基于智能合约的物联网访问控制系统

doi:10.19678/j.issn.1000-3428.0058302

计算机工程 ›› 2021, Vol. 47 ›› Issue (4): 21-31. doi: 10.19678/j.issn.1000-3428.0058302

基于智能合约的物联网访问控制系统

张江徽^1,2, 崔波^1,2, 李茹^1,2, 史锦山^1,2

1. 内蒙古大学计算机学院, 呼和浩特 010021;
2. 内蒙古自治区无线网络与移动计算重点实验室, 呼和浩特 010021

收稿日期:2020-05-12 修回日期:2020-07-14 发布日期:2020-07-21
作者简介:张江徽(1996-),男,硕士研究生,主研方向为区块链、访问控制;崔波(通信作者),讲师、博士;李茹,教授、博士;史锦山,博士研究生。
基金资助:
国家自然科学基金“命名数据网络环境下基于智能合约的隐私保护机制研究”（61962042）；内蒙古自然科学基金“命名数据无线移动自组织网络中数据转发与存储机制的研究”（2018MS06028）；赛尔网络下一代互联网技术创新项目“基于IPv6的智能家居的访问控制机制”（NGII20170415）；内蒙古自治区科技计划项目“基于区块链的全过程食品安全溯源管理系统关键技术”（2019GG376）。

Access Control System of Internet of Things Based on Smart Contract

ZHANG Jianghui^1,2, CUI Bo^1,2, LI Ru^1,2, SHI Jinshan^1,2

1. College of Computer Science, Inner Mongolia University, Hohhot 010021, China;
2. Inner Mongolia Autonomous Region Key Laboratory of Wireless Networking and Mobile Computing, Hohhot 010021, China

Received:2020-05-12 Revised:2020-07-14 Published:2020-07-21

摘要/Abstract

摘要： 在物联网环境下，传统访问控制方法采用集中式的决策实体进行访问控制授权，容易出现单点故障和数据篡改等问题，造成用户隐私数据的丢失及设备被他人非法占用。利用区块链的去中心化、不可篡改及可编程的特性，将区块链技术和访问控制技术相结合，提出一种新的物联网访问控制系统，并为该系统设计一个依托于超级账本的访问控制策略模型FACP。每个物联网设备根据FACP设置访问控制策略，只有符合访问控制策略的用户才可使用该设备，同时系统将用户划分为资源拥有者和资源请求者，以便于更好地区分不同需求的用户。实验结果表明，该系统可为物联网设备提供细粒度与动态的访问控制，且具有较高的吞吐量与较低的延迟，能够保证物联网设备访问控制的安全性及可靠性。

关键词: 物联网, 区块链, 智能合约, 超级账本, 访问控制

Abstract: Traditional access control methods in the Internet of Things(IoT) environment use centralized decision-making entities for access control authorization, which is prone to single-point failures and data tampering problems, resulting in the loss of user privacy data and the illegal use of equipment by others. To address these issues, this paper proposes an IoT access control system using smart contract, which introduces the decentralized, tamper-resistant and programmable blockchain technique into access control, and on this basis designs an access control policy model FACP that relies on hyperledger fabric for the system. Each IoT device sets an access control policy based on FACP, and only users who comply with the access control policy can use the device. At the same time, in order to better distinguish users with different needs, the system divides users into two categories:resource owners and resource requesters. Experimental results show that the system can provide fine-grained and dynamic access control for IoT devices with high throughput and low latency, ensuring the security and reliability of IoT device access control.

Key words: Internet of Things(IoT), blockchain, smart contract, hyperledger fabric, access control

中图分类号:

TP391

张江徽, 崔波, 李茹, 史锦山. 基于智能合约的物联网访问控制系统[J]. 计算机工程, 2021, 47(4): 21-31.

