research-article

BIDAC: Blockchain-enabled Identity-Based Data Access Control in IoT

Authors:

Shangdong LiuAuthors Info & Claims

WI-IAT '21: IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology

Pages 400 - 405

https://doi.org/10.1145/3498851.3498986

Published: 11 April 2022 Publication History

Abstract

Considering massive device nodes, strong dynamics, and limited resources of the Internet of Things, mainstream data access control solutions have plaintext transmission problems and may cause single point of failure. In this paper, we propose a blockchain-enabled identity-based data access control in IoT named BIDAC. By using Identity-Based Encryption (IBE) algorithm, the security and trustworthiness of the data can be ensured during the authorization and data-sharing process. With the designed access control smart contracts, access rights can be obtained by gaining private keys, providing fine-grained data access control for the IoT systems. Security analysis of this paper shows that BIDAC can resist passive attack, active attack, and physical attack. By implementing BIDAC on the blockchain, the access control performance shows that the proposed BIDAC has good availability.

References

[1]

Luigi Atzori, Antonio Iera, and Giacomo Morabito. 2010. The Internet of Things: a survey. Computer Networks 54, 15 (2010), 2787-2805. https://doi.org/10.1016/j.comnet.2010.05.010

Digital Library

[2]

Jie Lin, Wei Yu, Nan Zhang, Xinyu Yang, Hanlin Zhang, and Wei Zhao. 2017. A survey on Internet of Things: architecture, enabling technologies, security and privacy, and applications. IEEE Internet of Things Journal 4, 5 (2017), 1125-1142. https://doi.org/10.1109/JIOT.2017.2683200

[3]

Ravi Sandhu and Pierangela Samarati. 1994. Access control: principle and practice. IEEE Communications Magazine 32, 9 (1994), 40-48. https://doi.org/10.1109/35.312842

Digital Library

[4]

Sergio Gusmeroli, Salvatore Piccione, and Domenico Rotondi. 2012. IoT access control issues: a capability based approach. In 2012 IEEE 6th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing. IEEE, 787-792. https://doi.org/10.1109/IMIS.2012.38

Digital Library

[5]

Shantanu Pal. 2019. Limitations and approaches in access control and identity management for constrained IoT resources. In 2019 IEEE International Conference on Pervasive Computing and Communications Workshops. IEEE, 431-432. https://doi.org/10.1109/PERCOMW.2019.8730651

[6]

Zibin Zheng, Shaoan Xie, Hongning Dai, Xiangping Chen, and Huaimin Wang. 2017. An overview of blockchain technology: architecture, consensus, and future trends. In 2017 IEEE International Congress on Big Data. IEEE, 557-564. https://doi.org/10.1109/BigDataCongress.2017.85

[7]

Oscar Novo. 2018. Blockchain meets IoT: An architecture for scalable access management in IoT. IEEE Internet of Things Journal 5, 2 (2018), 1184-1195. https://doi.org/10.1109/JIOT.2018.2812239

[8]

Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system. White Paper (2008).

[9]

Vitalik Buterin. A next-generation smart contract and decentralized application platform. White Paper (2014).

[10]

Elli Androulaki, Artem Barger, Vita Bortnikov, Christian Cachin, Konstantinos Christidis, Angelo De Caro, 2018. Hyperledger fabric: a distributed operating system for permissioned blockchains. In Proceedings of the 13th EuroSys Conference. ACM, 1-15. https://doi.org/10.1145/3190508.3190538

Digital Library

[11]

Ismail Butun and Patrik Österberg. 2020. A Review of distributed access control for blockchain systems towards securing the Internet of Things. IEEE Access 9 (2020), 5428-5441. https://doi.org/10.1109/ACCESS.2020.3047902

[12]

Junzuo Lai, Robert H. Deng, and Yingjiu Li. 2011. Fully secure cipertext-policy hiding CP-ABE. In International Conference on Information Security Practice and Experience. Springer, 24-39. https://doi.org/10.1007/978-3-642-21031-0_3

[13]

