浏览全部资源
扫码关注微信
面向物联网的基于智能合约与CP-ABE的访问控制方案
An access control scheme for IoT based on smart contracts and CP-ABE
- 电信科学 2024年40卷第10期 页码:100-115
- 作者机构:
1.河南农业大学信息与管理科学学院,河南 郑州 450046
2.河南省农业大数据与人工智能国际联合实验室,河南 郑州 450000
3.德蒙福特大学计算机、工程和媒体学院,英国 莱斯特LE1 9BH
4.新里斯本大学NODV信息管理学院,葡萄牙 里斯本 1070-312
- 作者简介:
[ "孙昌霞(1976- ),女,博士,河南农业大学教授、硕士生导师,主要研究方向为区块链、信息安全、农业大数据等。" ]
[ "张传虎(1998- ),男,河南农业大学硕士生,主要研究方向为区块链、农业信息化。" ]
[ "刘冰杰(1991- ),女,博士,河南农业大学讲师,主要研究方向为边缘计算、资源分配和博弈论。" ]
[ "Yingjie Yang(1965- ),男,博士,德蒙福特大学教授,主要研究方向为灰色系统、模糊集、粗糙集、神经网络及其在土木工程、交通运输、环境工程和管理科学中的应用。" ]
[ "Fernando Bação(1968- ),男,博士,新里斯本大学教授,主要研究方向为决策支持系统、机器学习和数据科学。" ]
[ "刘倩(1978- ),女,河南农业大学讲师,主要研究方向为数据库应用及农业大数据应用。" ]
- 基金信息:河南省科技攻关项目(232102211087);河南省杰出外籍科学家工作室项目(GZS2024006);河南省中央引导地方科技发展资金资助项目(Z20231811005);河南省联合基金资助项目(232103810020);河南省高等学校重点科研项目(23A520005)
DOI:10.11959/j.issn.1000-0801.2024227
中图分类号: TP393.0收稿日期:2024-05-10,
修回日期:2024-10-13,
纸质出版日期:2024-10-20
- 稿件说明:
移动端阅览
孙昌霞,张传虎,刘冰杰等.面向物联网的基于智能合约与CP-ABE的访问控制方案[J].电信科学,2024,40(10):100-115.
SUN Changxia,ZHANG Chuanhu,LIU Bingjie,et al.An access control scheme for IoT based on smart contracts and CP-ABE[J].Telecommunications Science,2024,40(10):100-115.
孙昌霞,张传虎,刘冰杰等.面向物联网的基于智能合约与CP-ABE的访问控制方案[J].电信科学,2024,40(10):100-115. DOI: 10.11959/j.issn.1000-0801.2024227.
SUN Changxia,ZHANG Chuanhu,LIU Bingjie,et al.An access control scheme for IoT based on smart contracts and CP-ABE[J].Telecommunications Science,2024,40(10):100-115. DOI: 10.11959/j.issn.1000-0801.2024227.
摘要
随着物联网设备数量激增,传统的集中式访问控制方案在面对当前大规模物联网环境时显得力不从心,现有的分布式访问控制方案存在高货币成本和处理访问请求的低吞吐量等问题。针对这些问题提出一种区块链智能合约结合密文策略属性基加密(ciphertext policy attribute based encryption,CP-ABE)实现对物联网资源的访问控制方案。以超级账本(Hyperledger Fabric)为底层网络,对功能令牌执行属性基加密,利用星际文件系统(interplanetary file system,IPFS)保存令牌密文,通过智能合约公开令牌获取地址实现一对多授权。进一步设计合约部署到区块链实现对令牌请求的去中心化权限评估,维护主体在特定资源对象上允许的操作,实现更为细粒度的属性访问控制。仿真实验及性能分析表明,所提方案与现有方案相比能够使数据所有者在更短的时间内完成对大量请求主体的安全访问授权,压力测试表明链码具有较好性能。
Abstract
As the number of Internet of things (IoT) devices increases
traditional centralized access control solutions are inadequate for the current large-scale IoT environment. Existing distributed access control schemes suffer from high monetary costs and low throughput in processing access requests. To address these issues
a blockchain smart contract combined with ciphertext policy attribute based encryption (CP-ABE) was proposed to implement access control for IoT resources. Using Hyperledger Fabric as the underlying network
attribute-based encryption was applied to functional tokens
and token ciphertexts were stored using the interplanetary file system (IPFS). Through smart contracts
token retrieval addresses were publicly exposed to achieve 1-to-
N
authorization. Furthermore
contracts were designed to be deployed on the blockchain for decentralized perm
ission evaluation of token requests
maintaining the allowed operations for subjects on specific resource objects
realizing more fine-grained attribute-based access control. Simulation experiments and performance analysis demonstrate that compared to existing solutions
this approach enables data owners to securely authorize access for a large number of requesting subjects in a shorter time frame. Stress tests show that the chaincode performs well.
