Skip to main content

Towards Blockchain-Based Identity and Access Management for Internet of Things in Enterprises

Part of the Lecture Notes in Computer Science book series (LNSC,volume 11033)

Abstract

With the Internet of Things (IoT) evolving more and more, companies active within this area face new challenges for their Identity and Access Management (IAM). Namely, general security, resource constraint devices, interoperability, and scalability cannot be addressed anymore with traditional measures. Blockchain technology, however, may act as an enabler to overcome those challenges. In this paper, general application areas for blockchain in IAM are described based on recent research work. On this basis, it is discussed how blockchain can address IAM challenges presented by IoT. Finally, a corporate scenario utilizing blockchain-based IAM for IoT is outlined to assess the applicability in practice. The paper shows that private blockchains can be leveraged to design tamper-proof IAM functionality while maintaining scalability regarding the number of clients and transactions. This could be useful for enterprises to prevent single-point-of-failures as well as to enable transparent and secure auditing & monitoring of security-relevant events.

Keywords

  • Identity and Access Management
  • Access Control
  • Blockchain
  • Internet of Things

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-319-98385-1_12
  • Chapter length: 15 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   54.99
Price excludes VAT (USA)
  • ISBN: 978-3-319-98385-1
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   69.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.

References

  1. Adireddy, A., Gottapu, U., Aravamudhan, A.P.: Usercentric federation of access to Internet-of-Things(IoT) devices: a valet key for IoT devices. In: 2016 International Conference on Circuits, Controls, Communications and Computing (I4C), pp. 1–7, October 2016. https://doi.org/10.1109/CIMCA.2016.8053280

  2. Azaria, A., Ekblaw, A., Vieira, T., Lippman, A.: Medrec: Using blockchain for medical data access and permission management. In: International Conference on Open and Big Data (OBD), pp. 25–30. IEEE (2016)

    Google Scholar 

  3. Babar, S., Mahalle, P., Stango, A., Prasad, N., Prasad, R.: Proposed security model and threat taxonomy for the Internet of Things (IoT). In: Recent Trends in Network Security and Applications, pp. 420–429 (2010)

    CrossRef  Google Scholar 

  4. Cachin, C.: Architecture of the hyperledger blockchain fabric. In: Workshop on Distributed Cryptocurrencies and Consensus Ledgers (2016)

    Google Scholar 

  5. Chen, J., Liu, Y., Chai, Y.: An identity management framework for internet of things. In: 2015 IEEE 12th International Conference on e-Business Engineering (ICEBE), pp. 360–364. IEEE (2015)

    Google Scholar 

  6. Christidis, K., Devetsikiotis, M.: Blockchains and smart contracts for the internet of things. IEEE Access 4, 2292–2303 (2016)

    CrossRef  Google Scholar 

  7. Crosby, M., Pattanayak, P., Verma, S., Kalyanaraman, V.: Blockchain technology: beyond bitcoin. Appl. Innov. 2, 6–10 (2016)

    CrossRef  Google Scholar 

  8. Douceur, J.R.: The Sybil attack. In: Druschel, P., Kaashoek, F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45748-8_24

    CrossRef  Google Scholar 

  9. Fischer, M.J., Lynch, N.A., Paterson, M.S.: Impossibility of distributed consensus with one faulty process. J. ACM (JACM) 32(2), 374–382 (1985)

    MathSciNet  CrossRef  Google Scholar 

  10. Godik, S., Moses, T.: OASIS extensible access control markup language (XACML). OASIS Committee Secification cs-xacml-specification-1.0 (2002)

    Google Scholar 

  11. Gusmeroli, S., Piccione, S., Rotondi, D.: IoT access control issues: a capability based approach. In: 2012 Sixth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS), pp. 787–792. IEEE (2012)

    Google Scholar 

  12. Haller, S., Karnouskos, S., Schroth, C.: The internet of things in an enterprise context. In: Domingue, J., Fensel, D., Traverso, P. (eds.) FIS 2008. LNCS, vol. 5468, pp. 14–28. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00985-3_2

    CrossRef  Google Scholar 

  13. Hevner, A.R., March, S.T., Park, J., Ram, S.: Design science in information systems research. MIS Q. 28(1), 75–105 (2004)

    CrossRef  Google Scholar 

  14. Hu, V.C., et al.: Guide to attribute based access control (ABAC) definition and considerations. NIST Special Publication 800–162 (2014)

    Google Scholar 

  15. Kshetri, N.: Can blockchain strengthen the internet of things? IT Prof. 19(4), 68–72 (2017)

    CrossRef  Google Scholar 

  16. Lamport, L., Shostak, R., Pease, M.: The byzantine generals problem. ACM Trans. Program. Lang. Syst. (TOPLAS) 4(3), 382–401 (1982)