Zhijun Zhang and Xiaojun Ren. 2021. Data security sharing method based on CP-ABE and blockchain. Journal of Intelligent & Fuzzy Systems 40, 2 (2021), 2193-2203. https://doi.org/10.3233/JIFS-189318

[14]

Xianzhou Gao, Xiuli Huang, Wei Zhang, and Ruxia Yang. 2021. A novel CP-ABE based sidechain protocol for distributed power system data storage management with the blockchain. In Proceedings of the 2nd International Conference on Computing and Data Science. ACM, 1-8. https://doi.org/10.1145/3448734.3450799

Digital Library

[15]

Aafaf Ouaddah, Anas Abou Elkalam, and Abdellah Ait Ouahman. 2016. FairAccess: A new blockchain‐based access control framework for the Internet of Things. In International Conference on Computing and Data Science. Wiley, 5943-5964. https://doi.org/10.1002/sec.1748

[16]

Otto Julio Ahlert Pinno, Andre Ricardo Abed Gregio, and Luis C. E. De Bona. 2017. Controlchain: Blockchain as a central enabler for access control authorizations in the IoT. In IEEE Global Communications Conference. IEEE, 1-6. https://doi.org/10.1109/GLOCOM.2017.8254521

[17]

Otto Julio Ahlert Pinno, Andre Ricardo Abed Gregio, and Luis C. E. De Bona. 2019. ControlChain: A new stage on the IoT access control authorization. Concurrency and Computation: Practice and Experience 32, 12 (2019), e5238. https://doi.org/10.1002/cpe.5238

[18]

Fariza Sabrina. 2019. Blockchain and structural relationship based access control for IoT: a smart city use case. In 2019 IEEE 44th Conference on Local Computer Networks. IEEE, 137-140. https://doi.org/10.1109/LCN44214.2019.8990757

[19]

Bacem Mbarek, Mouzhi Ge, and Tomas Pitner. 2021. Blockchain-based access control for IoT in smart home systems. In International Conference on Database and Expert Systems Applications. Springer, 17-32. https://doi.org/10.1007/978-3-030-59051-2_2

[20]

Sourav Saha, Anil Kumar Sutrala, Ashok Kumar Das, Neeraj Kumar, and Joel J. P. C. Rodrigues. 2020. On the design of blockchain-based access control protocol for IoT-enabled healthcare applications. In 2020 IEEE International Conference on Communications. IEEE, 1-6. https://doi.org/10.1109/ICC40277.2020.9148915

[21]

Yunru Zhang, Debiao He, and Kim-Kwang Raymond Choo. 2018. BaDS: Blockchain-based architecture for data sharing with ABS and CP-ABE in IoT. Wireless Communications and Mobile Computing (2018). https://doi.org/10.1155/2018/2783658

[22]

Soumya Banerjee, Basudeb Bera, Ashok Kumar Das, Samiran Chattopadhyay, Muhammad Khurram Khan, and Joel J.P.C. Rodrigues. 2021. Private blockchain-envisioned multi-authority CP-ABE-based user access control scheme in IIoT. Computer Communications 169 (2021), 99-113. https://doi.org/10.1016/j.comcom.2021.01.023

[23]

Dan Boneh and Matt Franklin. 2001. Identity-based encryption from the Weil pairing. In Annual International Cryptology Conference. Springer, 213-229. https://doi.org/10.1007/3-540-44647-8_13

[24]

Miguel Castro and Barbara Liskov. 2002. Practical byzantine fault tolerance and proactive recovery. ACM Transactions on Computer Systems 20, 4 (2002), 398-461. https://doi.org/10.1145/571637.571640

Digital Library

[25]

Mauro Conti, Nicola Dragoni, and Viktor Lesyk. 2016. A survey of man in the middle attacks. IEEE Communications Surveys & Tutorials 18 (2016), 2027-2051. https://doi.org/10.1109/COMST.2016.2548426

Digital Library

[26]

