Securing the access control policies to the Internet of Things resources through permissioned blockchain

被引:19
作者
Rizzardi, Alessandra [1 ]
Sicari, Sabrina [1 ]
Miorandi, Daniele [2 ]
Coen-Porisini, Alberto [1 ]
机构
[1] Univ Insubria, Dipartimento Sci Teor & Applicate, Varese, Italy
[2] U Hopper, Trento, Italy
关键词
blockchain; fog computing; Internet of Things; privacy; security; sticky policy; ARCHITECTURE; CHALLENGES; IOT;
D O I
10.1002/cpe.6934
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Security and privacy of information transmitted among the devices involved in an Internet of Things (IoT) network represent relevant issues in IoT contexts. Guaranteeing effective control and supervising access permissions to IoT applications is a complex task, mainly due to resources' heterogeneity and scalability requirements. The design and development of highly customizable access control policies, along with an efficient mechanism for ensuring that the rules applied by the IoT platform are not tampered with or violated, will undoubtedly have a significant impact on the diffusion of IoT-based solutions. In such a direction, the article proposes the integration of a permissioned blockchain within an honest-but-curious (i.e., not trusted) IoT distributed middleware layer, which aims to guarantee the correct management of access to resources by the interested parties. The result is a robust and lightweight system, able to manage the data produced by IoT devices, support relevant security features, such as integrity and confidentiality, and resist different kinds of attacks. The use of blockchain will ensure the tamper-resistance and synchronization of the distributed system, where various stakeholders own applications and IoT platforms. The methodology and the proposed architecture are validated employing a test-bed.
引用
收藏
页数:19
相关论文
共 41 条
[1]  
Abbadi Imad M., 2011, Information Security Technical Report, V16, P108, DOI 10.1016/j.istr.2011.08.006
[2]  
[Anonymous], 2012, Distributed Computing Systems Workshops (ICDCSW), 2012 32nd International Conference on, DOI DOI 10.1109/ICDCSW.2012.23
[3]  
[Anonymous], 2017, Lsb: a lightweight scalable blockchain for iot security and privacy
[4]  
[Anonymous], 2016, Blockchain in Internet of Things: Challenges and Solutions
[5]  
Barker S., 2012, Proc. SustKDD, P108
[6]  
Biswas K, 2016, PROCEEDINGS OF 2016 IEEE 18TH INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING AND COMMUNICATIONS
[7]  
IEEE 14TH INTERNATIONAL CONFERENCE ON SMART CITY
[8]  
IEEE 2ND INTERNATIONAL CONFERENCE ON DATA SCIENCE AND SYSTEMS (HPCC/SMARTCITY/DSS), P1392, DOI [10.1109/HPCC-SmartCity-DSS.2016.0198, 10.1109/HPCC-SmartCity-DSS.2016.178]
[9]  
Bonomi F., 2012, 1 EDITION MCC WORKSH, P13, DOI DOI 10.1145/2342509.2342513
[10]  
Carminati B., 2011, Proceedings of the 2011 IEEE Third International Conference on Privacy, Security, Risk and Trust and IEEE Third International Conference on Social Computing (PASSAT/SocialCom 2011), P988, DOI 10.1109/PASSAT/SocialCom.2011.69