Sara Rouhani,Rafael Belchior,Rui S. Cruz,Ralph Deters

DOI: https://doi.org/10.48550/arXiv.2006.04384

2020-06-08

Cryptography and Security

Abstract:Auditing provides an essential security control in computer systems, by keeping track of all access attempts, including both legitimate and illegal access attempts. This phase can be useful to the context of audits, where eventual misbehaving parties can be held accountable. Blockchain technology can provide trusted auditability required for access control systems. In this paper, we propose a distributed \ac{ABAC} system based on blockchain to provide trusted auditing of access attempts. Besides auditability, our system presents a level of transparency that both access requestors and resource owners can benefit from it. We present a system architecture with an implementation based on Hyperledger Fabric, achieving high efficiency and low computational overhead. The proposed solution is validated through a use case of independent digital libraries. Detailed performance analysis of our implementation is presented, taking into account different consensus mechanisms and databases. The experimental evaluation shows that our presented system can process 5,000 access control requests with the send rate of 200 per second and a latency of 0.3 seconds.

Ye Lu,Tao Feng,Chunyan Liu,Wenbo Zhang

DOI: https://doi.org/10.32604/cmc.2023.046106

2024-01-01

Abstract:The Access control scheme is an effective method to protect user data privacy. The access control scheme based on blockchain and ciphertext policy attribute encryption (CP–ABE) can solve the problems of single—point of failure and lack of trust in the centralized system. However, it also brings new problems to the health information in the cloud storage environment, such as attribute leakage, low consensus efficiency, complex permission updates, and so on. This paper proposes an access control scheme with fine-grained attribute revocation, keyword search, and traceability of the attribute private key distribution process. Blockchain technology tracks the authorization of attribute private keys. The credit scoring method improves the Raft protocol in consensus efficiency. Besides, the interplanetary file system (IPFS) addresses the capacity deficit of blockchain. Under the premise of hiding policy, the research proposes a fine-grained access control method based on users, user attributes, and file structure. It optimizes the data-sharing mode. At the same time, Proxy Re-Encryption (PRE) technology is used to update the access rights. The proposed scheme proved to be secure. Comparative analysis and experimental results show that the proposed scheme has higher efficiency and more functions. It can meet the needs of medical institutions.

computer science, information systems,materials science, multidisciplinary

Yan Zhu,Yao Qin,Zhiyuan Zhou,Xiaoxu Song,Guowei Liu,William Cheng-Chung Chu

DOI: https://doi.org/10.1109/scc.2018.00032

2018-07-01

Abstract:Digital asset management (DAM) has increasing benefits in booming global Internet economy, but it is still a great challenge for providing an effective way to manage, store, ingest, organize and retrieve digital asset. To do it, we present a new digital asset management platform, called DAM-Chain, with Transaction-based Access Control (TBAC) which integrates the distribution ABAC model and the blockchain technology. In this platform, the ABAC provides flexible and diverse authorization mechanisms for digital asset escrowed into blockchain while the blockchain's transactions serve as verifiable and traceable medium of access request procedure. We also present four types of transactions to describe the TBAC access control procedure, and provide the algorithms of these transactions corresponding to subject registration, object escrowing and publication, access request and grant. By maximizing the strengths of both ABAC and blockchain, this platform can support flexible and diverse permission management, as well as verifiable and transparent access authorization process in an open decentralized environment.

Yaoliang Chen,Shi Chen,Jiao Liang,Lance Warren Feagan,Weili Han,Sheng Huang,X. Sean Wang

DOI: https://doi.org/10.1016/j.is.2020.101590

IF: 3.18

2020-01-01

Information Systems

Abstract:Blockchain is an emerging data management technology that enables people in a collaborative network to establish trusted connections with the other participants. Recently consortium blockchains have raised interest in a broader blockchain technology discussion. Instead of a fully public, autonomous network, consortium blockchain supports a network where participants can be limited to a subset of users and data access strictly controlled. Access control policies should be defined by the respective data owner and applied throughout the network without requiring a centralized data administrator. As a result, decentralized data access control (DDAC) emerges as a fundamental challenge for such systems. However, we show from a trust model for consortium collaborative networks that current consortium blockchain systems provide limited support for DDAC. Further, the distributed, replicated nature of blockchain makes it even more challenging to control data access, especially read access, compared with traditional DBMSes. We investigate possible strategies to protect data from being read by unauthorized users in consortium blockchain systems using combinations of ledger partitioning and encryption strategies. A general framework is proposed to help inexperienced users determine appropriate strategies under different application scenarios. The framework was implemented on top of Hyperledger Fabric to evaluate feasibility. Experimental results along with a real-world case study contrasted the performance of different strategies under various conditions and the practicality of the proposed framework.

