IHIBE: A Hierarchical and Delegated Access Control Mechanism for IoT Environments

Abstract

Read online

Ensuring authorized access control in the IoT is vital for privacy and safety protection. Our study presents the novel IHIBE framework, which combines IOTA (a distributed ledger technology) with hierarchical identity-based encryption (HIBE), thereby enhancing both IoT security and scalability. This approach secures access tokens and policies while reducing the computational demand on data owners. Our empirical findings reveal a significant performance gap, with access rights delegation on the Raspberry Pi 4 exceeding those on AWS by over 250%. Moreover, our analysis uncovers optimal identity policy depths: up to 640 identities on AWS and 640 on the Raspberry Pi 4 for systems with higher tolerable delays, and 320 identities on AWS versus 160 on the Raspberry Pi 4 for systems with lower tolerable delays. The system shows practical viability, exhibiting insignificant operational time differences compared to Zhang et al.’s schemes, particularly in access rights verification processes, with a minimal difference of 33.35%. Our extensive security assessment, encompassing scenarios like encrypted token theft and compromise of authority, affirms the efficacy of our challenge-response and last-word challenge (LWC) mechanisms. This study underscores the importance of platform choice in IoT system architectures and provides insights for deploying efficient, secure, and scalable IoT environments.

Keywords

• Internet of Things
• access control
• IOTA
• hierarchical identity-based encryption
• HIBE
• hierarchical access control