家庭物联网中基于智能合约的访问控制机制

doi:10.19678/j.issn.1000-3428.0063794

摘要/Abstract

摘要： 在海量家庭数据存储模式下，家庭中的物联网设备并非完全可信，为了保证设备使用者的数据安全和数据查询效率，需要实施访问控制，然而，目前已有的多数访问控制方案无法在大型分布式系统下既保证安全性又兼顾运行效率。针对该问题，提出基于智能合约技术的访问控制框架并设计分组策略检索算法，以实现一种家庭物联网中安全高效的访问控制。在智能合约访问控制框架中，通过区块链存储访问控制策略保证访问信息的可追溯性以及用户数据的安全性，同时改进基于属性的访问控制模型，实现灵活且可扩展的访问控制。通过构造分组策略检索算法来提高策略的检索效率，在访问控制判决时快速搜索策略。基于智能家居进行访问实现，结果表明该机制能提供安全且高效动态的细粒度访问控制，在大量相同的策略规则下，其系统吞吐量不低于65 T/s，优于Fabric-IoT、DAHB等访问控制方案，更适合大规模家庭物联网环境下的访问请求场景。

关键词: 区块链, 访问控制, 智能合约, 基于属性的访问控制模型, 家庭物联网

Abstract: In a massive home data storage mode, the Internet of Things(IoT) devices are not trusted.To ensure data security and data query efficiency of the device users, access control needs to be implemented. However, most existing access control schemes can not guarantee security and efficiency in large distributed systems.To solve this problem, an access control framework based on smart contract technology is proposed and a group policy retrieval algorithm is designed to achieve a safe and efficient access control in the home IoT. In the smart contract access control framework, a blockchain storage access control strategy is used to ensure the traceability of access information and the security of user data. Moreover, the Attribute-Based Access Control(ABAC) model is improved to achieve flexible and scalable access control. The efficiency of policy retrieval is improved by constructing a group policy retrieval algorithm, and the policy is searched quickly in the access control decision.The result of access implementation based on smart home verifies that the mechanism can provide safe, efficient, and dynamic fine-grained access control. Under many similar policy rules, its system throughput is not less than 65 T/s, which is better than access control schemes such as Fabric-IoT and DAHB, and it is suitable for access request scenarios in a large-scale home IoT environment.

Key words: blockchain, access control, smart contract, Attribute-Based Access Control(ABAC) model, home Internet of Things(IoT)

中图分类号:

TP309

田秀霞, 杨明夷. 家庭物联网中基于智能合约的访问控制机制[J]. 计算机工程, 2023, 49(3): 18-28.

TIAN Xiuxia, YANG Mingyi. Smart Contract-Based Access Control Mechanism in Home IoT[J]. Computer Engineering, 2023, 49(3): 18-28.

