| The Internet of Things(IoT)is a comprehensive information system that connects objects with perception as the core,which is integrated with the Internet through various wired and wireless networks by comprehensively applying a large number of sensors,intelligent terminals,global positioning systems,etc.Thus,it can not only provide things-to-things,things-to-people,people-to-people connections anytime and anywhere,but also realize intelligent management and real-time control of the system.Although the widespread application of the IoT has effectively solved the pain points in the development of various industries,the increasingly complex network environment makes the security threats faced even more serious.Meanwhile,the IoT devices are closer to the users and often involve massive sensitive personal data.If these data are not timely processed and reliably protected,the disclosure will bring huge losses to users.As one of the cornerstone technologies of security protection,access control can guarantee that resources can only be performed legally by users with corresponding permissions according to the preset access control policy.Therefore,how to achieve secure and efficient access authorization in the IoT environment has become an essential problem to be solved.Given the above problems,the main contributions of this thesis are as follows:1.To solve the problem of single point of failure in the traditional access control model,an access control scheme based on smart contract is proposed.Firstly,the distributed architecture based on hierarchical blockchain for Internet of Things(DAHB)is proposed,which includes device layer,edge layer and the cloud layer.Secondly,DAHB combines the advantages of blockchain technology to realize flexible,dynamic and automatic access control for IoT devices based on ABAC model in the domain and across the domain by means of smart contract in this architecture.Finally,the credit value and honesty are added to the attribute metric to dynamically evaluate the trust relationship between different domains and devices.The theoretical analysis and experimental results show that this scheme is more effective than the existing schemes in solving the requirements of lightweight,fine-grained and security in IoT environment.2.In order to maximize the protection of data privacy and security,an attribute-based encryption scheme based on hidden policy is proposed.First,the cost of decryption calculation is reduced through outsourcing decryption to avoid the burden of large amount of computation on IoT terminals with limited computing and communication capabilities.Second,the proposed scheme utilizes Multi-Authority,in which users are identified with a hash function to effectively resist collusion attacks caused by joint communication between different attribute authorities.At the same time,the scheme supports linear secret sharing scheme(LSSS)access structure.Theoretical analysis and comparison results show that the scheme is more secure and efficient than other schemes in achieving the hidden access structure. |
PDF Full Text Request