Efficient Distributed Authentication and Access Control System Management for Internet of Things Using Blockchain

  • Hadjer Benhadj DjilaliEmail author
  • Djamel Tandjaoui
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11557)


Internet of things (IoT) enables a huge network of connected devices inter-working and collaborating to provide relevant services and applications. This technology entered the market and is expected to grow in the upcoming years, as the critical questions related to the management and communication security continue to be challenging research problems. Current solutions of access control system management that enables communication between devices depend mainly on the use of digital certificates for authentication. However, such an approach imposes significant overhead on IoT devices since it is computationally demanding and requires validation of the certificate within a limited period. In addition, relying on a central node for deciding on issuing and revoking certificates introduces a single point of failure and could even risk the safety of personal information or physical damages related to IoT services. In this paper, we propose a new distributed authentication and access control system management for IoT by the use of Blockchain technology to keep track of the certificate of each IoT device (valid or revoked) in distributed and immutable records. In essence we replace certificate verification with a lightweight blockchain-based authentication approach. In addition, we propose a fully distributed IoT admission/revocation scheme. We show that our scheme could alleviate the computation overhead and enhance the response time while improving the overall system security.


Internet of Things Access control system management Authentication Blockchain Security 


  1. 1.
    Espiner, T.: Trustwave sold root certificate for surveillance (2012)Google Scholar
  2. 2.
    Fisher, D.: Final report on DigiNotar hack shows total compromise of CA serversGoogle Scholar
  3. 3.
    Swan, M.: Blockchain: Blueprint for a New Economy. O’Reilly Media Inc., Sebastopol (2015)Google Scholar
  4. 4.
    Conoscenti, M., Vetr, A., Martin, J.C.D.: Blockchain for the internet of things: a systematic literature review. In: The Third International Symposium on Internet of Things: Systems, Management and Security (IOTSMS 2016) (2016)Google Scholar
  5. 5.
    Wilson, D., Ateniese, G.: From pretty good to great: enhancing PGP using bitcoin and the blockchain. CoRR abs/1508.04868 (2015)Google Scholar
  6. 6.
    Zyskind, G., Nathan, O., Pentland, A.S.: Decentralizing privacy: using blockchain to protect personal data (2015)Google Scholar
  7. 7.
    Cha, S.-C., Chen, J.-F., Su, C., Yeh, K.-H.: A blockchain connected gateway for BLE-based devices in the internet of things. IEEE J. (2018). Scholar
  8. 8.
    Zhang, Y., Dukkipati, C., Cheng, L.C.: Decentralized, blockchain based access control framework for the heterogeneous internet of things. ACM (2018).
  9. 9.
    Xu, R., Yu, C., Blasch, E., Chen, G.: A BLockchain-ENabled Decentralized Capability-Based Access Control for IoTs, BlendCAC (2018).
  10. 10.
    Ouaddah, A., Elkala, A.A., Ouahman, A.A.: Towards a novel privacy-preserving access control model based on blockchain technology in IoT. In: Europe and MENA Cooperation Advances in Information and Communication Technologies (2017)Google Scholar
  11. 11.
    Zhang, Y., Wen, J.: An IoT electric business model based on the protocol of bitcoin. In: Proceedings of the 2015 18th International Conference on Intelligence in Next Generation Networks, ICIN 2015, pp. 184–191. IEEE, France, February 2015Google Scholar
  12. 12.
    Crosby, M., Pattanayak, P., Verma, S., Kalyanaraman, V.: Blockchain technology: beyond bitcoin. Appl. Innov. 2, 6–10 (2016)CrossRefGoogle Scholar
  13. 13.
    Popov, S.: The tangle (2016).
  14. 14.
    Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986). Scholar
  15. 15.
    Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ECDSA). Int. J. Inf. Secur. 1, 36–63 (2001)CrossRefGoogle Scholar
  16. 16.
    Rivest, R.L., Shamir, A., Adleman, L.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21(2), 120–126 (1978)MathSciNetCrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.LSIUSTHB: University of Sciences and Technology Houari BoumedieneAlgiersAlgeria
  2. 2.Computer Security DivisionCERIST: Research Center on Scientific and Technical InformationAlgiersAlgeria

Personalised recommendations