作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程 ›› 2021, Vol. 47 ›› Issue (4): 21-31. doi: 10.19678/j.issn.1000-3428.0058302

• 热点与综述 • 上一篇    下一篇

基于智能合约的物联网访问控制系统

张江徽1,2, 崔波1,2, 李茹1,2, 史锦山1,2   

  1. 1. 内蒙古大学 计算机学院, 呼和浩特 010021;
    2. 内蒙古自治区无线网络与移动计算重点实验室, 呼和浩特 010021
  • 收稿日期:2020-05-12 修回日期:2020-07-14 发布日期:2020-07-21
  • 作者简介:张江徽(1996-),男,硕士研究生,主研方向为区块链、访问控制;崔波(通信作者),讲师、博士;李茹,教授、博士;史锦山,博士研究生。
  • 基金资助:
    国家自然科学基金“命名数据网络环境下基于智能合约的隐私保护机制研究”(61962042);内蒙古自然科学基金“命名数据无线移动自组织网络中数据转发与存储机制的研究”(2018MS06028);赛尔网络下一代互联网技术创新项目“基于IPv6的智能家居的访问控制机制”(NGII20170415);内蒙古自治区科技计划项目“基于区块链的全过程食品安全溯源管理系统关键技术”(2019GG376)。

Access Control System of Internet of Things Based on Smart Contract

ZHANG Jianghui1,2, CUI Bo1,2, LI Ru1,2, SHI Jinshan1,2   

  1. 1. College of Computer Science, Inner Mongolia University, Hohhot 010021, China;
    2. Inner Mongolia Autonomous Region Key Laboratory of Wireless Networking and Mobile Computing, Hohhot 010021, China
  • Received:2020-05-12 Revised:2020-07-14 Published:2020-07-21

摘要: 在物联网环境下,传统访问控制方法采用集中式的决策实体进行访问控制授权,容易出现单点故障和数据篡改等问题,造成用户隐私数据的丢失及设备被他人非法占用。利用区块链的去中心化、不可篡改及可编程的特性,将区块链技术和访问控制技术相结合,提出一种新的物联网访问控制系统,并为该系统设计一个依托于超级账本的访问控制策略模型FACP。每个物联网设备根据FACP设置访问控制策略,只有符合访问控制策略的用户才可使用该设备,同时系统将用户划分为资源拥有者和资源请求者,以便于更好地区分不同需求的用户。实验结果表明,该系统可为物联网设备提供细粒度与动态的访问控制,且具有较高的吞吐量与较低的延迟,能够保证物联网设备访问控制的安全性及可靠性。

关键词: 物联网, 区块链, 智能合约, 超级账本, 访问控制

Abstract: Traditional access control methods in the Internet of Things(IoT) environment use centralized decision-making entities for access control authorization, which is prone to single-point failures and data tampering problems, resulting in the loss of user privacy data and the illegal use of equipment by others. To address these issues, this paper proposes an IoT access control system using smart contract, which introduces the decentralized, tamper-resistant and programmable blockchain technique into access control, and on this basis designs an access control policy model FACP that relies on hyperledger fabric for the system. Each IoT device sets an access control policy based on FACP, and only users who comply with the access control policy can use the device. At the same time, in order to better distinguish users with different needs, the system divides users into two categories:resource owners and resource requesters. Experimental results show that the system can provide fine-grained and dynamic access control for IoT devices with high throughput and low latency, ensuring the security and reliability of IoT device access control.

Key words: Internet of Things(IoT), blockchain, smart contract, hyperledger fabric, access control

中图分类号: