Trust Management in Decentralized IoT Access Control System

TL;DR

This paper proposes a blockchain-based trust and reputation system for IoT access control, enabling dynamic, self-adaptive, and trustworthy permissions in heterogeneous IoT networks.

Contribution

It introduces a novel trust and reputation framework integrated with attribute-based access control using blockchain, addressing dynamic IoT network interactions.

Findings

Effective trust evaluation of IoT nodes

Dynamic access control policies based on trust scores

Performance benchmarks demonstrating system applicability

Abstract

Heterogeneous and dynamic IoT environments require a lightweight, scalable, and trustworthy access control system for protection from unauthorized access and for automated detection of compromised nodes. Recent proposals in IoT access control systems have incorporated blockchain to overcome inherent issues in conventional access control schemes. However, the dynamic interaction of IoT networks remains uncaptured. Here, we develop a blockchain based Trust and Reputation System (TRS) for IoT access control, which progressively evaluates and calculates the trust and reputation score of each participating node to achieve a self-adaptive and trustworthy access control system. Trust and reputation are explicitly incorporated in the attribute-based access control policy, so that different nodes can be assigned to different access right levels, resulting in dynamic access control policies. We implement our proposed architecture in a private Ethereum blockchain comprised of a Docker container network. We benchmark our solution using various performance metrics to highlight its applicability for IoT contexts.