多域物联网中基于区块链和权能的访问控制机制

物联网中的数据通常包含大量的隐私信息,为了防止设备协同过程中因越权访问造成隐私数据泄露的问题,针对多域物联网设备协同场景提出了一套访问控制机制.将分布式的基于权能的访问控制(capability-based access control,CapAC)与区块链技术相结合,设计了存储于区块链的权能令牌以及基于智能合约实现的...

Blockchain and Capability Based Access Control Mechanism in Multi-domain IoT

Data in Internet of things (IoT) usually contains a large amount of personal privacy information, In order to prevent privacy data leakage due to unauthorized access during device collaboration, this article proposes a set of access control mechanisms for multi-domain IoT device collaboration scenarios. By combining distributed capabilitybased access control (CapAC) with blockchain technology, this article designs a capability token stored in the blockchain and a token management contract based on smart contracts. According to CapACs access decision-making method, a blockchain-based token verification method is designed. The blockchain lightweight node is optimized for the characteristics of IoT. Finally, a blockchain system is built to implement the mechanism proposed in the article. Experimental test results show that compared to centralized access control mechanisms, this solution can safely and accurately execute access decisions in large-scale IoT scenarios and has more stable processing performance. Lightweight design can greatly reduce node storage burden.