service orchestration in edge computing with the security of consensus mechanism in blockchain, making full use of smart contract programmability to explore fine grained access control mode on the basis of traditional access control paradigm. By designing SSH-based interface for edge computing and blockchain access, SCAC parameters can be found and set to adjust ACLs (Access Control List) and their policies. The blockchain-edge computing combination is powerful in causing significant transformations across several industries, paving the way for new business models and novel decentralized applications. The rationality on typical process behavior of management services and data access control be verified through CPN (Color Petri Net) tools 4.0, and then data statistics on fine grained access control, decentralized scalability, and lightweight deployment can be obtained by instance running in this study. The results show that authorization takes into account both security and efficiency with the “blockchain-edge computing” combination.

engineering, electrical & electronic,computer science, information systems,physics, applied

Mohammed Amine Bouras,Boming Xia,Adnan Omer Abuassba,Huansheng Ning,Qinghua Lu

DOI: https://doi.org/10.7717/peerj-cs.455

2021-04-08

Abstract:Access control is a critical aspect for improving the privacy and security of IoT systems. A consortium is a public or private association or a group of two or more institutes, businesses, and companies that collaborate to achieve common goals or form a resource pool to enable the sharing economy aspect. However, most access control methods are based on centralized solutions, which may lead to problems like data leakage and single-point failure. Blockchain technology has its intrinsic feature of distribution, which can be used to tackle the centralized problem of traditional access control schemes. Nevertheless, blockchain itself comes with certain limitations like the lack of scalability and poor performance. To bridge the gap of these problems, here we present a decentralized capability-based access control architecture designed for IoT consortium networks named IoT-CCAC. A blockchain-based database is utilized in our solution for better performance since it exhibits favorable features of both blockchain and conventional databases. The performance of IoT-CCAC is evaluated to demonstrate the superiority of our proposed architecture. IoT-CCAC is a secure, salable, effective solution that meets the enterprise and business's needs and adaptable for different IoT interoperability scenarios.

Peng Wang,Yanlin Yue,Wen Sun,Jiajia Liu

DOI: https://doi.org/10.1109/wimob.2019.8923232

2019-01-01

Abstract:In IoT, a flexible and trustworthy access control framework is of significance to ensure the security of lightweight IoT devices. The conventional centralized access control framework is no longer fit for the open and large-scale IoT environments. In this paper, we propose an attribute-based distributed access control framework (ADAC) for IoT using blockchain technology. The attributes, such as manufacturer and object-specified attribute, are considered in the proposed ADAC for more fine-grained access control in the open and lightweight IoT devices. Particularly, we design a smart contract system, which includes a subject contract (SC), an object contract (OC), an access control contract (ACC) and multiple policy contracts (PCs), to manage and access attributes of IoT devices for distributed and trustworthy access control (DTAC). SC and OC are responsible for managing subject attribute and object attribute information, respectively. PCs are used to manage access control policies. ACC performs authorization judgment by accessing attributes and policies. Finally, a case study is performed to demonstrate the workflow and show that ADAC could achieve fine-grained and flexible access control for IoT.

Jiujiang Han,Yuxiang Zhang,Jian Liu,Ziyuan Li,Ming Xian,Huimei Wang,Feilong Mao,Yu Chen

DOI: https://doi.org/10.3390/electronics11172710

IF: 2.9

2022-08-30

Electronics

Abstract:With the rapid development of physical networks, tens of billions of Internet of Things (IoT) devices have been deployed worldwide. Access control is essential in the IoT system, which manages user access to vital IoT data. However, access control for the IoT is mainly based on centralized trusted servers, which face problems such as a single point of failure and data leakage. To tackle these challenges, we propose an access control framework for the IoT by combining blockchain and Intel software guard extension (SGX) technology. A blockchain validates both IoT devices and edge servers added to the network. The access control contract is deployed on the blockchain, which can manage attribute-based access control policies in a fine-grained manner and make access control decisions flexibly. SGX technology is introduced into the edge computing server to realize the confidentiality of data processing. Finally, we implemented the prototype of the framework on Quorum and conducted extensive experiments and theoretical analyses on the performance of the blockchain. The results of the experimental tests and theoretical analyses show that our framework has more advantages in computing costs and on-chain storage costs.

engineering, electrical & electronic,computer science, information systems,physics, applied

