{"title":"基于区块链的物联网应用访问控制管理架构","authors":"I. Moursy, S. Ghanem, Mohamed Nazih ElDerini","doi":"10.1109/ISCC55528.2022.9912781","DOIUrl":null,"url":null,"abstract":"Internet of Things (IoT) integrates the physical world with the Internet to facilitate sharing data among entities. These IoT applications bring security and management challenges. In this paper, using blockchain technology, an end-to-end secure architecture is proposed for an auditable tamper-proof log of sensors' data and events. A Role Based Access Control policy is enforced using smart contracts that controls access to both sensors' data and executing commands on actuators. For confidentiality, the data is kept encrypted in transit and at rest. In addition, the data is stored off-the-chain in a distributed content-based addressable network, while its address and access records are stored at the blockchain. The proposed design is suitable for real-time and mission-critical IoT applications. Finally, a proof-of-concept implementation shows the efficiency and scalability of the proposed architecture.","PeriodicalId":309606,"journal":{"name":"2022 IEEE Symposium on Computers and Communications (ISCC)","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2022-06-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"A Blockchain-Based Architecture for Access Control Management of IoT Applications\",\"authors\":\"I. Moursy, S. Ghanem, Mohamed Nazih ElDerini\",\"doi\":\"10.1109/ISCC55528.2022.9912781\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Internet of Things (IoT) integrates the physical world with the Internet to facilitate sharing data among entities. These IoT applications bring security and management challenges. In this paper, using blockchain technology, an end-to-end secure architecture is proposed for an auditable tamper-proof log of sensors' data and events. A Role Based Access Control policy is enforced using smart contracts that controls access to both sensors' data and executing commands on actuators. For confidentiality, the data is kept encrypted in transit and at rest. In addition, the data is stored off-the-chain in a distributed content-based addressable network, while its address and access records are stored at the blockchain. The proposed design is suitable for real-time and mission-critical IoT applications. Finally, a proof-of-concept implementation shows the efficiency and scalability of the proposed architecture.\",\"PeriodicalId\":309606,\"journal\":{\"name\":\"2022 IEEE Symposium on Computers and Communications (ISCC)\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-06-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE Symposium on Computers and Communications (ISCC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISCC55528.2022.9912781\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE Symposium on Computers and Communications (ISCC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISCC55528.2022.9912781","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
摘要
物联网(Internet of Things, IoT)将物理世界与互联网相结合,方便实体之间的数据共享。这些物联网应用带来了安全和管理方面的挑战。本文利用区块链技术,提出了一种端到端安全架构,用于传感器数据和事件的可审计防篡改日志。基于角色的访问控制策略使用智能合约来实施,智能合约控制对传感器数据的访问和对执行器执行命令。为了保密,数据在传输和静止时都是加密的。此外,数据存储在基于内容的分布式可寻址网络中,而其地址和访问记录存储在区块链中。提出的设计适用于实时和关键任务的物联网应用。最后,概念验证实现展示了所提出体系结构的效率和可扩展性。
A Blockchain-Based Architecture for Access Control Management of IoT Applications
Internet of Things (IoT) integrates the physical world with the Internet to facilitate sharing data among entities. These IoT applications bring security and management challenges. In this paper, using blockchain technology, an end-to-end secure architecture is proposed for an auditable tamper-proof log of sensors' data and events. A Role Based Access Control policy is enforced using smart contracts that controls access to both sensors' data and executing commands on actuators. For confidentiality, the data is kept encrypted in transit and at rest. In addition, the data is stored off-the-chain in a distributed content-based addressable network, while its address and access records are stored at the blockchain. The proposed design is suitable for real-time and mission-critical IoT applications. Finally, a proof-of-concept implementation shows the efficiency and scalability of the proposed architecture.