Xuanmei Qin,Yongfeng Huang,Zhen Yang,Xing Li

DOI: https://doi.org/10.1016/j.sysarc.2020.101854

IF: 5.836

2021-01-01

Journal of Systems Architecture

Abstract:Ciphertext-policy attribute-based encryption(CP-ABE) has been widely studied and used in access control schemes for secure data sharing. Since in most of the existing attribute-based encryption methods, all user attributes are managed by a single central authority, it is easy to cause a single point of failure. Therefore, several multi-authority CP-ABE schemes are proposed to manage user attributes by multiple authorities. However, these schemes still do not eliminate the single point of failure in essence or suffer from high computation and communication overhead on data users. In this paper, we propose a Blockchain-based Multi-authority Access Control scheme called BMAC for sharing data securely. Shamir secret sharing scheme and permissioned blockchain (Hyperledger Fabric) are introduced to implement that each attribute is jointly managed by multiple authorities to avoid single point of failure. In addition, we take advantage of blockchain technology to establish trust among multiple authorities and exploit smart contracts to compute tokens for attributes managed across multiple management domains, which reduces communication and computation overhead on the data user side. Moreover, blockchain helps to record the access control process in a secure and auditable way. Finally, we analyze the security of the proposed algorithm. Further analysis and comparison show the performance of the proposed method.

Qinghua Gong,Jinnan Zhang,Zheng Wei,Xinmin Wang,Xia Zhang,Xin Yan,Yang Liu,Liming Dong

DOI: https://doi.org/10.3390/s24072267

IF: 3.9

2024-04-03

Sensors

Abstract:With the rapid growth of the Internet of Things (IoT), massive terminal devices are connected to the network, generating a large amount of IoT data. The reliable sharing of IoT data is crucial for fields such as smart home and healthcare, as it promotes the intelligence of the IoT and provides faster problem solutions. Traditional data sharing schemes usually rely on a trusted centralized server to achieve each attempted access from users to data, which faces serious challenges of a single point of failure, low reliability, and an opaque access process in current IoT environments. To address these disadvantages, we propose a secure and dynamic access control scheme for the IoT, named SDACS, which enables data owners to achieve decentralized and fine-grained access control in an auditable and reliable way. For access control, attribute-based control (ABAC), Hyperledger Fabric, and interplanetary file system (IPFS) were used, with four kinds of access control contracts deployed on blockchain to coordinate and implement access policies. Additionally, a lightweight, certificateless authentication protocol was proposed to minimize the disclosure of identity information and ensure the double-layer protection of data through secure off-chain identity authentication and message transmission. The experimental and theoretical analysis demonstrated that our scheme can maintain high throughput while achieving high security and stability in IoT data security sharing scenarios.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Arnab Chatterjee,Yash Pitroda,Manojkumar Parmar

DOI: https://doi.org/10.48550/arXiv.2002.05547

2020-02-13

Cryptography and Security

Abstract:Access control management is an integral part of maintaining the security of an application. Although there has been significant work in the field of cloud access control mechanisms, however, with the advent of Distributed Ledger Technology (DLT), on-chain access control management frameworks hardly exist. Existing access control management mechanisms are tightly coupled with the business logic, resulting in governance issues, non-coherent with existing Identity Management Solutions, low security, and compromised usability. We propose a novel framework to implement dynamic role-based access control for decentralized applications (dApps). The framework allows for managing access control on a dApp, which is completely decoupled from the business application and integrates seamlessly with any dApps. The smart contract architecture allows for the independent management of business logic and execution of access control policies. It also facilitates secure, low cost, and a high degree of flexibility of access control management. The proposed framework promotes decentralized governance of access control policies and efficient smart contract upgrades. We also provide quantitative and qualitative metrics for the efficacy and efficiency of the framework. Any Turing complete smart contract programming language is an excellent fit to implement the framework. We expect this framework to benefit enterprise and non-enterprise dApps and provide greater access control flexibility and effective integration with traditional and state of the art identity management solutions.

