Dynamic-IoTrust: A Dynamic Access Control for IoT Based on Smart Contracts

The Internet of things (IoT) is an active, real-world area in need of more investigation. One of the top weaknesses in security challenges that IoTs face, the centralized access control server, which can be a single point of failure. In this paper, Dynamic-IoTrust, a decentralized access control smart contract based aims to overcome distrusted, dynamic, trust and authentication issues for access control in IoT. It also integrates dynamic trust value to evaluate users based on behavior. In particular, the Dynamic-IoTrust contains multiple Main Smart Contract, one Register Contract, and one Judging Contract to achieve efficient distributed access control management. Dynamic-IoTrust provides both static access rights by allowing predefined access control policies and also provides dynamic access rights by checking the trust value and the behavior of the user. The system also provides to detected user misbehavior and make a decision for user trust value and penalty. There are several levels of trusted users to access the IoTs device. Finally, the case study demonstrates the feasibility of the Dynamic-IoTrust model to offer a dynamic decentralized access control system with trust value attribute to evaluate the internal user used IoTs devices.