Skip to main content
SpringerLink
Log in

BHE-AC: a blockchain-based high-efficiency access control framework for Internet of Things

  • Original Article
  • Published:
Personal and Ubiquitous Computing Aims and scope Submit manuscript

Abstract

In this information age, with the emergence of organizations, the number of various resources on the Internet of Things is also increasing. Generally, different users have different access permissions to different resources and most of the existing schemes have realized access control. But most of them are rough and not feasible in many organizations. Moreover, traditional access control schemes adopted a central entity or a trusted third party to centrally manage users’ permissions and access information, which can easily lead to single point of failure. Therefore, a kind of secure, trusted, and fine-grained access control is urgently needed in some large-scale organizations or institutions that maintain thousands of IoT devices. In order to solve the above problems, in this paper, we propose a blockchain-based high-efficiency access control framework called BHE-AC to achieve secure and efficient access to resources for users. In BHE-AC, a registration model is designed to register users and resources, and it can evaluate the ability value for users according to their attributes which is an essential factor when requesting resources. Besides, we represent a blockchain-based token requesting mechanism to compare the capability values of users with requested resources; meanwhile, the mechanism also allows users to request multiple resources at the same time, which can avoid repeated requests. Then, an unforgeable token indicates the users’ access to a specific resource is granted to a requester only if a requester meets the access requirements; from then on, the user can use a token to invoke the resource. Finally, security analysis and experiments of our framework are given in our paper. The experimental results show that BHE-AC can achieve low cost and efficient access.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. Greenough J, Camhi J (2015) The Internet of Things: examining how the IoT will affect the world. Business Intelligence report

  2. Yaqoob I, Ahmed E, Hashem IAT, Ahmed AIA, Gani A, Imran M, Guizani M (2017) Internet of things architecture: recent advances, taxonomy, requirements, and open challenges. IEEE Wirel Commun 24(3):10–16

    Article  Google Scholar 

  3. Ur B, Jung J, Schechter S (2013) The current state of access control for smart devices in homes. In: Workshop on home usable privacy and security (HUPS). Vol. 29 HUPS 2014, pp 209–218

  4. Sandhu RS, Samarati P (1994) Access control: principle and practice. IEEE Commun Mag 32(9):40–48

    Article  Google Scholar 

  5. Bhatt S, Patwa F, Sandhu R (2017) Access control model for aws internet of things. In: International conference on network and system security. Springer, pp 721–736

  6. Sandhu RS, Coyne EJ, Feinstein HL, Youman CE (1996) Role-based access control models. Computer 29(2):38–47

    Article  Google Scholar 

  7. Hur J, Noh DK (2010) Attribute-based access control with efficient revocation in data outsourcing systems. IEEE Trans Parallel Distrib Syst 22(7):1214–1221

    Article  Google Scholar 

  8. Hernandez-Ramos JL, Pawlowski MP, Jara AJ, Skarmeta AF, Ladid L (2015) Toward a lightweight authentication and authorization framework for smart objects. IEEE J Sel Areas Commun 33(4):690–702

    Article  Google Scholar 

  9. Hussein D, Bertin E, Frey V (2017) A community-driven access control approach in distributed IoT environments. IEEE Commun Mag 55(3):146–153

    Article  Google Scholar 

  10. Gusmeroli S, Piccione S, Rotondi D (2013) A capability-based security approach to manage access control in the Internet of Things. Math Comput Model 58(5-6):1189–1205

    Article  Google Scholar 

  11. Mahalle PN, Anggorojati B, Prasad NR, Prasad R, et al. (2013) Identity authentication and capability based access control (iacac) for the Internet of Things. J Cyber Secur Mobil 1(4):309–348

    Google Scholar 

  12. Nakamoto S (2008) Bitcoin: a peer-to-peer electronic cash system, Manubot, Tech. Rep.

  13. Ouyang L, Wang S, Yuan Y, Ni X, Wang F (2019) Smart contracts: architecture and research progresses. Acta Automatica Sinica 45(3):445–457

    Google Scholar 

  14. Wood G, et al. (2014) Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper 151(2014):1–32

    Google Scholar 

  15. (2017). Ethereum:Blockchain App Platform. Accessed: Nov. 28, 2017. [Online]. Available: https://ethereum.org/

  16. Nizamuddin N, San RH, Salah K (2018) Ipfs-blockchain-based authenticity of online publications. In: International conference on blockchain. Springer, pp 199–212

