Blockchain based permission delegation and access control in Internet of Things (BACI)

摘要

Access control with permission delegation mechanism allows fine granular access to secure resources. In the literature, existing architectures for permission delegation and access control are either event-based or query-based. These previous works assume a single trusted delegation service, which however is likely biased or fails to service. Also, they fail to allow users to verify delegation service operations, as such cannot be directly applied to IoT (Internet of Things) due to low power, low-bandwidth, ad-hoc and decentralized nature. This paper proposes a novel decentralized architecture for permission delegation and access control for IoT application, with demands on event and query base permission delegation. We further apply Blockchain (BC) technology to make delegation services secure, trusted, verifiable and decentralized. We investigate our proposed approach in Simple PROMELA INterpreter (SPIN) model checker using PROMELA (Process Meta Language). The "Platform Verification", "Delegation", "Mutual Exclusion" properties written in Linear Temporal Logic (LTL) are also verified against the PROMELA model. (C) 2019 Elsevier Ltd. All rights reserved.