Asma Jodeiri Akbarfam,Sina Barazandeh,Deepti Gupta,Hoda Maleki

DOI: https://doi.org/10.48550/arXiv.2311.06236

2023-11-11

Abstract:Access control is a critical component of computer security, governing access to system resources. However, designing policies and roles in traditional access control can be challenging and difficult to maintain in dynamic and complex systems, which is particularly problematic for organizations with numerous resources. Furthermore, traditional methods suffer from issues such as third-party involvement, inefficiency, and privacy gaps, making transparent and dynamic access control an ongoing research problem. Moreover detecting malicious activities and identifying users who are not behaving appropriately can present notable difficulties. To address these challenges, we propose DLACB, a Deep Learning Based Access Control Using Blockchain, as a solution to decentralized access control. DLACB uses blockchain to provide transparency, traceability, and reliability in various domains such as medicine, finance, and government while taking advantage of deep learning to not rely on predefined policies and eventually automate access control. With the integration of blockchain and deep learning for access control, DLACB can provide a general framework applicable to various domains, enabling transparent and reliable logging of all transactions. As all data is recorded on the blockchain, we have the capability to identify malicious activities. We store a list of malicious activities in the storage system and employ a verification algorithm to cross-reference it with the blockchain. We conduct measurements and comparisons of the smart contract processing time for the deployed access control system in contrast to traditional access control methods, determining the time overhead involved. The processing time of DLBAC demonstrates remarkable stability when exposed to increased request volumes.

Cryptography and Security

Xuanmei Qin,Yongfeng Huang,Zhen Yang,Xing Li

DOI: https://doi.org/10.1016/j.ins.2020.12.035

IF: 8.1

2021-01-01

Information Sciences

Abstract:Attribute-based encryption (ABE) is considered to be one of the most suitable schemes for cryptographic access control in the big data environment. But it still faces many challenges to be applied in the Internet of Things (IoT). ABE is implemented based on bilinear pairing, which is considered to be an expensive operation. However, there are lots of IoT devices with constrained resources. Proxy re-encryption methods based on the cloud are proposed to reduce computing overhead on the user side, but an untrusted cloud may give incorrect computing results to mislead users. To solve this problem, an access control scheme with lightweight decryption based on ABE and blockchain technologies is proposed. We assume that the cloud is untrusted, and guarantee the accuracy of proxy re-encryption calculation based on blockchain. In addition, how to encourage users to obtain authorization through blockchain and record access behavior on the blockchain is a problem worthy of attention. This paper proposes a user credibility incentive mechanism, which calculates the user's credibility according to the user's access behavior and gives a reputation score, so as to dynamically adjust the endorsement protocol. Security analysis and experimental results show that the proposed method is reliable and efficient. (C) 2020 Elsevier Inc. All rights reserved.

Asma Jodeiri Akbarfam,Sina Barazandeh,Hoda Maleki,Deepti Gupta

DOI: https://doi.org/10.48550/arXiv.2303.14758

2023-03-26

Abstract:In general, deep learning models use to make informed decisions immensely. Developed models are mainly based on centralized servers, which face several issues, including transparency, traceability, reliability, security, and privacy. In this research, we identify a research gap in a distributed nature-based access control that can solve those issues. The innovative technology blockchain could fill this gap and provide a robust solution. Blockchain's immutable and distributed nature designs a useful framework in various domains such as medicine, finance, and government, which can also provide access control as opposed to centralized methods that rely on trusted third parties to access the resources. In existing frameworks, a traditional access control approach is developed using blockchain, which depends on predefined policies and permissions that are not reliable. In this research, we propose DLACB: Deep Learning Based Access Control Using Blockchain, which utilizes a deep learning access control mechanism to determine a user's permissions on a given resource. This proposed framework authenticates the users and logs the access requests on the blockchain to recognize malicious users. The results show that this proposed framework operates correctly for all possible scenarios.

Cryptography and Security

Jordi Paillisse,Jordi Subira,Albert Lopez,Alberto Rodriguez-Natal,Vina Ermagan,Fabio Maino,Albert Cabellos

DOI: https://doi.org/10.48550/arXiv.1901.03568

2019-01-11

Abstract:The specification and enforcement of network-wide policies in a single administrative domain is common in today's networks and considered as already resolved. However, this is not the case for multi-administrative domains, e.g. among different enterprises. In such situation, new problems arise that challenge classical solutions such as PKIs, which suffer from scalability and granularity concerns. In this paper, we present an extension to Group-Based Policy -- a widely used network policy language -- for the aforementioned scenario. To do so, we take advantage of a permissioned blockchain implementation (Hyperledger Fabric) to distribute access control policies in a secure and auditable manner, preserving at the same time the independence of each organization. Network administrators specify polices that are rendered into blockchain transactions. A LISP control plane (RFC 6830) allows routers performing the access control to query the blockchain for authorizations. We have implemented an end-to-end experimental prototype and evaluated it in terms of scalability and network latency.