  17. Dorri A, Kanhere S, Jurdak R (2016) Blockchain in internet of things: challenges and solutions. arXiv:1608.05187

  18. Dorri A, Kanhere SS, Jurdak R, Gauravaram P (2017) Blockchain for IoT security and privacy: the case study of a smart home. In: 2017 IEEE international conference on pervasive computing and communications workshops (PerCom workshops), IEEE, 618–623

  19. Wang Y, Yu J, Yan B, Wang G, Shan Z (2020) Bsv-pags: Blockchain-based special vehicles priority access guarantee scheme. Comput Commun 161:28–40

    Article  Google Scholar 

  20. Yan B, Yu J, Wang Y, Guo Q, Chai B, Liu S (2020) Blockchain-based service recommendation supporting data sharing. In: International conference on wireless algorithms, systems, and applications, Springer, pp 580–589

  21. Liu S, Yu J, Xiao Y, Wan Z, Wang S, Yan B (2020) Bc-sabe: Blockchain-aided searchable attribute-based encryption for cloud-IoT. IEEE Internet Things J 7(9):7851–7867

    Article  Google Scholar 

  22. Zhang Y, Kasahara S, Shen Y, Jiang X, Wan J (2018) Smart contract-based access control for the Internet of Things. IEEE Internet Things J 6(2):1594–1605

    Article  Google Scholar 

  23. Ouaddah A, Abou Elkalam A, Ait Ouahman A (2016) Fairaccess: a new blockchain-based access control framework for the internet of things. Secur Commun Netw 9(18):5943–5964

    Article  Google Scholar 

  24. Ouaddah A, Abou Elkalam A, Ouahman AA (2017) Towards a novel privacy-preserving access control model based on blockchain technology in IoT. In: Europe and MENA cooperation advances in information and communication technologies. Springer, pp 523–533

  25. Xu R, Chen Y, Blasch E, Chen G (2018) Blendcac: A blockchain-enabled decentralized capability-based access control for IoTs. In: 2018 IEEE International conference on Internet of Things (iThings) and ieee green computing and communications (GreenCom) and ieee cyber, physical and social computing (CPSCom) and ieee smart data (SmartData). IEEE, pp 1027–1034

  26. Zhou Q, Elbadry M, Ye F, Yang Y (2020) Towards fine-grained access control in enterprise-scale Internet-of-Things. IEEE Transactions on Mobile Computing

  27. Lyu Q, Qi Y, Zhang X, Liu H, Wang Q, Zheng N (2020) Sbac: a secure blockchain-based access control framework for information-centric networking. J Netw Comput Appl 149:102444

    Article  Google Scholar 

  28. Szabo N (1997) Formalizing and securing relationships on public networks. First Monday

  29. (2018). An introduction to Ethereum smart contracts. Accessed: Jan. 31, 2018. [Online]. Available: http://solidity.readthedocs.io/en/develop/introduction-to-smart-contracts.html

  30. Benet J (2014) Ipfs-content addressed, versioned, p2p file system. arXiv:1407.3561

Download references

Funding

This work is partially supported by the NSF of China under Grants 61832012, 61672321, 61771289, and 61373027.

Author information

Authors and Affiliations

  1. School of Computer Science and Technology, Qilu University of Technology (Shandong Academy of Sciences), Jinan, 250253, Shandong, People’s Republic of China

    Baobao Chai, Jiguo Yu & Guijuan Wang

  2. School of Mathematical Sciences, Qufu Normal University, Qufu, 273165, Shandong, People’s Republic of China

    Biwei Yan

  3. Shandong Computer Science Center (National Supercomputer Center in Jinan), Jinan, 250014, Shandong, People’s Republic of China

    Jiguo Yu

  4. Shandong Laboratory of Computer Networks, Jinan, 250014, Shandong, People’s Republic of China

    Jiguo Yu

Authors
  1. Baobao Chai
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Biwei Yan
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jiguo Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Guijuan Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Biwei Yan.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Chai, B., Yan, B., Yu, J. et al. BHE-AC: a blockchain-based high-efficiency access control framework for Internet of Things. Pers Ubiquit Comput 26, 971–982 (2022). https://doi.org/10.1007/s00779-020-01498-w

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00779-020-01498-w

Keywords

Search

Navigation