Research On Blockchain Access Control Technology For Internet Of Things Security

The Internet of Things is becoming more and more important in the era of Internet technology.It is considered to be one of the most important technologies in daily life.In addition,the Internet of Things system is growing with more and more devices.They are scalable,dynamic and distributed,so they are the origin of key security requirements in the Internet of Things.One of the most challenging issues that the Internet of Things community must deal with recently is how to ensure access control methods to manage the security requirements of such systems.Traditional access control schemes are usually based on centralized methods,which must use trusted third parties.In addition,the traditional centralized access control system of the Internet of Things has shortcomings such as single point of failure,low scalability and lack of security.The emergence of blockchain technology enables research on heat sources to solve these security problems.Therefore,it is of great significance to study the application of blockchain technology and access control technology to the security of the Internet of Things.The main research work of this paper is as follows:(1)Aiming at the single point of failure problem of traditional centralized access control system,a lightweight distributed access control framework based on smart contract is proposed.The framework includes three smart contracts: device contract(DC),policy contract(PC)and access control contract(ACC).The device contract provides URL storage methods and query methods for storing resource data generated by the device.The policy contract provides the ability to manage the attribute-based access control(ABAC)of administrator users.Access control contract is the core program to realize the access control method of common users.Combined with ABAC and blockchain technology,the licensed Hyperledger Fabric is used to implement concept verification for the proposed system.The model is also tested.The experimental results show that the performance of the proposed model is better than that of the previous Fabric-iot model.(2)DFCAC(Decentralized Federated Capability-based Access Control)is proposed to solve the problems of low scalability,lack of security and privacy of Internet of Things devices.It is a decentralized,federated,capability-based access control mechanism.The Federated Capability-based Delegation Model(FCDM)is introduced to support hierarchical and multi-step delegation.Based on the authorization and removal mechanism of delegation,a strategy is proposed.This strategy is based on the ability token and identity.It uses the smart contract technology in the blockchain to register,distribute and remove access authorization.The proof-of-concept prototype has been implemented on the computing device and tested on the local private blockchain network.The experimental results prove the feasibility of DFCAC access control solution.