    CrossRef  Google Scholar 

  17. Di Francesco Maesa, D., Mori, P., Ricci, L.: Blockchain based access control. In: Chen, L.Y., Reiser, H.P. (eds.) DAIS 2017. LNCS, vol. 10320, pp. 206–220. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59665-5_15

    CrossRef  Google Scholar 

  18. Mickens, J.: The saddest moment. Login Usenix Mag. 39(3), 52–54 (2014)

    Google Scholar 

  19. Moinet, A., Darties, B., Baril, J.L.: Blockchain based trust & authentication for decentralized sensor networks. arXiv preprint arXiv:1706.01730 (2017)

  20. Osmanoglu, E.: Identity and Access Management: Business Performance Through Connected Intelligence. Newnes, Waltham (2013)

    Google Scholar 

  21. Ouaddah, A., Mousannif, H., Elkalam, A.A., Ouahman, A.A.: Access control in the internet of things: big challenges and new opportunities. Comput. Netw. 112, 237–262 (2017)

    CrossRef  Google Scholar 

  22. Outchakoucht, A., Hamza, E.S., Leroy, J.P.: Dynamic access control policy based on blockchain and machine learning for the internet of things. Int. J. Adv. Comput. Sci. Appl. 8(7), 417–424 (2017)

    Google Scholar 

  23. Polyzos, G.C., Fotiou, N.: Blockchain-assisted information distribution for the internet of things. In: 2017 IEEE International Conference on Information Reuse and Integration (IRI), pp. 75–78. IEEE (2017)

    Google Scholar 

  24. Rodrigues, R., Liskov, B., Chen, K., Liskov, M., Schultz, D.: Automatic reconfiguration for large-scale reliable storage systems. IEEE Trans. Dependable Secure Comput. 9(2), 145–158 (2012)

    CrossRef  Google Scholar 

  25. Roman, R., Zhou, J., Lopez, J.: On the features and challenges of security and privacy in distributed internet of things. Comput. Netw. 57(10), 2266–2279 (2013)

    CrossRef  Google Scholar 

  26. Salman, O., Abdallah, S., Elhajj, I.H., Chehab, A., Kayssi, A.: Identity-based authentication scheme for the internet of things. In: 2016 IEEE Symposium on Computers and Communication (ISCC), pp. 1109–1111. IEEE (2016)

    Google Scholar 

  27. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38–47 (1996)

    CrossRef  Google Scholar 

  28. Schneider, F.B.: Implementing fault-tolerant services using the state machine approach: a tutorial. ACM Comput. Surv. (CSUR) 22(4), 299–319 (1990)

    CrossRef  Google Scholar 

  29. Shafagh, H., Hithnawi, A., Duquennoy, S.: Towards blockchain-based auditable storage and sharing of IoT data. arXiv preprint arXiv:1705.08230 (2017)

  30. Trnka, M., Cerny, T.: Identity management of devices in internet of things environment. In: 2016 6th International Conference on IT Convergence and Security (ICITCS), pp. 1–4. IEEE (2016)

    Google Scholar 

  31. Vukolić, M.: The quest for scalable blockchain fabric: proof-of-work vs. BFT replication. In: Camenisch, J., Kesdoğan, D. (eds.) iNetSec 2015. LNCS, vol. 9591, pp. 112–125. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-39028-4_9

    CrossRef  Google Scholar 

  32. Vukolić, M.: Rethinking permissioned blockchains. In: Proceedings of the ACM Workshop on Blockchain, Cryptocurrencies and Contracts, pp. 3–7. ACM (2017)

    Google Scholar 

  33. Zhu, X., Badr, Y., Pacheco, J., Hariri, S.: Autonomic identity framework for the internet of things. In: 2017 International Conference on Cloud and Autonomic Computing (ICCAC), pp. 69–79. IEEE (2017)

    Google Scholar 

Download references

Acknowledgment

This research was supported by the Federal Ministry of Education and Research, Germany, as part of the BMBF DINGfest project (https://dingfest.ur.de).

Author information

Authors and Affiliations

Authors

Corresponding authors

Correspondence to Martin Nuss , Alexander Puchta or Michael Kunz .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Nuss, M., Puchta, A., Kunz, M. (2018). Towards Blockchain-Based Identity and Access Management for Internet of Things in Enterprises. In: Furnell, S., Mouratidis, H., Pernul, G. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2018. Lecture Notes in Computer Science(), vol 11033. Springer, Cham. https://doi.org/10.1007/978-3-319-98385-1_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-98385-1_12

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-98384-4

  • Online ISBN: 978-3-319-98385-1

  • eBook Packages: Computer ScienceComputer Science (R0)