User-Managed Access Delegation for Blockchain-driven IoT Services

Lin, Chun-An; Liao, Chun-Feng

doi:10.1109/ics51289.2020.00097

Cited by 5 publications

(8 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…There are many use cases where UMA can be utilized for IoT networks. However, the research has identified four major challenges, including availability, transparency, traceability, and maintainability [ 48 ]. UMA follows a centralized architecture and therefore is at risk of a single point of failure [ 48 ].…”

Section: Access Control Authorization Architecturementioning

confidence: 99%

“…However, the research has identified four major challenges, including availability, transparency, traceability, and maintainability [ 48 ]. UMA follows a centralized architecture and therefore is at risk of a single point of failure [ 48 ]. In a third-party access control service utilizing UMA, it can be a difficult task to trace the authorization history [ 48 ].…”

Section: Access Control Authorization Architecturementioning

confidence: 99%

“…UMA follows a centralized architecture and therefore is at risk of a single point of failure [ 48 ]. In a third-party access control service utilizing UMA, it can be a difficult task to trace the authorization history [ 48 ]. In terms of maintenance, it is challenging to upgrade in a centralized solution [ 48 ].…”

Section: Access Control Authorization Architecturementioning

confidence: 99%

“…In a third-party access control service utilizing UMA, it can be a difficult task to trace the authorization history [ 48 ]. In terms of maintenance, it is challenging to upgrade in a centralized solution [ 48 ]. The blockchain technology that follows the distributed architecture is being researched to assist UMA for the IoT [ 48 , 49 ].…”

Section: Access Control Authorization Architecturementioning

confidence: 99%

See 3 more Smart Citations

Access Control for IoT: A Survey of Existing Research, Dynamic Policies and Future Directions

Ragothaman

Wang

Rimal

et al. 2023

Sensors

View full text Add to dashboard Cite

Internet of Things (IoT) provides a wide range of services in domestic and industrial environments. Access control plays a crucial role in granting access rights to users and devices when an IoT device is connected to a network. However, many challenges exist in designing and implementing an ideal access control solution for the IoT due to the characteristics of the IoT including but not limited to the variety of the IoT devices, the resource constraints on the IoT devices, and the heterogeneous nature of the IoT. This paper conducts a comprehensive survey on access control in the IoT, including access control requirements, authorization architecture, access control models, access control policies, access control research challenges, and future directions. It identifies and summarizes key access control requirements in the IoT. The paper further evaluates the existing access control models to fulfill the access control requirements. Access control decisions are governed by access control policies. The existing approaches on dynamic policies’ specification are reviewed. The challenges faced by the existing solutions for policies’ specification are highlighted. Finally, the paper presents the research challenges and future directions of access control in the IoT. Due to the variety of IoT applications, there is no one-size-fits-all solution for access control in the IoT. Despite the challenges encountered in designing and implementing the access control in the IoT, it is desired to have an access control solution to meet all the identified requirements to secure the IoT.

show abstract

Section: Access Control Authorization Architecturementioning

confidence: 99%

Section: Access Control Authorization Architecturementioning

confidence: 99%

Section: Access Control Authorization Architecturementioning

confidence: 99%

Section: Access Control Authorization Architecturementioning

confidence: 99%

See 2 more Smart Citations

Access Control for IoT: A Survey of Existing Research, Dynamic Policies and Future Directions

Ragothaman

Wang

Rimal

et al. 2023

Sensors

View full text Add to dashboard Cite

show abstract

“…• Security threats The single blockchain node that is responsible for validation of all user requests is vulnerable to various distributed denial-of-service (DDoS) attacks such as when the malicious adversary produces a large volume of access requests in a periodical manner to waste the resources of the blockchain node. • Privacy threats The access control is carried out by the single public blockchain node by verifying the access policies and attributes stored in the blockchain, which poses privacy issues for the attribute owners [15], [16].…”

Section: Introductionmentioning

confidence: 99%

Dynamic Secure Access Control and Data Sharing Through Trusted Delegation and Revocation in a Blockchain-Enabled Cloud-IoT Environment

Alshehri

Bamasag

Alghazzawi

et al. 2023

IEEE Internet Things J.

View full text Add to dashboard Cite

The Internet of Things (IoT) is vulnerable to leakage of private information during data sharing. To avoid this problem, access control and secure data sharing have been introduced in IoT; however, many challenges are faced because of centralized access control and single delegator selection. Additionally, blockchain is integrated into IoT to enhance the security of the environment. For that purpose, this research proposes Dynamic Secure Access Control using Blockchain (DSA-Block) model, which performs secure access control and data sharing. Initially, the IoT device attributes and user attributes are registered at a local domain authority (LDA) for generating private and public keys using the Hyperelliptic Curve Cryptography (HECC) algorithm, which ensures the legitimacy of the users and devices. Then, the IoT devices send a request message to the edge nodes via a gateway, which performs request filtration by validating the user's authenticity. The filtered requests are sent to the edge server to perform access delegation using Rock Hyraxes Swarm Optimization (RHSO), which selects a set of delegator nodes. The access control decision is made by using the Trusted Practical Byzantine Fault Tolerance (PBFT) consensus algorithm. The IoT data are stored in the cloud server for secure storage, in which the data are secured using a differential privacy mechanism. Finally, dual revocations, such as user attribute revocation and user revocation, are used to maintain security. The performance of DSA-Block is evaluated and the results demonstrate that the proposed DSA-Block model achieves superior performance compared to previous works.

show abstract