Networking and Internet Architecture,Cryptography and Security

Libo Feng,Junyu Lin,Fei Qiu,Bei Yu,Zhihua Jin,Jinli Wang,Jing Cheng,Shaowen Yao

DOI: https://doi.org/10.1109/tnsm.2024.3371521

2024-01-01

IEEE Transactions on Network and Service Management

Abstract:Industrial big data has experienced from data silos due to its high potential value and strong security requirements, making it difficult to share securely across domains. Blockchain-based solutions allow nodes to establish access control to trusted data on unreliable or trustless networks, but still face issues such as inefficient data sharing and leakage of sensitive information. In this paper, we propose a blockchain-based access control scheme for privacy security and dynamic regulation. First, ciphertext policy attribute-based encryption (CP-ABE) is developed to gain fine-grained access to node resources, with verifiable outsourcing decryption method to significantly reduce computational pressure on end users. Second, a policy hiding method based on multi-chain architecture is proposed, which performs double hiding of attribute information and access policy information on the blockchain. Finally, a supervisory policy that incorporates dynamic trust assessment and smart contracts is proposed to achieve effective detection and hierarchical classification punishment of malicious behavior. Security analysis and experimental results show that our scheme can limit the complexity of terminal decryption at a constant level and effectively achieve secure and efficient access control in the industrial Internet environment.

computer science, information systems

Yongtao Huang,I-Ling Yen,Farokh Bastani

2024-05-25

Abstract:The Internet of Things (IoT) necessitates robust access control mechanisms to secure a vast array of interconnected devices. Most of the existing IoT systems in practice use centralized solutions. We identify the problems in such solutions and adopt the blockchain based decentralized access control approach. Though there are works in the literature that use blockchain for access control, there are some gaps in these works. We develop a blockchain embedded access control (BEAC) framework to bridge the gaps. First, blockchain based solutions for access control require an enabling P2P network while existing P2P overlays do not support some required features. We develop a novel P2P infrastructure to seamlessly support our BEAC framework. Second, most of the works consider blockchain based access control for a single access control model, and we develop a generic blockchain mechanism and show that it can support the embedding of various access control models. Finally, existing works adopt existing blockchain mechanisms which may incur a high communication overhead. We develop a shortcut approach to improve the number of message rounds in the access protocol. Our experiments demonstrate the efficacy of our system, showing that the shortcut mechanism can reduces access time by approximately 43%.

Distributed, Parallel, and Cluster Computing,Cryptography and Security

Nan Zhao,Hui Su,QingSheng Han,Yan Zhao

DOI: https://doi.org/10.1155/2022/4410075

IF: 3.12

2022-05-24

Computational Intelligence and Neuroscience

Abstract:In order to better mine the value of data, the author proposes a research on the automatic access control of big data open resources multimedia based on blockchain and introduces big data access control BBAC-BD (blockchain-based access control mechanism for big data environment). The author designed a strategy management contract based on the Bloom filter, as a probabilistic data structure with extremely high space utilization efficiency and proposed the strategic management contract (PAP CONTRACT) and the strategic decision contract (PDP CONTRACT). In this way, the nontampering, auditability, and verifiability of the access control information are guaranteed; then, the access control method based on smart contracts is adopted to realize the user-driven, whole-process transparent, and dynamic and automatic access control of big data resources. The simulation results show that the greater the ratio of n/k, the better the optimization effect, and the greater the ratio, the lower the corresponding misjudgment rate, but it will also take up more space costs. At the same time, the true value of the false positive rate is generally less than the theoretical value of the false positive rate. When the performance of Hash (strategy to retrieve) is better, the result of Hash distribution is more uniform. Under the condition of m = 3, the misjudgment rate acceptable for the expected use can be achieved, and the increase in the number of Hashes will not bring a significant increase in revenue. Freed from the traditional model of providing access control services based on third parties, solve the problem of transparency of authority judgments; at the same time, through smart contracts, based on the strategy published by the resource owner on the blockchain, realize automatic access control to big data resources; and make the judicial process more flexible and the judgment result more credible. The BBAC-BD mechanism realizes a safe, reliable, and transparent new access control architecture, and it can effectively promote the safe circulation and sharing of big data.

