Skip to main content
SpringerLink
Log in

BacS: A blockchain-based access control scheme in distributed internet of things

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

Distributed Internet of Things (Distributed IoT) is a large-scale, heterogeneous, dynamic distributed architecture environment which is gradually formed based on Internet of Things (IoT) technology. In order to cope with the large number access requirements for IoT data brought by application expansion, the data of IoT devices are usually stored in the management server (DMS) of current domain, and adopt a centralized access control mechanism to user. This centrally approach can easily cause data to be tampered with and leaked. Moreover, registering different identities when user accesses different domains increases the difficulty to manage his identities. Therefore, this paper proposes a blockchain-based access control scheme called BacS for Distributed IoT. In BacS, firstly, we use account address of the node in blockchain as the identity to access DMS, redefine the access control permission of data of devices and store on blockchain. Then we design processes of authorization, authorization revocation, access control and audit in BacS. Finally, we use a lightweight symmetric encryption algorithm (SEA) to achieve privacy-preserving for Distributed IoT system. We build a credible experimental model on Ethereum private chain, results show that BacS is feasible and effective that it can achieve secure access in Distributed IoT environment while protecting privacy.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Similar content being viewed by others

References

  1. Ericsson Tech. Rep. Ericsson mobility report: On the pulse of the networked society. November 2019. [Online]. Available: https://www.ericsson.com/en/mobility-report?

  2. Catarinucci L, De Donno D, Mainetti L, et al. (2015) An IoT-aware architecture for smart healthcare systems[J]. IEEE Internet Things J 2(6):515–526

    Article  Google Scholar 

  3. Xu Y, Ren J, Wang G, et al. (2019) A blockchain-based nonrepudiation network computing service scheme for industrial IoT[J]. IEEE Trans Ind Inform 15(6):3632–3641

    Article  Google Scholar 

  4. Liu Z, Tsuda T, Watanabe H, et al. (2019) Data driven cyber-physical system for landslide detection[J]. Mobile Netw Appl 24(3):991–1002

    Article  Google Scholar 

  5. Qi X, Su Y, Yu K, et al. (2019) Design and performance evaluation of content-oriented communication system for iot network: a case study of named node networking for real-time video streaming system[J]. IEEE Access 7:88138–88149

    Article  Google Scholar 

  6. Yu K, Arifuzzaman M, Wen Z, et al. (2015) A key management scheme for secure communications of information centric advanced metering infrastructure in smart grid[J]. IEEE Trans Instrum Meas 64(8):2072–2085

    Article  Google Scholar 

  7. Xu Y, Wang G, Ren J, et al. (2019) An adaptive and configurable protection framework against android privilege escalation threats[J]. Future Gener Comput Syst 92:210–224

    Article  Google Scholar 

  8. Ren Y, Li X, Liu H, et al. (2018) Research on trust management method of distributed internet of things based on Blockchain[J]. J Comput Res Dev 55(7):1462–1478

    Google Scholar 

  9. Le Nguyen P, Ji Y, Liu Z, et al. (2017) Distributed hole-bypassing protocol in WSNs with constant stretch and load balancing[J]. Comput Netw 129:232–250

    Article  Google Scholar 

  10. Hussein D, Bertin E, Frey V (2017) A community-driven access control approach in distributed IoT environments[J]. IEEE Commun Mag 55(3):146–153

    Article  Google Scholar 

  11. Roman R, Zhou J, Lopez J (2013) On the features and challenges of security and privacy in distributed internet of things[J]. Comput Netw 57(10):2266–2279

    Article  Google Scholar 

  12. Alkhamisi AO, Alboraei F. Privacy-aware Decentralized and Scalable Access Control Management for IoT Environment[J] https://doi.org/10.4197/Comp.8-1.7

  13. Witti M, Konstantas D. Secure and Privacy-aware Data Collection Architecture Approach in Fog Node Based Distributed IoT Environment[J]. Available: https://www.researchgate.net/profile/Moussa_Witti/publication/337981430