ZHANG Jianghui, CUI Bo, LI Ru, SHI Jinshan. Access Control System of Internet of Things Based on Smart Contract[J]. Computer Engineering, 2021, 47(4): 21-31.

http://www.ecice06.com/CN/Y2021/V47/I4/21

图/表 22

20210425164239

20210425164242

20210425164245

20210425164250

20210425164253

20210425164307

20210425164627

20210425164630

20210425164638

20210425164642

20210425164644

20210425164647

20210425164651

20210425164654

20210425164659

20210425164702

20210425164705

20210425164709

20210425164712

20210425164728

20210425164731

20210425164734

参考文献

[1] FANG Liang,YIN Lihua,GUO Yunchuan,et al.A survey of key technologies in attribute-based access control scheme[J].Chinese Journal of Computers,2017,40(7):1680-1698.(in Chinese)房梁,殷丽华,郭云川,等.基于属性的访问控制关键技术研究综述[J].计算机学报,2017,40(7):1680-1698.
[2] OUAGGAH A,ELKALAM A A,OUAHMAN A A.FairAccess:a new blockchain-based access control framework for the Internet of things[J].Security and Communication Networks,2016,9(18):5943-5964.
[3] OUAGGAH A,ELKALAM A A,OUAHMAN A A.Towards a novel privacy-preserving access control model based on blockchain technology in IoT[C]//Proceedings of Europe,Middle East and North Africa Conference on Technology and Security to Support Learning.Saidia Oujda,Morocco:[s.n.],2017:523-533.
[4] OUTCHAKOUCHT A,ES-SAMAALI H,PHILIPPE J.Dynamic access control policy based on blockchain and machine learning for the Internet of things[J].International Journal of Advanced Computer Science and Applications,2017,8(7):417-424.
[5] MAESA D D F,MORI P,RICCI L.Blockchain based access control[C]//Proceedings of International Conference on Distributed Applications and Interoperable Systems.Neuchâtel,Switzerland:[s.n.],2017:206-220.
[6] DING Shen,CAO Jin,LI Chen,et al.A novel attribute-based access control scheme using blockchain for IoT[J].IEEE Access,2019,7:38431-38441.
[7] SHI Jinshan,LI Ru.Survey of blockchain access control in Internet of things[J].Journal of Software,2019,30(6):1632-1648.(in Chinese)史锦山,李茹.物联网下的区块链访问控制综述[J].软件学报,2019,30(6):1632-1648.
[8] OURAD A Z,BELGACEM B,SALAH K.Using blockchain for IoT access control and authentication management[C]//Proceedings of International Conference on Internet of Things.Seattle,USA:[s.n.],2018:150-164.
[9] RIABI I,DHIF Y,AYED H K B,et al.A blockchain based access control for IoT[C]//Proceedings of the 15th International Wireless Communications and Mobile Computing Conference.Tangier,Morocco:IEEE Press,2019:2086-2091.
[10] KOSTAL K,HELEBRANGT P,BELLUS M,et al.Management and monitoring of IoT devices using blockchain[J].Sensors,2019,19(4):856-868.
[11] ZHANG Y,KASAHARA S,SHEN Y,et al.Smart contract-based access control for the internet of things[J].IEEE Internet of Things Journal,2018,6(2):1594-1605.
[12] LIU Han,HAN Dazhi,LI Dun.Fabric-IoT:a blockchain-based access control system in IoT[J].IEEE Access,2020,8:18207-18218.
[13] NAKAMOTO S.Bitcoin:a peer-to-peer electronic cash system[EB/OL].[2020-04-10].https://bitcoin.org/en/bitcoin-paper.
[14] BUTERIN V.A next-generation smart contract and decent-ralized application platform[EB/OL].[2020-04-10].https://cryptorating.eu/whitepapers/Ethereum/Ethereum_white_paper.pdf.
[15] WOOD G.Ethereum:a secure decentralised generalised transaction ledger[EB/OL].[2020-04-10].https://ethereum.github.io/yellowpaper/paper.pdf.
[16] DANNEN C.Introducing ethereum and solidity[M].Berkeley,USA:[s.n.],2017.
[17] GENCER A E,BASU S,EYAL I,et al.Decentralization in bitcoin and ethereum networks[C]//Proceedings of the 22nd International Conference on Financial Cryptography and Data Security.Nieuwpoort,Belgium:[s.n.],2018:439-457.
[18] CACHIN C.Architecture of the hyperledger blockchain fabric[EB/OL].[2020-04-10].http://bytacoin.io/main/Hyperledger.pdf.
[19] ANDROULAKI E,BARGER A,BORTNIKOV V,et al.Hyperledger fabric:a distributed operating system for permissioned blockchains[C]//Proceedings of tne 13th EuroSys Conference.New York,USA:ACM Press,2018:1-15.
[20] MAESA D D F,MORI P,RICCI L.A blockchain based approach for the definition of auditable access control systems[J].Computers and Security,2019,84:93-119.
[21] ZHANG Liang,LIU Baixiang,ZHANG Ruyi,et al.Overview of blockchain technology[J].Computer Engineering,2019,45(5):1-12.(in Chinese)张亮,刘百祥,张如意,等.区块链技术综述[J].计算机工程,2019,45(5):1-12.