mathematical & computational biology,neurosciences

Peng Wang,Ning Xu,Haibin Zhang,Wen Sun,Abderrahim Benslimane

DOI: https://doi.org/10.1109/jiot.2021.3125091

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:The Internet of Things (IoT), while providing comprehensive interconnection and ubiquitous services, poses security issues by enabling resources sharing among various devices from different untrusted authorities. Blockchain, as a distributed ledger, provides a traceable and verifiable platform to ensure the secure access control in IoT. The existing works based on blockchain may bring up intolerable computing overhead and delay to the lightweight IoT devices. In this article, we propose a dynamic and lightweight attribute-based access control framework for blockchain-empowered IoT, to achieve secure and fine-grained authorization. The proposed scheme allows access to resources by evaluating attributes, operations, and the environment relevant to a request. The access policy is executed through smart contract in blockchain for security and flexibility. To further adapt to IoT device constraints, we design a access control framework based on decentralized application (DApp), which can maintain tamper proof in a timely manner and be adapt to the delay-intolerant application. When delay-intolerant access is required, access can be allowed according to local replica of the blockchain, without a consensus of blockchain network. Considering the time-varying attributes of IoT devices, a trust management scheme is proposed based on the Markov chain to resist the security fluctuation caused by the vulnerability of IoT devices. In the experiments, we deploy our system prototype on Ethereum to evaluate the feasibility and effectiveness of the scheme. The results show the proposed scheme can achieve secure, high throughput, and flexible access control in IoT.

computer science, information systems,telecommunications,engineering, electrical & electronic

Rashmi Raj,Mohona Ghosh

DOI: https://doi.org/10.1007/s12083-024-01648-4

IF: 3.488

2024-03-09

Peer-to-Peer Networking and Applications

Abstract:To ensure safe exchange of data in IoT-enabled-supply-chain network and safeguard other security issues, IoT devices should have an access control system that can regulate resource access in a permissioned manner. Traditional access control mechanisms (ACM) can guarantee that but lack wide adoption owing to centralized architecture, single point of failure, and limited security. A blockchain-based ACM can address all the above challenges, however, still some limitations exist. Firstly, blockchain provides data verifiability and user transparency, meaning that all stored information is accessible to network nodes for verification leading to privacy issues of sensitive data. Secondly, encryption-based solutions can address the privacy concern but require sharing of secret keys with unknown peers entailing another security risk. Thirdly, due to limited block size in blockchain, IoT-enabled-supply-chain networks prefer storing all the data in the cloud or a central server, which has their own threat concerns. In this work, we propose a blockchain-based ACM that integrates Bell La Padula (BLP) Model, Proxy Re-Encryption, and IPFS to address all the above challenges. BLP enforces fine-grained access control without performing high computation and ensures data confidentiality. With the Proxy Re-encryption, only authorized parties can decrypt data but without revealing the private key of the data owner. Meanwhile, IPFS eliminates the need for cloud servers and provides a more secure offsite storage. The security analysis of the proposed framework is presented using BAN logic. We also provide a thorough security comparison with other peer models to establish the superiority of our proposed work. Furthermore, smart contract-based implementation through Truffle is done to analyse the framework's effectiveness.

computer science, information systems,telecommunications

Haipeng Sun,Yu-an Tan,Liang Zhu,Qikun Zhang,Shan Ai,Jun Zheng

DOI: https://doi.org/10.1007/s12652-022-04020-7

IF: 3.662

2022-07-10

Journal of Ambient Intelligence and Humanized Computing

Abstract:The application scenarios of edge-cloud collaboration are very wide. In order to ensure the operational security of resource sharing among intelligent terminals in edge-cloud collaboration scenarios, and prevent unauthorized entities from accessing sensitive data, a blockchain-based access control protocol for secure resource sharing is proposed. For the characteristics of edge-cloud collaborative application scenarios, the attribute authentication, secure storage, intra-domain access control, inter-domain access control and dynamic update of access permissions are studied in this paper. The proposed protocol has the following advantages. (1) Privacy protection: in the edge-cloud collaborative application scenario, the privacy of mobile terminals is easily leaked. The access control technology with hidden attributes is adopted, which can not only achieve the purpose of access control, but also ensure that the identity and attribute information of terminals are not leaked; (2) cross-domain access control: edge-cloud collaborative application scenarios, resource sharing among terminals may span multiple different security domains, and the proposed protocol supports cross-domain access control; (3) dynamic access control: some mobile terminals may frequently join or exit some application scenarios, the access permissions of these terminals can be dynamically updated using blockchain in this protocol; (4) fine-grained access control: the permissions for access resources are set by the combination of attribute permissions of the terminals. The terminal can access a variety of resources by setting different combinations of its attribute permissions. The performance analysis shows that compared with the cited literatures, the proposed protocol has advantages in terms of computational time, computational complexity and communication overhead.

