Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Collaborative Access Control for IoT -- A Blockchain Approach

Yongtao Huang, I-Ling Yen, Farokh Bastani

TL;DR

The paper addresses IoT access control challenges in decentralized environments, identifying limitations of centralized schemes and gaps in blockchain-based approaches. It proposes P2P-BEAC, a three-layer framework combining a P2P overlay (libp2p) with a consortium blockchain and a generic BEAC layer capable of embedding DAC, ABAC, and RBAC across multiple domains. A novel shortcut access mechanism is introduced to parallelize validation and token issuance, yielding substantial latency reductions (about 43% on internet paths and higher locally). The framework supports NAT traversal, crash resilience, and cross-domain policy interoperability, and is evaluated with real-world timing data for network and p2p interactions, demonstrating practical scalability and performance gains over traditional blockchain access control.

Abstract

The Internet of Things (IoT) necessitates robust access control mechanisms to secure a vast array of interconnected devices. Most of the existing IoT systems in practice use centralized solutions. We identify the problems in such solutions and adopt the blockchain based decentralized access control approach. Though there are works in the literature that use blockchain for access control, there are some gaps in these works. We develop a blockchain embedded access control (BEAC) framework to bridge the gaps. First, blockchain based solutions for access control require an enabling P2P network while existing P2P overlays do not support some required features. We develop a novel P2P infrastructure to seamlessly support our BEAC framework. Second, most of the works consider blockchain based access control for a single access control model, and we develop a generic blockchain mechanism and show that it can support the embedding of various access control models. Finally, existing works adopt existing blockchain mechanisms which may incur a high communication overhead. We develop a shortcut approach to improve the number of message rounds in the access protocol. Our experiments demonstrate the efficacy of our system, showing that the shortcut mechanism can reduces access time by approximately 43%.

Collaborative Access Control for IoT -- A Blockchain Approach

TL;DR

The paper addresses IoT access control challenges in decentralized environments, identifying limitations of centralized schemes and gaps in blockchain-based approaches. It proposes P2P-BEAC, a three-layer framework combining a P2P overlay (libp2p) with a consortium blockchain and a generic BEAC layer capable of embedding DAC, ABAC, and RBAC across multiple domains. A novel shortcut access mechanism is introduced to parallelize validation and token issuance, yielding substantial latency reductions (about 43% on internet paths and higher locally). The framework supports NAT traversal, crash resilience, and cross-domain policy interoperability, and is evaluated with real-world timing data for network and p2p interactions, demonstrating practical scalability and performance gains over traditional blockchain access control.

Abstract

The Internet of Things (IoT) necessitates robust access control mechanisms to secure a vast array of interconnected devices. Most of the existing IoT systems in practice use centralized solutions. We identify the problems in such solutions and adopt the blockchain based decentralized access control approach. Though there are works in the literature that use blockchain for access control, there are some gaps in these works. We develop a blockchain embedded access control (BEAC) framework to bridge the gaps. First, blockchain based solutions for access control require an enabling P2P network while existing P2P overlays do not support some required features. We develop a novel P2P infrastructure to seamlessly support our BEAC framework. Second, most of the works consider blockchain based access control for a single access control model, and we develop a generic blockchain mechanism and show that it can support the embedding of various access control models. Finally, existing works adopt existing blockchain mechanisms which may incur a high communication overhead. We develop a shortcut approach to improve the number of message rounds in the access protocol. Our experiments demonstrate the efficacy of our system, showing that the shortcut mechanism can reduces access time by approximately 43%.
Paper Structure (16 sections, 7 figures, 4 tables)

This paper contains 16 sections, 7 figures, 4 tables.

Table of Contents

  1. Introduction
  2. Infrastructure Foundations
  3. BEAC-Enabling Peer-to-Peer Overlay
  4. Virtually Universal Domain
  5. System Entity Identification and Authentication.
  6. Pub-Sub Communication Protocol.
  7. Blockchain Embedded Access Control (BEAC)
  8. BEAC Preliminary
  9. Discretionary Access Control (DAC)
  10. Attribute-Based Access Control (ABAC)
  11. Role-Based Access Control (RBAC)
  12. Dynamic Access Control
  13. Performance Optimization via Shortcut Access
  14. Shortcut
  15. Performance Analysis
  16. ...and 1 more sections

Figures (7)

  • Figure 1: 3-layer Framework
  • Figure 2: System Architecture
  • Figure 3: P2P Overlay Network
  • Figure 4: Full Path and Shortcut Access
  • Figure 5: Full Path Access Latency Distribution
  • ...and 2 more figures