Rashmi Raj,Mohona Ghosh

DOI: https://doi.org/10.1007/s12083-024-01648-4

IF: 3.488

2024-03-09

Peer-to-Peer Networking and Applications

Abstract:To ensure safe exchange of data in IoT-enabled-supply-chain network and safeguard other security issues, IoT devices should have an access control system that can regulate resource access in a permissioned manner. Traditional access control mechanisms (ACM) can guarantee that but lack wide adoption owing to centralized architecture, single point of failure, and limited security. A blockchain-based ACM can address all the above challenges, however, still some limitations exist. Firstly, blockchain provides data verifiability and user transparency, meaning that all stored information is accessible to network nodes for verification leading to privacy issues of sensitive data. Secondly, encryption-based solutions can address the privacy concern but require sharing of secret keys with unknown peers entailing another security risk. Thirdly, due to limited block size in blockchain, IoT-enabled-supply-chain networks prefer storing all the data in the cloud or a central server, which has their own threat concerns. In this work, we propose a blockchain-based ACM that integrates Bell La Padula (BLP) Model, Proxy Re-Encryption, and IPFS to address all the above challenges. BLP enforces fine-grained access control without performing high computation and ensures data confidentiality. With the Proxy Re-encryption, only authorized parties can decrypt data but without revealing the private key of the data owner. Meanwhile, IPFS eliminates the need for cloud servers and provides a more secure offsite storage. The security analysis of the proposed framework is presented using BAN logic. We also provide a thorough security comparison with other peer models to establish the superiority of our proposed work. Furthermore, smart contract-based implementation through Truffle is done to analyse the framework's effectiveness.

computer science, information systems,telecommunications

Rahul Saha,Gulshan Kumar,Mauro Conti,Tannishtha Devgun,Tai-hoon Kim,Mamoun Alazab,Reji Thomas

DOI: https://doi.org/10.1109/tii.2021.3108676

IF: 12.3

2022-05-01

IEEE Transactions on Industrial Informatics

Abstract:The integration between blockchains, Internet-of-Thing (IoT), and smart contracts is an emerging and promising technology. The advantages of this technology have raised the importance of Industrial Internet-of-Thing (IIoT) and have paved the pathway for "Industry 4.0." Surprisingly, access control has received less attention in IIoTs. Though there are some solutions coming forward to use blockchains for IIoT to enable secure and resilient access control management, the challenge is to satisfy the low-latency requirements of IIoTs for validating and adding the blocks to the chain. Besides, role-based and rule-based access controls in the existing systems can be forged without organizational access controls and compliance. Therefore, we address these problems in this article. In the present work, we propose DHACS, a Decentralized Hybrid Access Control for Smart contract, for IIoTs. DHACS aims to provide transparency, reliability, and robustness to the existing access control mechanism in IIoTs. The framework is based on blockchain feasibilities that contribute to an interconnected hybrid access control through smart contract provision. It is a novel idea in the domain of IIoTs. We use three access control strategies, role-based, rule-based, and organization-based, to develop a hybrid approach for smart contract in DHACS. The operational transactions along with their access controls are accounted and blocks are made by the transaction pooler and block creator. We use a private blockchain environment; however, it can be extended to a public blockchain or consortium blockchain for geographical distributed dependency. We compare DHACS with three existing approaches in recent time. We measure the performance in terms of computational costs, storage complexity, and energy consumption. DHACS outperforms the others approaches and is considered to be efficient for IIoT applications with more t-an 30% better efficiency in access control management. To the best of our knowledge, DHACS is the first attempt to use decentralized blockchains with smart contract for hybrid access control in IIoTs.

automation & control systems,computer science, interdisciplinary applications,engineering, industrial

Yongtao Huang,I-Ling Yen,Farokh Bastani

2024-05-25

Abstract:The Internet of Things (IoT) necessitates robust access control mechanisms to secure a vast array of interconnected devices. Most of the existing IoT systems in practice use centralized solutions. We identify the problems in such solutions and adopt the blockchain based decentralized access control approach. Though there are works in the literature that use blockchain for access control, there are some gaps in these works. We develop a blockchain embedded access control (BEAC) framework to bridge the gaps. First, blockchain based solutions for access control require an enabling P2P network while existing P2P overlays do not support some required features. We develop a novel P2P infrastructure to seamlessly support our BEAC framework. Second, most of the works consider blockchain based access control for a single access control model, and we develop a generic blockchain mechanism and show that it can support the embedding of various access control models. Finally, existing works adopt existing blockchain mechanisms which may incur a high communication overhead. We develop a shortcut approach to improve the number of message rounds in the access protocol. Our experiments demonstrate the efficacy of our system, showing that the shortcut mechanism can reduces access time by approximately 43%.

