TY - GEN
T1 - Blockchain-based Scheme for Authentication and Capability-based Access Control in IoT Environment
AU - Sivaselvan, N.
AU - Bhat, Vivekananda K.
AU - Rajarajan, Muttukrishnan
N1 - Publisher Copyright:
© 2020 IEEE.
Copyright:
Copyright 2021 Elsevier B.V., All rights reserved.
PY - 2020/10/28
Y1 - 2020/10/28
N2 - Authentication and access control techniques are fundamental security elements to restrict access to critical resources in IoT environment. In the current state-of-the-art approaches in the literature, the architectures do not address the security features of authentication and access control together. Besides, they don't completely fulfill the key Internet-of-Things (IoT) features such as usability, scalability, interoperability and security. In this paper, we introduce a novel blockchain-based architecture for authentication and capability-based access control for IoT environment. A capability is a token which contains the access rights authorized to the device holding it. The architecture uses blockchain technology to carry out all the operations in the scheme. It does not embed blockchain technology into the resource-constrained IoT devices for the purpose of authentication and access control of the devices. However, the IoT devices and blockchain are connected by means of interfaces through which the essential communications are established. The authenticity of such interfaces are verified before any communication is made. Consequently, the architecture satisfies usability, scalability, interoperability and security features. We carried out security evaluation for the scheme. It exhibits strong resistance to threats like spoofing, tampering, repudiation, information disclosure, and Denial-of-Service (DoS). We also developed a proof of concept implementation where cost and storage overhead of blockchain transactions are studied.
AB - Authentication and access control techniques are fundamental security elements to restrict access to critical resources in IoT environment. In the current state-of-the-art approaches in the literature, the architectures do not address the security features of authentication and access control together. Besides, they don't completely fulfill the key Internet-of-Things (IoT) features such as usability, scalability, interoperability and security. In this paper, we introduce a novel blockchain-based architecture for authentication and capability-based access control for IoT environment. A capability is a token which contains the access rights authorized to the device holding it. The architecture uses blockchain technology to carry out all the operations in the scheme. It does not embed blockchain technology into the resource-constrained IoT devices for the purpose of authentication and access control of the devices. However, the IoT devices and blockchain are connected by means of interfaces through which the essential communications are established. The authenticity of such interfaces are verified before any communication is made. Consequently, the architecture satisfies usability, scalability, interoperability and security features. We carried out security evaluation for the scheme. It exhibits strong resistance to threats like spoofing, tampering, repudiation, information disclosure, and Denial-of-Service (DoS). We also developed a proof of concept implementation where cost and storage overhead of blockchain transactions are studied.
UR - http://www.scopus.com/inward/record.url?scp=85099751878&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85099751878&partnerID=8YFLogxK
U2 - 10.1109/UEMCON51285.2020.9298116
DO - 10.1109/UEMCON51285.2020.9298116
M3 - Conference contribution
AN - SCOPUS:85099751878
T3 - 2020 11th IEEE Annual Ubiquitous Computing, Electronics and Mobile Communication Conference, UEMCON 2020
SP - 323
EP - 330
BT - 2020 11th IEEE Annual Ubiquitous Computing, Electronics and Mobile Communication Conference, UEMCON 2020
A2 - Paul, Rajashree
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 11th IEEE Annual Ubiquitous Computing, Electronics and Mobile Communication Conference, UEMCON 2020
Y2 - 28 October 2020 through 31 October 2020
ER -