Dianxin kexue (Oct 2024)
An access control scheme for IoT based on smart contracts and CP-ABE
Abstract
As the number of Internet of things (IoT) devices increases, traditional centralized access control solutions are inadequate for the current large-scale IoT environment. Existing distributed access control schemes suffer from high monetary costs and low throughput in processing access requests. To address these issues, a blockchain smart contract combined with ciphertext policy attribute based encryption (CP-ABE) was proposed to implement access control for IoT resources. Using Hyperledger Fabric as the underlying network, attribute-based encryption was applied to functional tokens, and token ciphertexts were stored using the interplanetary file system (IPFS). Through smart contracts, token retrieval addresses were publicly exposed to achieve 1-to-N authorization. Furthermore, contracts were designed to be deployed on the blockchain for decentralized permission evaluation of token requests, maintaining the allowed operations for subjects on specific resource objects, realizing more fine-grained attribute-based access control. Simulation experiments and performance analysis demonstrate that compared to existing solutions, this approach enables data owners to securely authorize access for a large number of requesting subjects in a shorter time frame. Stress tests show that the chaincode performs well.