Distributed, Parallel, and Cluster Computing,Cryptography and Security

Haoxiang Song,Zhe Tu,Yajuan Qin

DOI: https://doi.org/10.3390/s22218339

2022-10-30

Abstract:With the development of 5G and the Internet of things (IoT), the multi-domain access of massive devices brings serious data security and privacy issues. At the same time, most access systems lack the ability to identify network attacks and cannot adopt dynamic and timely defenses against various security threats. To this end, we propose a blockchain-based access control and behavior regulation system for IoT. Relying on the attribute-based access control model, this system deploys smart contracts on the blockchain to achieve distributed and fine-grained access control and ensures that the identity and authority of access users can be trusted. At the same time, an inter-domain communication mechanism is designed based on the locator/identifier separation protocol and ensures the traffic of access users are authorized. A feedback module that combines traffic detection and credit evaluation is proposed, ensuring real-time detection and fast, proactive responses against malicious behavior. Ultimately, all modules are linked together through workflows to form an integrated security model. Experiments and analysis show that the system can effectively provide comprehensive security protection in IoT scenarios.

Palak Bagga,Ashok Kumar Das,Vinay Chamola,Mohsen Guizani

DOI: https://doi.org/10.1007/s11235-022-00938-7

Abstract:With rapid advancements in the technology, almost all the devices around are becoming smart and contribute to the Internet of Things (IoT) network. When a new IoT device is added to the network, it is important to verify the authenticity of the device before allowing it to communicate with the network. Hence, access control is a crucial security mechanism that allows only the authenticated node to become the part of the network. An access control mechanism also supports confidentiality, by establishing a session key that accomplishes secure communications in open public channels. Recently, blockchain has been implemented in access control protocols to provide a better security mechanism. The foundation of this survey article is laid on IoT, where a detailed description on IoT, its architecture and applications is provided. Further, various security challenges and issues, security attacks possible in IoT and their countermeasures are also provided. We emphasize on the blockchain technology and its evolution in IoT. A detailed description on existing consensus mechanisms and how blockchain can be used to overpower IoT vulnerabilities is highlighted. Moreover, we provide a comprehensive description on access control protocols. The protocols are classified into certificate-based, certificate-less and blockchain-based access control mechanisms for better understanding. We then elaborate on each use case like smart home, smart grid, health care and smart agriculture while describing access control mechanisms. The detailed description not only explains the implementation of the access mechanism, but also gives a wider vision on IoT applications. Next, a rigorous comparative analysis is performed to showcase the efficiency of all protocols in terms of computation and communication costs. Finally, we discuss open research issues and challenges in a blockchain-envisioned IoT network.

Teng Hu,Siqi Yang,Yanping Wang,Gongliang Li,Yulong Wang,Gang Wang,Mingyong Yin

DOI: https://doi.org/10.3390/s23208535

2023-10-18

Abstract:With the rapid advancement of network communication and big data technologies, the Internet of Things (IoT) has permeated every facet of our lives. Meanwhile, the interconnected IoT devices have generated a substantial volume of data, which possess both economic and strategic value. However, owing to the inherently open nature of IoT environments and the limited capabilities and the distributed deployment of IoT devices, traditional access control methods fall short in addressing the challenges of secure IoT data management. On the one hand, the single point of failure issue is inevitable for the centralized access control schemes. On the other hand, most decentralized access control schemes still face problems such as token underutilization, the insecure distribution of user permissions, and inefficiency.This paper introduces a blockchain-based access control framework to address these challenges. Specifically, the proposed framework enables data owners to host their data and achieves user-defined lightweight data management. Additionally, through the strategic amalgamation of smart contracts and hash-chains, our access control scheme can limit the number of times (i.e., n-times access) a user can access the IoT data before the deadline. This also means that users can utilize their tokens multiple times (predefined by the data owner) within the deadline, thereby improving token utilization while ensuring strict access control. Furthermore, by leveraging the intrinsic characteristics of blockchain, our framework allows data owners to gain capabilities for auditing the access records of their data and verifying them. To empirically validate the effectiveness of our proposed framework and approach, we conducted extensive simulations, and the experimental results demonstrated the feasibility and efficiency of our solution.