Soumya Banerjee, Sandip Roy, Vanga Odelu, Ashok Kumar Das, Samiran Chattopadhyay, Joel J. P. C. Rodrigues, and Youngho Park. 2020. Multi-Authority CP-ABE-Based user access control scheme with constant-size key and ciphertext for IoT deployment. Journal of Information Security and Applications 53 (2020), 102503. https://doi.org/10.1016/j.jisa.2020.102503

Cited By

Wang CXu JTan SYin L(2024)Secure decision tree classification with decentralized authorization and access controlComputer Standards & Interfaces10.1016/j.csi.2023.10381889(103818)Online publication date: Apr-2024
https://doi.org/10.1016/j.csi.2023.103818
Raj RGhosh M(2024)A blockchain based lightweight and secure access control framework for IoT-enabled supply chainPeer-to-Peer Networking and Applications10.1007/s12083-024-01648-417:3(1610-1630)Online publication date: 8-Mar-2024
https://doi.org/10.1007/s12083-024-01648-4
Adhikari NRamkumar M(2023)IoT and Blockchain Integration: Applications, Opportunities, and ChallengesNetwork10.3390/network30100063:1(115-141)Online publication date: 24-Jan-2023
https://doi.org/10.3390/network3010006
Show More Cited By

BIDAC: Blockchain-enabled Identity-Based Data Access Control in IoT
1. Security and privacy
  1. Security services

Recommendations

Poster: Zero Trust Driven Architecture for Blockchain-Based Access Control Delegation
ACM SIGCOMM Posters and Demos '24: Proceedings of the ACM SIGCOMM 2024 Conference: Posters and Demos

Granting access and controlling access rights for online services is challenging in a highly dynamic and large-scale systems. In particular, the secure propagation of access right delegation is a major issue. Many proposals present access control issues ...
Blockchain for IoT access control: Recent trends and future research directions
Abstract
With the rapid development of wireless sensor networks, smart devices, and traditional information and communication technologies, there is tremendous growth in the use of Internet of Things (IoT) applications and services in our ...
A blockchain-based Access Control Mechanism for IOT
EITCE '22: Proceedings of the 2022 6th International Conference on Electronic Information Technology and Computer Engineering

Because of lightweight, large-scale and dynamic access characteristics in IoT devices, the current centralized access control mechanism leads to many security problems such as failure of single point, privacy leakage and user authentication. With the ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WI-IAT '21: IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology

December 2021

541 pages

ISBN:9781450391870

DOI:10.1145/3498851

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGAI: ACM Special Interest Group on Artificial Intelligence

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 April 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

WI-IAT '21

Sponsor:

SIGAI

WI-IAT '21: IEEE/WIC/ACM International Conference on Web Intelligence

December 14 - 17, 2021

VIC, Melbourne, Australia

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
104
Total Downloads

Downloads (Last 12 months)19
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Wang CXu JTan SYin L(2024)Secure decision tree classification with decentralized authorization and access controlComputer Standards & Interfaces10.1016/j.csi.2023.10381889(103818)Online publication date: Apr-2024
https://doi.org/10.1016/j.csi.2023.103818
Raj RGhosh M(2024)A blockchain based lightweight and secure access control framework for IoT-enabled supply chainPeer-to-Peer Networking and Applications10.1007/s12083-024-01648-417:3(1610-1630)Online publication date: 8-Mar-2024
https://doi.org/10.1007/s12083-024-01648-4
Adhikari NRamkumar M(2023)IoT and Blockchain Integration: Applications, Opportunities, and ChallengesNetwork10.3390/network30100063:1(115-141)Online publication date: 24-Jan-2023
https://doi.org/10.3390/network3010006
Wang CXu JTan SYin L(2023)Secure Decision Tree Classification with Decentralized Authorization and Access Control2023 International Conference on Data Security and Privacy Protection (DSPP)10.1109/DSPP58763.2023.10404577(105-112)Online publication date: 16-Oct-2023
https://doi.org/10.1109/DSPP58763.2023.10404577

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Figures

Tables

Media

View Table of Conten