Abstract
Internet of things (IoT) enables a huge network of connected devices inter-working and collaborating to provide relevant services and applications. This technology entered the market and is expected to grow in the upcoming years, as the critical questions related to the management and communication security continue to be challenging research problems. Current solutions of access control system management that enables communication between devices depend mainly on the use of digital certificates for authentication. However, such an approach imposes significant overhead on IoT devices since it is computationally demanding and requires validation of the certificate within a limited period. In addition, relying on a central node for deciding on issuing and revoking certificates introduces a single point of failure and could even risk the safety of personal information or physical damages related to IoT services. In this paper, we propose a new distributed authentication and access control system management for IoT by the use of Blockchain technology to keep track of the certificate of each IoT device (valid or revoked) in distributed and immutable records. In essence we replace certificate verification with a lightweight blockchain-based authentication approach. In addition, we propose a fully distributed IoT admission/revocation scheme. We show that our scheme could alleviate the computation overhead and enhance the response time while improving the overall system security.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Espiner, T.: Trustwave sold root certificate for surveillance (2012)
Fisher, D.: Final report on DigiNotar hack shows total compromise of CA servers
Swan, M.: Blockchain: Blueprint for a New Economy. O’Reilly Media Inc., Sebastopol (2015)
Conoscenti, M., Vetr, A., Martin, J.C.D.: Blockchain for the internet of things: a systematic literature review. In: The Third International Symposium on Internet of Things: Systems, Management and Security (IOTSMS 2016) (2016)
Wilson, D., Ateniese, G.: From pretty good to great: enhancing PGP using bitcoin and the blockchain. CoRR abs/1508.04868 (2015)
Zyskind, G., Nathan, O., Pentland, A.S.: Decentralizing privacy: using blockchain to protect personal data (2015)
Cha, S.-C., Chen, J.-F., Su, C., Yeh, K.-H.: A blockchain connected gateway for BLE-based devices in the internet of things. IEEE J. (2018). https://doi.org/10.1109/ACCESS.2018.2799942
Zhang, Y., Dukkipati, C., Cheng, L.C.: Decentralized, blockchain based access control framework for the heterogeneous internet of things. ACM (2018). https://doi.org/10.1145/3180457.3180458
Xu, R., Yu, C., Blasch, E., Chen, G.: A BLockchain-ENabled Decentralized Capability-Based Access Control for IoTs, BlendCAC (2018). https://arxiv.org/pdf/1804.09267.pdf
Ouaddah, A., Elkala, A.A., Ouahman, A.A.: Towards a novel privacy-preserving access control model based on blockchain technology in IoT. In: Europe and MENA Cooperation Advances in Information and Communication Technologies (2017)
Zhang, Y., Wen, J.: An IoT electric business model based on the protocol of bitcoin. In: Proceedings of the 2015 18th International Conference on Intelligence in Next Generation Networks, ICIN 2015, pp. 184–191. IEEE, France, February 2015
Crosby, M., Pattanayak, P., Verma, S., Kalyanaraman, V.: Blockchain technology: beyond bitcoin. Appl. Innov. 2, 6–10 (2016)
Popov, S.: The tangle (2016). https://iota.org/IOTAWhitepaper.pdf
Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986). https://doi.org/10.1007/3-540-39799-X_31
Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ECDSA). Int. J. Inf. Secur. 1, 36–63 (2001)
Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Benhadj Djilali, H., Tandjaoui, D. (2019). Efficient Distributed Authentication and Access Control System Management for Internet of Things Using Blockchain. In: Renault, É., Boumerdassi, S., Leghris, C., Bouzefrane, S. (eds) Mobile, Secure, and Programmable Networking. MSPN 2019. Lecture Notes in Computer Science(), vol 11557. Springer, Cham. https://doi.org/10.1007/978-3-030-22885-9_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-22885-9_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-22884-2
Online ISBN: 978-3-030-22885-9
eBook Packages: Computer ScienceComputer Science (R0)