  14. Yong Yuan, Feiyue Wang (2016). Thdevelopment status and prospect of blockchain technology[J]. J of Automatica Sinica

  15. Ferrag MA, Derdour M, Mukherjee M, et al. (2018) Blockchain technologies for the internet of things: Research issues and challenges[J]. IEEE Internet Things J 6(2):2188–2204

    Article  Google Scholar 

  16. Nawir M, Amir A, Yaakob N et al (2016) Internet of Things (IoT): Taxonomy of security attacks[C]. In: 2016 3rd International Conference on Electronic Design (ICED). IEEE, pp 321–326

  17. Chen R, Bao F, Guo J (2015) Trust-based service management for social internet of things systems[J]. IEEE Trans Dependable Secure Comput 13(6):684–696

    Article  Google Scholar 

  18. Sandhu RS, Samarati P (1994) Access control: principle and practice[J]. IEEE Commun Mag 32(9):40–48

    Article  Google Scholar 

  19. Xu Y, Ren J, Zhang Y, et al. (2019) Blockchain empowered arbitrable data auditing scheme for network storage as a Service[J]. IEEE Trans Serv Comput

  20. Liu K (2001). Formal Modeling and Implementation of Secure Linux Operating System and Secure Web System[D]. Beijing: Institute of Software, Chinese Academy of Sciences

  21. Yan X, Cui B, Xu Y, et al. (2019) A method of information protection for collaborative deep learning under GAN model Attack[J]. IEEE/ACM Trans Comput Biol Bioinform

  22. Wang X, Liu Z, Gao Y, et al. (2019) A near-optimal protocol for the grouping problem in RFID systems[J]. IEEE Trans Mobile Comput

  23. Ferraiolo DF, Sandhu R, Gavrila S, et al. (2001) Proposed NIST standard for role-based access control[J]. ACM Trans Inform Syst Secur (TISSEC) 4(3):224–274

    Article  Google Scholar 

  24. Hu VC, Kuhn DR, Ferraiolo DF, et al. (2015) Attribute-based access control[J]. Computer 48(2):85–88

    Article  Google Scholar 

  25. Guoping Z, Wentao G (2012) The research of access control in the application of VANET based on UCON[j]. Procedia Eng 29:4091–4095

    Article  Google Scholar 

  26. Gusmeroli S, Piccione S, Rotondi D (2013) A capability-based security approach to manage access control in the internet of things[J]. Math Comput Model 58(5-6):1189–1205

    Article  Google Scholar 

  27. Mahalle PN, Anggorojati B, Prasad NR, et al. (2013) Identity authentication and capability based access control (iacac) for the internet of things[J]. J Cyber Secur Mobil 1(4):309–348

    Google Scholar 

  28. Anggorojati B, Mahalle PN, Prasad NR (2012) Capability-based access control delegation model on the federated IoT network[C]. In: The 15th International Symposium on Wireless Personal Multimedia Communications. IEEE, pp 604–608

  29. Yu K, Eum S, Kurita T, et al. (2019) Information-centric networking: research and standardization status[J]. IEEE Access 7:126164–126176

    Article  Google Scholar 

  30. Zhang J, Zhao Y, Chen B, et al. (2018) Review of research on edge computing data security and privacy Protection[J]. J Commun, https://doi.org/10.11959/j.issn.1000-436x.2018037

  31. Yu S, Wang C, Ren K, et al. (2010) Achieving secure, scalable, and fine-grained data access control in cloud computing[C]. In: 2010 Proceedings IEEE INFOCOM. IEEE, pp 1–9

  32. Xue K, Xue Y, Hong J, et al. (2017) RAAC: Robust And auditable access control with multiple attribute authorities for public cloud storage[J]. IEEE Trans Inf Forensics Secur 12(4):953–967

    Article  Google Scholar 

  33. Zhang P, Chen Z, Liu JK, et al. (2018) An efficient access control scheme with outsourcing capability and attribute update for fog computing[J]. Future Gener Comput Syst 78:753–762

    Article  Google Scholar 

  34. Huang Q, Yang Y, Wang L (2017) Secure data access control with ciphertext update and computation outsourcing in fog computing for Internet of Things[J]. IEEE Access 5:12941–12950