computer science, information systems,telecommunications, artificial intelligence

Li Yunliang,Du Zhiqiang,Fu Yanfang,Zheng Xianghan

DOI: https://doi.org/10.1016/j.pmcj.2024.101878

IF: 3.848

2024-01-08

Pervasive and Mobile Computing

Abstract:Numerous users from diverse domains access information and perform various operations in multi-domain environments. These users have complex permissions that increase the risk of identity falsification, unauthorized access, and privacy breaches during cross-domain interactions. Consequently, implementing an access control architecture to prevent users from engaging in illicit activities is imperative. This paper proposes a novel blockchain-based access control architecture for multi-domain environments. By integrating the multi-domain environment within a federated chain, the architecture utilizes Decentralized Identifiers (DIDs) for user identification and relies on public/secret key pairs for operational execution. Verifiable credentials are used to authorize permissions and release resources, thereby ensuring authentication and preventing tampering and forgery. In addition, the architecture automates the authorization and access control processes through smart contracts, thereby eliminating human intervention. Finally, we performed a simulation evaluation of the architecture. The most time-consuming process had a runtime of 1074 ms, primarily attributed to interactions with the blockchain. Concurrent testing revealed that with a concurrency level of 2000 demonstrated that the response times for read and write operations were maintained within 1000 ms and 4600 ms, respectively. In terms of storage efficiency, except for user registration, which incurred two gas charges, all the other processes required only one charge.

computer science, information systems,telecommunications

Chenlei Liu,Feng Xiang,Zhixin Sun

DOI: https://doi.org/10.1155/2022/8497628

IF: 1.968

2022-04-12

Security and Communication Networks

Abstract:Information sharing has become an important application in modern supply chain management systems with business technology development. Because traditional supply chain information systems have problems such as easy data tampering, low information transparency, and interaction delays, blockchain has been taken consideration into supply chain information sharing research. Furthermore, blockchain technology is expected to provide decentralized supply chain information sharing solutions to enhance security, availability, and transparency. However, with the in-depth study of the application of blockchain technology in supply chain information sharing, people have found that the data stored publicly in the blockchain are still threatened by privacy leakage. In addition, due to the openness and accessibility of the blockchain, the lack of fine-grained access control is also apparent. In order to improve the security of data, we propose a novel privacy-preserving multiauthority attribute-based access control scheme for secure blockchain-based information sharing in a supply chain. In this scheme, blockchain stores encrypted supply chain information on distributed nodes. Multiple attribute authorities manage different attributes of users to achieve fine-grained access control and flexible authorization. Even if some attribute authorities fail, the user’s private key will not be leaked. In user secret key generation, we adopt an anonymous key generation protocol to realize the secure distribution of user keys by the attribute authorities. Furthermore, in order to meet the protection of communication privacy between blockchain nodes, properties of policy hiding and identity hiding are considered. Finally, we design experiments to analyze the performance of our scheme, including secret key sizes and running time of encryption and decryption.

computer science, information systems,telecommunications

Dezhi Han,Yujie Zhu,Dun Li,Wei Liang,Alireza Souri,Kuan-Ching Li

DOI: https://doi.org/10.1109/tii.2021.3114621

IF: 12.3

2022-05-01

IEEE Transactions on Industrial Informatics

Abstract:Internet of Things (IoT) devices are widely considered in smart cities, intelligent medicine, and intelligent transportation, among other fields that facilitate people's lives, producing a large amount of private data. However, due to the mobility, limited performance, and distributed deployment of IoT, traditional access control methods cannot support the security of private data's access control process in current IoT environments. To address such problems, this article proposes an auditable access control model, based on an attribute-based access control model, and manages the access control policy for private data through the request record, the response record, and the access record stored in the blockchain network. Additionally, a Blockchain-based auditable access control system is also proposed based on the auditable access control model, ensuring private data security in IoT environments and realizing effective management and auditable access to these data. Experimental results show that the proposed system can maintain high throughput while ensuring private data security for real application scenarios in IoT environments.

automation & control systems,computer science, interdisciplinary applications,engineering, industrial