Securing RC Based P2P Networks: A Blockchain-based Access Control Framework utilizing Ethereum Smart Contracts for IoT and Web 3.0

TL;DR

This paper introduces a blockchain-based access control framework using Ethereum smart contracts to enhance security, flexibility, and decentralization in highly dynamic P2P networks like IoT and Web 3.0.

Contribution

It proposes a novel Ethereum smart contract framework with access control, misbehavior handling, and interaction management tailored for P2P networks.

Findings

Provides a scalable, decentralized access control solution

Addresses high churn rate challenges in P2P networks

Enhances security with threat assessment and response mechanisms

Abstract

Ensuring security for highly dynamic peer-to-peer (P2P) networks has always been a challenge, especially for services like online transactions and smart devices. These networks experience high churn rates, making it difficult to maintain appropriate access control. Traditional systems, particularly Role-Based Access Control (RBAC), often fail to meet the needs of a P2P environment. This paper presents a blockchain-based access control framework that uses Ethereum smart contracts to address these challenges. Our framework aims to close the gaps in existing access control systems by providing flexible, transparent, and decentralized security solutions. The proposed framework includes access control contracts (ACC) that manage access based on static and dynamic policies, a Judge Contract (JC) to handle misbehavior, and a Register Contract (RC) to record and manage the interactions between ACCs and JC. The security model combines impact and severity-based threat assessments using the CIA (Confidentiality, Integrity, Availability) and STRIDE principles, ensuring responses are tailored to different threat levels. This system not only stabilizes the fundamental issues of peer membership but also offers a scalable solution, particularly valuable in areas such as the Internet of Things (IoT) and Web 3.0 technologies.