Securing the access control policies to the Internet of Things resources through permissioned blockchain

被引:21
作者
Rizzardi, Alessandra [1 ]
Sicari, Sabrina [1 ]
Miorandi, Daniele [2 ]
Coen-Porisini, Alberto [1 ]
机构
[1] Univ Insubria, Dipartimento Sci Teor & Applicate, Varese, Italy
[2] U Hopper, Trento, Italy
关键词
blockchain; fog computing; Internet of Things; privacy; security; sticky policy; ARCHITECTURE; CHALLENGES; IOT;
D O I
10.1002/cpe.6934
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Security and privacy of information transmitted among the devices involved in an Internet of Things (IoT) network represent relevant issues in IoT contexts. Guaranteeing effective control and supervising access permissions to IoT applications is a complex task, mainly due to resources' heterogeneity and scalability requirements. The design and development of highly customizable access control policies, along with an efficient mechanism for ensuring that the rules applied by the IoT platform are not tampered with or violated, will undoubtedly have a significant impact on the diffusion of IoT-based solutions. In such a direction, the article proposes the integration of a permissioned blockchain within an honest-but-curious (i.e., not trusted) IoT distributed middleware layer, which aims to guarantee the correct management of access to resources by the interested parties. The result is a robust and lightweight system, able to manage the data produced by IoT devices, support relevant security features, such as integrity and confidentiality, and resist different kinds of attacks. The use of blockchain will ensure the tamper-resistance and synchronization of the distributed system, where various stakeholders own applications and IoT platforms. The methodology and the proposed architecture are validated employing a test-bed.
引用
收藏
页数:19
相关论文
共 41 条
[1]  
Abbadi Imad M., 2011, Information Security Technical Report, V16, P108, DOI 10.1016/j.istr.2011.08.006
[2]  
[Anonymous], 2014, INT C CRYPT SEC SYST
[3]  
Barker S., 2012, SustKDD, V111, P108
[4]  
Biswas K, 2016, PROCEEDINGS OF 2016 IEEE 18TH INTERNATIONAL CONFERENCE ON HIGH PERFORMANCE COMPUTING AND COMMUNICATIONS
[5]  
IEEE 14TH INTERNATIONAL CONFERENCE ON SMART CITY
[6]  
IEEE 2ND INTERNATIONAL CONFERENCE ON DATA SCIENCE AND SYSTEMS (HPCC/SMARTCITY/DSS), P1392, DOI [10.1109/HPCC-SmartCity-DSS.2016.0198, 10.1109/HPCC-SmartCity-DSS.2016.178]
[7]  
Bonomi F., 2012, P 1 MCC WORKSH MOB C, P13, DOI [10.1145/2342509.2342513, DOI 10.1145/2342509.2342513]
[8]  
Carminati B., 2011, Proceedings of the 2011 IEEE Third International Conference on Privacy, Security, Risk and Trust and IEEE Third International Conference on Social Computing (PASSAT/SocialCom 2011), P988, DOI 10.1109/PASSAT/SocialCom.2011.69
[9]   Practical byzantine fault tolerance and proactive recovery [J].
Castro, M ;
Liskov, B .
ACM TRANSACTIONS ON COMPUTER SYSTEMS, 2002, 20 (04) :398-461
[10]   Policychain: A Decentralized Authorization Service With Script-Driven Policy on Blockchain for Internet of Things [J].
Chen, E. ;
Zhu, Yan ;
Zhou, Zhiyuan ;
Lee, Shou-Yu ;
Wong, W. Eric ;
Chu, William Cheng-Chung .
IEEE INTERNET OF THINGS JOURNAL, 2022, 9 (07) :5391-5409