Blockchain based permission delegation and access control in Internet of Things (BACI)

Ali, G. G. Md. Nawaz; Ahmad, Naveed; Cao, Yue; Asif, Muhammad; Cruickshank, Haitham; Ali, Qazi Ejaz

doi:10.1016/j.cose.2019.06.010

Cited by 74 publications

(37 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The second is an in-depth study of permission delegation in the access control of the blockchain, which proposes a model with its own characteristics. Ali et al studied the application of permission delegation in blockchain-based access control in the IoT scenario, and divided the permission delegation into an event-based one and a query-based one [28]. But this study does not focus on the security issues brought about by permission delegation.…”

Section: Related Workmentioning

confidence: 99%

A Mechanism to Resolve the Unauthorized Access Vulnerability Caused by Permission Delegation in Blockchain-Based Access Control

Shi

Hou

2020

IEEE Access

View full text Add to dashboard Cite

Permission delegation in access control provides the subject with a second method to obtain object permissions in addition to permission granting. It is especially applicable when the owner and manager of the object are inconsistent. With the development of the Internet of Things, there are more and more scenes where object owners and managers are inconsistent, but the research on permission delegation in access control based on blockchain is not perfect. Therefore, once implemented in these blockchainbased access control algorithms, the permission delegation tends to have an unauthorized access. Based on the analysis of the causes for the unauthorized access vulnerability, this paper proposes a token-constrained permission delegation algorithm (TCPDA), which converts the access control policy corresponding to permissions into constraints for permission use, embeds the constraints in the permission token, and forms constraints on the transfer of tokens. Only subjects that meet the constraint conditions can receive tokens, thereby solving unauthorized access vulnerability caused by permission delegation. Since not all access control models can transform strategies into constraints and integrate them into blockchain tokens, this paper also proposes a permission delegation algorithm for decision-making entities to make desirable decisions. Finally, the security analysis shows that the two proposed schemes can overcome the unauthorized access vulnerability caused by permission delegation, and the algorithm performance is analyzed through experiments.

show abstract

Section: Related Workmentioning

confidence: 99%

A Mechanism to Resolve the Unauthorized Access Vulnerability Caused by Permission Delegation in Blockchain-Based Access Control

Shi

Hou

2020

IEEE Access

View full text Add to dashboard Cite

show abstract

“…If there is more than one output transaction, the person is attempting to spend the same coin twice, and the illegal transaction is called a spent transaction output (STOX) [35]. This ledger is how the decentralized network can differentiate between one unique coin from another [34,36,37]. Different consensus algorithms for blockchain are described as follows.…”

Section: Distributed Ledger and The Blockchainmentioning

confidence: 99%

PUFchain: A Hardware-Assisted Blockchain for Sustainable Simultaneous Device and Data Security in the Internet of Everything (IoE)

Mohanty

Yanambaka

Kougianos

et al. 2020

IEEE Consumer Electron. Mag.

102

View full text Add to dashboard Cite

This article presents the first-ever blockchain which can simultaneously handle device and data security, which is important for the emerging Internet-of-Everything (IoE). This article presents a unique concept of blockchain that integrates hardware security primitives called Physical Unclonable Functions (PUFs) to solve scalability, latency, and energy requirement challenges and is called PUFchain. Data management and security (and privacy) of data, devices, and individuals, are some of the issues in the IoE architectures that need to be resolved. Integrating the blockchain into the IoE environment can help solve these issues and helps in the aspects of data storage and security. This article introduces a new blockchain architecture called PUFchain and introduces a new consensus algorithm called "Proof of PUF-Enabled Authentication" (PoP) for deployment in PUFchain. The proposed PoP is the PUF integration into our previously proposed Proof-of-Authentication (PoAh) consensus algorithm and can be called "Hardware-Assisted Proof-of-Authentication (HA-PoAh)". However, PUF integration is possible in the existing and new consensus algorithms. PoP utilizes PUFs which are responsible for generating a unique key that cannot be cloned and hence provide the highest level of security. A PUF uses the nanoelectronic manufacturing variations that are introduced during the fabrication of an integrated circuit to generate the keys. Hence, once generated from a PUF module, the keys cannot be cloned or generated from any other module. PUFchain uses a PUF and Hashing module which performs the necessary cryptographic functions. Hence the mining process is offloaded to the hardware module which reduces the processing times. PoP is approximately 1,000× faster than the well-established Proof-of-Work (PoW) and 5× faster than Proof-of-Authentication (PoAh). The transaction time reduction compared to PoAh is 79.15%. An optimized ultra low power design of the PUF and hashing module also provides a significant decrease of power consumption.

show abstract

“…Each node interacts with the smart contract through the provided contract address and the Remote Procedure Call (RPC) interface to check the validity of the tokens or access permission. Another method that is suitable for all access control mechanisms in IoT is proposed by Ali et al [34] with focus on right delegation. In this method the device (owner) in the process of registration in the blockchain, will sign a contract.…”

Section: A Using Blockchain As Database For Rulesmentioning

confidence: 99%

Authentication and Access Control based on Distributed Ledger Technology: A survey

Ghaffari

Bertin

Hatin

et al. 2020

2020 2nd Conference on Blockchain Research &Amp; Applications for Innovative Networks and Services (BRAINS)

View full text Add to dashboard Cite

As the first step in preserving system security, Authentication and Access Control (AAC) plays a vital role in all businesses. Recently, emerging the blockchain and smart contract technology has attracted significant scientific interest in research areas like authentication and access control processes. In the context of authentication and access control, blockchain can offer greater data and rule confidentiality and integrity, as well as increasing the availability of the system by removing the single point of failure in the procedure. To categorize and find the most important open problems in this research area, having a comprehensive review is crucial. To the best of our knowledge, for the first time in this survey, we aim to describe the current state of the art in deploying blockchain and smart contracts specifically in authentication and access control. Following an introduction to AAC and blockchain technology, we present a brief background of distributed ledger technology, access control and authentication. To offer a clearer understanding of the state of the art, we propose taxonomy to categorize the existing methods based on their type, application environment and their justification for exploiting blockchain. For the conclusion of the paper, we examined the advantages and disadvantages of the proposed method in different contexts like security, resource consumption and privacy. Also we discussed about the future work.

show abstract

Blockchain based permission delegation and access control in Internet of Things (BACI)

Cited by 74 publications

References 12 publications

A Mechanism to Resolve the Unauthorized Access Vulnerability Caused by Permission Delegation in Blockchain-Based Access Control

A Mechanism to Resolve the Unauthorized Access Vulnerability Caused by Permission Delegation in Blockchain-Based Access Control

PUFchain: A Hardware-Assisted Blockchain for Sustainable Simultaneous Device and Data Security in the Internet of Everything (IoE)

Authentication and Access Control based on Distributed Ledger Technology: A survey

Contact Info

Product

Resources

About