User-Managed Access Delegation for Blockchain-driven IoT Services

Abstract

With the advancements in network bandwidth and hardware capability, the Internet of Things (IoT) has now become more and more prevalent. Nevertheless, due to the increment of the data value, incidents of malicious attacks are also spreading. Therefore, the robust access control mechanism plays an important role when designing an IoT system. Regrettably, most of the IoT devices have the limitation of the power and computation capacity. To tackle this issue, it is general for the IoT system to delegate the access control service to the third party. However, centralized access control services may bring about some significant disadvantages such as lack of transparency and reliability. Moreover, it is difficult for users to track authorization history and manage authorization policies. Fortunately, blockchain is regarded as a promising technology that can cover the shortage of the centralized system and improve the security of IoT. This paper proposes a Blockchain-assisted User-Managed Access (B-UMA) schema base on the IoT scenario. To prove the feasibility of the proposed schema, we also build a prototype system adopting the “Smart Factory” use case. Finally, the qualitative comparison among B-UMA and related access control frameworks are also presented.