Decentralising Access Control for IoT Environment

IoT has a profound impact on businesses and individuals with growing adoption. Security and scalability are key subjects for scaling the adoption. Cyber attacks increase each year, and the emerging technologies' addition such as Machine Learning introduce vulnerabilities with additional complexity. Access control can mitigate security threats with proper rights management. XACML is an appropriate way to enforce complex policies in heterogeneous environments like IoT due to its flexibility. Furthermore, the blockchain's advantages like data immutability and availability can aid in building a trustworthy access control system for IoT. Blockchain can support a de-centralised architecture for policy evaluation and avoid single points of failure for the policy evaluation resulting in enhanced security of the IoT network. Smart contracts accommodate the access control policies' evaluation for delivering a decentralised and tamper-proof system with consistent outcomes. This paper proposes a decentralised access control approach following the XACML standard and enabling the access control decision evaluation using smart contracts. The implementation's impact on a complex real-world environment is described. The reference implementation is extensible to a great degree as it has flexibility in including services on top of the blockchain, such as an audit mechanism on the access decisions.