# OAuth 2.0 meets Blockchain for Authorization in Constrained IoT   Environments

**Authors:** Vasilios A. Siris, Dimitrios Dimopoulos, Nikos Fotiou, Spyros, Voulgaris, George C. Polyzos

arXiv: 1905.01665 · 2019-05-07

## TL;DR

This paper proposes integrating blockchain and smart contracts with OAuth 2.0 to enable secure, resilient, and transparent delegated authorization for constrained IoT devices, balancing privacy, delay, and cost.

## Contribution

It introduces models combining blockchain and OAuth 2.0 for IoT authorization, highlighting tradeoffs and leveraging blockchain advantages like immutability and resilience.

## Key findings

- Blockchain enhances IoT authorization security.
- Smart contracts enable transparent policy enforcement.
- Tradeoffs involve privacy, delay, and cost considerations.

## Abstract

We present models for utilizing blockchain and smart contract technology with the widely used OAuth 2.0 open authorization framework to provide delegated authorization for constrained IoT devices. The models involve different tradeoffs in terms of privacy, delay, and cost, while exploiting key advantages of blockchains and smart contracts. These include linking payments to authorization grants, immutably recording authorization information and policies in smart contracts, and offering resilience through the execution of smart contract code on all blockchain nodes.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1905.01665/full.md

## Figures

2 figures with captions in the complete paper: https://tomesphere.com/paper/1905.01665/full.md

## References

18 references — full list in the complete paper: https://tomesphere.com/paper/1905.01665/full.md

---
Source: https://tomesphere.com/paper/1905.01665