http://www.ecice06.com/CN/Y2023/V49/I3/18

图/表 16

20230314184219

20230314184223

20230314184227

20230314184230

20230314184233

20230314184236

20230314184240

20230314184245

20230314184249

20230314184252

20230314184255

20230314184258

20230314184301

20230314184305

20230314184308

20230314184312

参考文献

[1] SADEEQ M A M, ZEEBAREE S.Energy management for Internet of things via distributed systems[J].Journal of Applied Science and Technology Trends, 2021, 2(2):59-71.
[2] STOYANOVA M, NIKOLOUDAKIS Y, PANAGIOTAKIS S, et al.A survey on the Internet of Things(IoT) forensics:challenges, approaches, and open issues[J].IEEE Communications Surveys & Tutorials, 2020, 22(2):1191-1221.
[3] 黄倩怡, 李志洋, 谢文涛, 等.智能家居中的边缘计算[J].计算机研究与发展, 2020, 57(9):1800-1809. HUANG Q Y, LI Z Y, XIE W T, et al.Edge computing in smart homes[J].Journal of Computer Research and Development, 2020, 57(9):1800-1809.(in Chinese)
[4] ABDULLA A I, ABDULRAHEEM A S, SALIH A A, et al.Internet of Things and smart home security[J].Technology Reports of Kansai University, 2020, 62(5):2465-2476.
[5] PHILIP N Y, RODRIGUES J J P C, WANG H G, et al.Internet of Things for in-home health monitoring systems:current advances, challenges and future directions[J].IEEE Journal on Selected Areas in Communications, 2021, 39(2):300-310.
[6] MEKURIA D N, SERNANI P, FALCIONELLI N, et al.Smart home reasoning systems:a systematic literature review[J].Journal of Ambient Intelligence and Humanized Computing, 2021, 12(4):4485-4502.
[7] LIN C, HE D, KUMAR N, et al.HomeChain:a blockchain-based secure mutual authentication system for smart homes[J].IEEE Internet of Things Journal, 2020, 7(2):818-829.
[8] ACAR A, FEREIDOONI H, ABERA T, et al.Peek-a-boo:I see your smart home activities, even encrypted![C]//Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks.New York, USA:ACM Press, 2020:207-218.
[9] NOVO O.Blockchain meets IoT:an architecture for scalable access management in IoT[J].IEEE Internet of Things Journal, 2018, 5(2):1184-1195.
[10] SULTANA T, ALMOGREN A, AKBAR M, et al.Data sharing system integrating access control mechanism using blockchain-based smart contracts for IoT devices[J].Applied Sciences, 2020, 10(2):488.
[11] 张亮, 刘百祥, 张如意, 等.区块链技术综述[J].计算机工程, 2019, 45(5):1-12. ZHANG L, LIU B X, ZHANG R Y, et al.Overview of blockchain technology[J].Computer Engineering, 2019, 45(5):1-12.(in Chinese)
[12] YAN T, CHEN W, ZHAO P, et al.Handling conditional queries and data storage on Hyperledger Fabric efficiently[J].World Wide Web, 2021, 24(1):441-461.
[13] 徐恪, 凌思通, 李琦, 等.基于区块链的网络安全体系结构与关键技术研究进展[J].计算机学报, 2021, 44(1):55-83. XU K, LING S T, LI Q, et al.Research progress of network security architecture and key technologies based on blockchain[J].Chinese Journal of Computers, 2021, 44(1):55-83.(in Chinese)
[14] WANG S, OUYANG L W, YUAN Y, et al.Blockchain-enabled smart contracts:architecture, applications, and future trends[J].IEEE Transactions on Systems, Man, and Cybernetics:Systems, 2019, 49(11):2266-2277.
[15] DORRI A, KANHERE S S, JURDAK R, et al.Blockchain for IoT security and privacy:the case study of a smart home[C]//Proceedings of IEEE International Conference on Pervasive Computing and Communications Workshops.Washington D.C., USA:IEEE Press, 2017:618-623.
[16] ZHANG Y Y, KASAHARA S, SHEN Y L, et al.Smart contract-based access control for the Internet of Things[J].IEEE Internet of Things Journal, 2019, 6(2):1594-1605.
[17] CRUZ J P, KAJI Y, YANAI N.RBAC-SC:role-based access control using smart contract[J].IEEE Access, 2018, 6:12240-12251.
[18] DUKKIPATI C, ZHANG Y P, CHENG L C.Decentralized, blockchain based access control framework for the heterogeneous Internet of Things[C]//Proceedings of the 3rd ACM Workshop on Attribute-Based Access Control.New York, USA:ACM Press, 2018:61-69.
[19] ZHANG Y Y, YUTAKA M, SASABE M, et al.Attribute-based access control for smart cities:a smart-contract-driven framework[J].IEEE Internet of Things Journal, 2021, 8(8):6372-6384.
[20] DING S, CAO J, LI C, et al.A novel attribute-based access control scheme using blockchain for IoT[J].IEEE Access, 2019, 7:38431-38441.
[21] LIU H, HAN D Z, LI D.Fabric-IoT:a blockchain-based access control system in IoT[J].IEEE Access, 2020, 8:18207-18218.
[22] SERVOS D, OSBORN S L.Current research and open problems in attribute-based access control[J].ACM Computing Surveys, 2017, 49(4):1-45.
[23] AMINZADE M.Confidentiality, integrity and availability-finding a balanced IT framework[J].Network Security, 2018(5):9-11.
[24] HURAJ L, ŠIMON M, HORÁK T.Resistance of IoT sensors against DDoS attack in smart home environment[J].Sensors(Basel, Switzerland), 2020, 20(18):5298.
[25] BINTI MOHAMAD NOOR M, HASSAN W H.Current research on Internet of Things(IoT) security:a survey[J].Computer Networks, 2019, 148:283-294.
[26] BHATT S, SANDHU R.ABAC-CC:attribute-based access control and communication control for Internet of Things[C]//Proceedings of the 25th ACM Symposium on Access Control Models and Technologies.New York, USA:ACM Press, 2020:203-212.
[27] 杜瑞忠, 刘妍, 田俊峰.物联网中基于智能合约的访问控制方法[J].计算机研究与发展, 2019, 56(10):2287-2298. DU R Z, LIU Y, TIAN J F.An access control method using smart contract for Internet of Things[J].Journal of Computer Research and Development, 2019, 56(10):2287-2298.(in Chinese)
[28] 史锦山, 李茹, 松婷婷.基于区块链的物联网访问控制框架[J].计算机应用, 2020, 40(4):931-941. SHI J S, LI R, SONG T T.Blockchain-based access control framework for Internet of Things[J].Journal of Computer Applications, 2020, 40(4):931-941.(in Chinese)

选择文件类型/文献管理软件名称

选择包含的内容