Internet of Things(IoT)devices facilitate intelligent service delivery in a broad range of settings,such as smart offices,homes and cities.However,the existing IoT access control solutions are mainly based on conventi...Internet of Things(IoT)devices facilitate intelligent service delivery in a broad range of settings,such as smart offices,homes and cities.However,the existing IoT access control solutions are mainly based on conventional identity management schemes and use centralized architectures.There are knowm security and privacy limitations with such schemes and architectures,such as the single-point failure or surveillance(e.g.,device tracking).Hence,in this paper,we present an architecture for capability-based IoT access control utilizing the blockchain and decentralized identifiers to manage the identity and access control for IoT devices.Then,we propose a protocol to provide a systematic view of system interactions,to improve security.We also implement a proof-of-concept prototype of the proposed approach and evaluate the prototype using a real-world use case.Our evaluation results show that the proposed solution is feasible,secure,and scalable.展开更多
文摘Internet of Things(IoT)devices facilitate intelligent service delivery in a broad range of settings,such as smart offices,homes and cities.However,the existing IoT access control solutions are mainly based on conventional identity management schemes and use centralized architectures.There are knowm security and privacy limitations with such schemes and architectures,such as the single-point failure or surveillance(e.g.,device tracking).Hence,in this paper,we present an architecture for capability-based IoT access control utilizing the blockchain and decentralized identifiers to manage the identity and access control for IoT devices.Then,we propose a protocol to provide a systematic view of system interactions,to improve security.We also implement a proof-of-concept prototype of the proposed approach and evaluate the prototype using a real-world use case.Our evaluation results show that the proposed solution is feasible,secure,and scalable.
