Affiliation:
1. ReDCAD, ENIS, University of Sfax , Tunisia
2. RMIT University, School of Science , Melbourne, Australia
Abstract
Abstract
Security faces huge challenges in Internet of Things (IoT) environments. In particular, conventional access control standards and models tend to be less tailored for IoT due to the constrained nature of smart objects. Usually, a powerful third party is used to handle the access control logic. However, this third party is lacking in transparency and could harm user privacy. Therefore, providing a distributed access control solution, while considering transparency and privacy-preserving awareness in IoT smart systems, is of paramount importance. The described issue can be addressed using the emergent Blockchain technology that provides a promising choice to build a new generation of decentralized and transparent access control solutions. This paper proposes a smart contract-based access control framework for IoT smart healthcare systems, which is based on smart contracts to provide a distributed and trustworthy access control, combined with the GTRBAC model to express fine-grained access control policies while considering temporal authorization constraints. To prove the feasibility and validity of the proposed framework, this paper also provides a detailed technical description and an initial implementation and execution. An experimental evaluation shows that security properties’ analyses on smart contracts achieved the best possible evaluation with no vulnerabilities found, and the cost of access control operations increases linearly as the number of policy constraints increases. Besides, a comparative analysis reveals that the proposed approach can achieve good results with low gas costs and latency.
Publisher
Oxford University Press (OUP)
Cited by
4 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献