Smart Contract-Based Access Control for the Internet of Things

TL;DR

This paper presents a blockchain-based access control framework for IoT systems using smart contracts to enable distributed, trustworthy, and dynamic access management, demonstrated through a practical Ethereum implementation.

Contribution

It introduces a novel smart contract architecture with multiple contracts for static and dynamic access control, misbehavior judgment, and management in IoT environments.

Findings

Successfully implemented on Ethereum platform.

Demonstrated effective access control in a multi-device IoT setup.

Provides a scalable and trustworthy access control solution.

Abstract

This paper investigates a critical access control issue in the Internet of Things (IoT). In particular, we propose a smart contract-based framework, which consists of multiple access control contracts (ACCs), one judge contract (JC) and one register contract (RC), to achieve distributed and trustworthy access control for IoT systems. Each ACC provides one access control method for a subject-object pair, and implements both static access right validation based on predefined policies and dynamic access right validation by checking the behavior of the subject. The JC implements a misbehavior-judging method to facilitate the dynamic validation of the ACCs by receiving misbehavior reports from the ACCs, judging the misbehavior and returning the corresponding penalty. The RC registers the information of the access control and misbehavior-judging methods as well as their smart contracts, and also provides functions (e.g., register, update and delete) to manage these methods. To demonstrate the application of the framework, we provide a case study in an IoT system with one desktop computer, one laptop and two Raspberry Pi single-board computers, where the ACCs, JC and RC are implemented based on the Ethereum smart contract platform to achieve the access control.