    Article  Google Scholar 

  35. Xu Y, Zeng Q, Wang G, et al. (2019) An efficient privacy-enhanced attribute-based access control mechanism[J]. Concurr Comput Pract Exper

  36. Zhou L, Varadharajan V, Hitchens M (2013) Achieving secure role-based access control on encrypted data in cloud storage[J]. IEEE Trans Inf Forensics Secur 8(12):1947–1960

    Article  Google Scholar 

  37. Chen HC (2015) A hierarchical virtual role assignment for negotiation-based RBAC scheme[C]. In: 2015 10th International Conference on Broadband and Wireless Computing, Communication and Applications (BWCCA). IEEE, pp 538–543

  38. Li H, Wang S, Tian X, et al. (2015) A survey of extended role-based access control in cloud computing[C]. In: Proceedings of the 4th international conference on computer engineering and networks. Springer, Cham, pp 821–831

  39. Almutairi A, Sarfraz M, Basalamah S, et al. (2011) A distributed access control architecture for cloud computing[J]. IEEE Softw 29(2):36–44

    Article  Google Scholar 

  40. Chen L, Urian R (2015) DAA-A direct anonymous attestation with attributes[c], Springer, Cham

  41. Ouaddah A, Elkalam AA, Ouahman AA (2017) Towards a novel privacy-preserving access control model based on blockchain technology in iot[m]. In: Europe and MENA cooperation advances in information and communication technologies. Springer, Cham, pp 523–533

  42. Rahulamathavan Y, Phan RCW, Rajarajan M, et al. (2017) Privacy-preserving blockchain based IoT ecosystem using attribute-based encryption[C]. In: 2017 IEEE international conference on Advanced Networks and Telecommunications Systems (ANTS). IEEE, pp 1–6

  43. Truong NB, Sun K, Guo Y (2019) Blockchain-based personal data management: from fiction to solution[C]. In: 2019 IEEE 18th international symposium on Network Computing and Applications (NCA). https://doi.org/10.1109/NCA.2019.8935049. IEEE, pp 1–8

  44. Truong NB, Sun K, Lee GM, et al. (2019). GDPR-compliant personal data management: A blockchain-based solution[J]. arXiv:1904.03038

  45. Zyskind G, Nathan O (2015) Decentralizing privacy: Using blockchain to protect personal data[C]. In: 2015 IEEE security and privacy workshops. IEEE, pp 180–184

  46. Ding S, Cao J, Li C, et al. (2019) A novel attribute-based access control scheme using blockchain for IoT[J]. IEEE Access 7:38431–38441

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Computer Science, Sichuan Normal University, Chengdu, Sichuan, 610101, China

    Na Shi, Liang Tan & Ciaxia Yang

  2. Institute of Computing Technology, Chinese Academy of Sciences, Beijing, 100190, China

    Liang Tan

  3. School of Electronics and Information Engineering, Hunan University of Science and Engineering, Yongzhou, People’s Republic of China

    Chen He

  4. School of Biosystems and Food Engineering, University College Dublin, Dublin, Ireland

    Junli Xu

  5. School of Computing, University of Kent, Canterbury, UK

    Yang Lu

  6. Faculty of Electrical Engineering and Computer Science, Technical University of Berlin, 10587, Berlin, Germany

    Hao Xu

Authors
  1. Na Shi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Liang Tan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ciaxia Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chen He
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Junli Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Yang Lu
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Hao Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Liang Tan.

Ethics declarations

Conflict of interest

We declare that there is no conflict of interest.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This article belongs to the Topical Collection: Special Issue on Blockchain for Peer-to-Peer Computing

Guest Editors: Keping Yu, Chunming Rong, Yang Cao, and Wenjuan Li

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Shi, N., Tan, L., Yang, C. et al. BacS: A blockchain-based access control scheme in distributed internet of things. Peer-to-Peer Netw. Appl. 14, 2585–2599 (2021). https://doi.org/10.1007/s12083-020-00930-5

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-020-00930-5

Keywords

Search

Navigation