Affiliation:
1. School of Automation and Information Engineering, Xi’an University of Technology, Xi’an 710054, China
2. School of Computer Science and Engineering, Xi’an University of Technology, Xi’an 710054, China
Abstract
The concept of shared IoT devices has attracted much attention from the industry sector, academia, and financial institutions, providing various benefits, such as saving resources, reducing personal expenses, and providing convenience. Although shared IoT devices facilitate people’s lives and work, the information exchange is over wireless networks that may suffer from some security attacks such as unauthorized access to a shared device or some private information of legitimate users being leaked. It makes the secure access control to the shared IoT devices become an intractable issue. In order to guarantee the access right of the legitimate users, to prevent the problems of privacy leakage and unnecessary economic disputes, a secure decentralized access control scheme for shared IoT devices is proposed leveraging the technologies of blockchain and a proposed authentication protocol in this paper. The new lightweight authentication protocol is proposed to perform mutual authentication between the user and the IoT device. To protect the privacy of the user, the instruction data are encrypted by a temporary session key negotiated between the user and the IoT device with the help of blockchain which enables nontamperable transactions and prevents central corruption and single point of failure. In our scheme, blockchain is maintained by the gateway nodes an acts as a distributed database and a smart contract for shared service is deployed on it. The smart contract has three functions in our scheme: (1) achieving the prepayment of users and settlement for the service contributor, (2) participating in a verification step during the key negotiation to prevent some malicious behaviour from users or devices, (3) recording the workload of the gateway. Finally, a comprehensive analysis on the safety and reliability of the entire scheme is carried out; extensive simulation experiments are conducted to reveal the authentication protocol is efficient and the scheme is feasible.
Funder
National Natural Science Foundation of China
Subject
Computer Networks and Communications,Computer Science Applications
Reference42 articles.
1. Password authentication schemes: current status and key issues;C. S. Tsai;International Journal on Network Security,2006
2. An identity-based one-time password scheme with anonymous authentication;S. Luo
3. A new mutual authentication scheme based on nonce and smart cards
4. IKP: turning a PKI around with decentralized automated incentives;S. Matsumoto
5. A Secure Communicating Things Network Framework for Industrial IoT using Blockchain Technology
Cited by
2 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献