选择文件类型/文献管理软件名称

选择包含的内容

基于智能合约的物联网访问控制系统

Access Control System of Internet of Things Based on Smart Contract

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 22

参考文献

相关文章 15

编辑推荐

Metrics

本文评价

[1]	黄保华, 郑慧颖, 屈锡, 陈宁江. 联盟链高效存储访问控制方案[J]. 计算机工程, 2023, 49(8): 37-45.
[2]	王群, 李馥娟, 倪雪莉, 夏玲玲, 梁广俊. 区块链数据形成与隐私威胁[J]. 计算机工程, 2023, 49(8): 1-12.
[3]	余长宏, 陆雅, 王海鑫, 高明. 基于滑动时间窗的物联网设备流量分类算法[J]. 计算机工程, 2023, 49(7): 259-268.
[4]	陈福安, 柳毅. 基于区块链的V2G无证书环签密隐私保护方案[J]. 计算机工程, 2023, 49(6): 34-41,52.
[5]	潘雪, 袁凌云, 黄敏敏. 基于区块链和域信任度的物联网跨域信任评估模型[J]. 计算机工程, 2023, 49(5): 181-190.
[6]	高健博, 张家硕, 李青山, 陈钟. RegLang监管合约规则冲突检测方法[J]. 计算机工程, 2023, 49(5): 12-21,28.
[7]	王群, 李馥娟, 倪雪莉, 夏玲玲, 梁广俊. 区块链隐私保护机制研究[J]. 计算机工程, 2023, 49(4): 1-13.
[8]	黄金荣, 刘百祥, 张亮, 张展鹏. 基于智能合约和非同质化代币的去中心化匿名身份认证模型[J]. 计算机工程, 2023, 49(4): 14-22.
[9]	白首圳, 陈美娟. 面向工业互联网的区块链分层分片研究[J]. 计算机工程, 2023, 49(3): 58-66,79.
[10]	杨俊明, 尹超, 杨铮. 基于激励驱动的轻量级隐私保护位置证明协议[J]. 计算机工程, 2023, 49(3): 151-160.
[11]	田秀霞, 杨明夷. 家庭物联网中基于智能合约的访问控制机制[J]. 计算机工程, 2023, 49(3): 18-28.
[12]	苏瑞国, 阳建, 秦继伟, 武晓雄, 贾振红. 基于物联网区块链的轻量级共识算法研究[J]. 计算机工程, 2023, 49(2): 175-180.
[13]	孙林昆, 蒋文保, 郭阳楠, 李春强. 基于密码累加器的无状态区块链性能优化[J]. 计算机工程, 2023, 49(2): 46-53.
[14]	顾智敏, 王梓莹, 郭静, 郭雅娟, 冯景瑜. 雾化零信任组件的5G电力失陷终端威胁检测[J]. 计算机工程, 2023, 49(2): 161-168.
[15]	刘泽坤, 王峰, 贾海蓉. 结合动态信用机制的PBFT算法优化方案[J]. 计算机工程, 2023, 49(2): 191-198.

模态框（Modal）标题

选择文件类型/文献管理软件名称

选择包含的内容

基于智能合约的物联网访问控制系统

Access Control System of Internet of Things Based on Smart Contract

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 22

参考文献

相关文章 15

编辑推荐

Metrics

本文评价