Access Control for Distributed Ledgers in the Internet of Things: A Networking Approach

TL;DR

This paper introduces a novel, networking-inspired access control algorithm for IoT-friendly directed acyclic graph-based distributed ledgers, ensuring fairness, efficiency, and security without relying on proof of work.

Contribution

It presents a new access control algorithm for IoT-oriented DLTs that applies networking concepts, ensuring resource utilization, fairness, and security in adversarial environments.

Findings

The algorithm guarantees resource utilization and fairness.

Simulations validate the algorithm's efficiency and security.

The approach is suitable for resource-constrained IoT devices.

Abstract

In the Internet of Things (IoT) domain, devices need a platform to transact seamlessly without a trusted intermediary. Although Distributed Ledger Technologies (DLTs) could provide such a platform, blockchains, such as Bitcoin, were not designed with IoT networks in mind, hence are often unsuitable for such applications: they offer poor transaction throughput and confirmation times, put stress on constrained computing and storage resources, and require high transaction fees. In this work, we consider a class of IoT-friendly DLTs based on directed acyclic graphs, rather than a blockchain, and with a reputation system in the place of Proof of Work (PoW). However, without PoW, implementation of these DLTs requires an access control algorithm to manage the rate at which nodes can add new transactions to the ledger. We model the access control problem and present an algorithm that is fair, efficient and secure. Our algorithm represents a new design paradigm for DLTs in which concepts from networking are applied to the DLT setting for the first time. For example, our algorithm uses distributed rate setting which is similar in nature to transmission control used in the Internet. However, our solution features novel adaptations to cope with the adversarial environment of DLTs in which no individual agent can be trusted. Our algorithm guarantees utilisation of resources, consistency, fairness, and resilience against attackers. All of this is achieved efficiently and with regard for the limitations of IoT devices. We perform extensive simulations to validate these claims.