Benkhaddra Ilyas,Abhishek Kumar,Setitra Mohamed Ali,Hang Lei

DOI: https://doi.org/10.1007/s11042-024-19232-6

IF: 2.577

2024-01-01

Multimedia Tools and Applications

Abstract:Deploying the Internet of Things (IoT) in the transfer of enormous medical data often promotes challenges with the security, confidentiality, and privacy of the user’s sensitive data. In addition, the access control for prohibiting unauthorized access has been facing challenges with single-point-of-failure, collusion, and other security issues. To address these challenges associated with IoT access control, this research proposes a Blockchain-enabled IoT access control for sharing Electronic health records (EHR). The proposed authentic access control scheme transfers the data to the authenticated user without discrepancies. The proposed technique utilizes the hyperledger composer fabric blockchain that improves the transparency and traceability of the network, and the intelligent contract keeps track of the information, which reduces the possibility of unauthorized access. The proposed access control scheme validates the request effectively and transmits the data efficiently. The effectiveness of the proposed access control scheme is evaluated by analyzing the blocks in terms of metrics such as responsiveness of 185.47 secs, 95

Sheng Ding,Jin Cao,Chen Li,Kai Fan,Hui Li

DOI: https://doi.org/10.1109/access.2019.2905846

IF: 3.9

2019-01-01

IEEE Access

Abstract:With the sharp increase in the number of intelligent devices, the Internet of Things (IoT) has gained more and more attention and rapid development in recent years. It effectively integrates the physical world with the Internet over existing network infrastructure to facilitate sharing data among intelligent devices. However, its complex and large-scale network structure brings new security risks and challenges to IoT systems. To ensure the security of data, traditional access control technologies are not suitable to be directly used for implementing access control in IoT systems because of their complicated access management and the lack of credibility due to centralization. In this paper, we proposed a novel attribute-based access control scheme for IoT systems, which simplifies greatly the access management. We use blockchain technology to record the distribution of attributes in order to avoid single point failure and data tampering. The access control process has also been optimized to meet the need for high efficiency and lightweight calculation for IoT devices. The security and performance analysis show that our scheme could effectively resist multiple attacks and be efficiently implemented in IoT systems.

Nikos Fotiou,Iakovos Pittaras,Vasilios A. Siris,Spyros Voulgaris,George C. Polyzos

DOI: https://doi.org/10.48550/arXiv.1907.03904

2019-07-09

Abstract:Blockchains and smart contracts are an emerging, promising technology, that has received considerable attention. We use the blockchain technology, and in particular Ethereum, to implement a large-scale event-based Internet of Things (IoT) control system. We argue that the distributed nature of the "ledger," as well as, Ethereum's capability of parallel execution of replicated "smart contracts", provide the sought after automation, generality, flexibility, resilience, and high availability. We design a realistic blockchain-based IoT architecture, using existing technologies while by taking into consideration the characteristics and limitations of IoT devices and applications. Furthermore, we leverage blockchain's immutability and Ethereum's support for custom tokens to build a robust and efficient token-based access control mechanism. Our evaluation shows that our solution is viable and offers significant security and usability advantages.

Cryptography and Security

Xincheng Yan,Jianhua Wu,Na Zhou,Zhihong Jiang,Juqin Wu,Jianhui Yin,Ying Liu

DOI: https://doi.org/10.1109/ithings-greencom-cpscom-smartdata-cybermatics60724.2023.00040

2024-01-01

Abstract:With smart devices and high-speed networks advancing rapidly, the Internet of Things (IoT) is widespread across sectors. However personal privacy becomes a concern within the vast expanse of IoT data in this more convenient era. Access control stands out as a pivotal technology for safeguarding data integrity, ensuring authorized user-exclusive data access. Attribute-based access control (ABAC), a traditional access control model, offers the key benefit of allowing access control based on multiple attributes for enhanced flexibility. However, ABAC model faces drawbacks like single points of failure and limited transparency due to its single-server focus, potentially leading to data vulnerabilities. As a promising technology, blockchain provides novel approaches for designing new access control models. In this regard, we propose a blockchain-based security access control (BBSAC) model. On the basis of ABAC, the model uses blockchain technology to realize the decentralization, automation and fine-grained access control of Internet devices. At the same time, the trust value is used as an additional attribute to evaluate the reputation of different users, and the trust value is updated after each interaction to assign different access rights to different users, thereby realizing dynamic rights management. Theoretical analysis and experimental simulation results show that the model can maintain high throughput under a large number of requests while ensuring fine-grained and dynamic access control.