A Review of Distributed Access Control for Blockchain Systems Towards Securing the Internet of Things

As the Internet of Things (IoT) paradigm gets more attention from academia and industry, implementation tools of IoT will be explored more and more. One example is the applicability of blockchain systems to provide security and privacy of IoT networks, which is the topic of this article. Blockchain systems are on the rise, as crypto-currency payment systems (such as Bitcoin, Litecoin, etc.) boomed in the last few years due to their attractive de-centralized and anonymous features. As in every transaction, access of the users to IoT systems needs to be controlled. However, these systems are peer-to-peer systems and do not have centralized control, which means that traditional access control techniques will not be optimal. As a result, distributed access control schemes are needed and this paper aims at providing the state of the art in the literature. Thereby, we introduce and discuss the details and applicability of centralized (role-based) and distributed (threshold-signature, reputation, trusted-computing, identity, capability, ACL, group-signature, and hybrid) access control schemes to blockchain systems under the IoT ecosystems. Moreover, permissioned vs. permissionless blockchain systems are also discussed. Finally, challenges and research directions related to the application of all those presented blockchain systems to IoT are discussed.