关键词
Keywords
references
GÜRFIDAN R , ERSOY M . A new approach with blockchain based for safe communication in IoT ecosystem [J ] . Journal of Data, Information and Management , 2022 , 4 ( 1 ): 49 - 56 .
CHELLAPPAN V , SIVALINGAM K M . Security and privacy in the Internet of things [M ] // Internet of Things . Amsterdam : Elsevier , 2016 : 183 - 200 .
NAKAMOTO S . Bitcoin: A peer-to-peer electronic cash system [EB ] . 2008 .
WANG Q , ZHU X Q , NI Y Y , et al . Blockchain for the IoT and industrial IoT: a review [J ] . Internet of Things , 2020 , 10 : 100081 .
GUO S Y , HU X , GUO S , et al . Blockchain meets edge computing: a distributed and trusted authentication system [J ] . IEEE Transactions on Industrial Informatics , 2020 , 16 ( 3 ): 1972 - 1983 .
ZHANG L H , LI B P , FANG H D , et al . An Internet of things access control scheme based on permissioned blockchain and edge computing [J ] . Applied Sciences , 2023 , 13 ( 7 ): 4167 .
GONG L Q , ALGHAZZAWI D M , CHENG L . BCoT sentry: a blockchain-based identity authentication framework for IoT devices [J ] . Information , 2021 , 12 ( 5 ): 203 .
CRUZ J P , KAJI Y , YANAI N . RBAC-SC: role-based access control using smart contract [J ] . IEEE Access , 2018 ( 3 ): 12240 - 12251 .
LIU H , HAN D Z , LI D . Fabric-IoT: a blockchain-based access control system in IoT [J ] . IEEE Access , 2020 ( 8 ): 18207 - 18218 .
ZHANG G F , CHEN X , FENG B , et al . Research on a safe and reliable agricultural product traceability system driven by permissioned BlockChain technology [M ] // Lecture Notes in Electrical Engineering . Singapore : Springer Nature Singapore , 2022 : 955 - 966 .
王秀利 , 江晓舟 , 李洋 . 应用区块链的数据访问控制与共享模型 [J ] . 软件学报 , 2019 , 30 ( 6 ): 1661 - 1669 .
WANG X L , JIANG X Z , LI Y . Model for data access control and sharing based on blockchain [J ] . Journal of Software , 2019 , 30 ( 6 ): 1661 - 1669 .
WU A X , ZHANG Y H , ZHENG X K , et al . Efficient and privacy-preserving traceable attribute-based encryption in blockchain [J ] . Annals of Telecommunications , 2019 , 74 ( 7 ): 401 - 411 .
QIN X M , HUANG Y F , YANG Z , et al . LBAC: a lightweight blockchain-based access control scheme for the Internet of things [J ] . Information Sciences , 2021 ( 554 ): 222 - 235 .
ZHANG Y Y , NAKANISHI R , SASABE M , et al . Combining IOTA and attribute-based encryption for access control in the Internet of things [J ] . Sensors , 2021 , 21 ( 15 ): 5053 .
SILVANO W F , MARCELINO R . Iota Tangle: a cryptocurrency to communicate Internet-of-things data [J ] . Future Generation Computer Systems , 2020 ( 112 ): 307 - 319 .
BETHENCOURT J , SAHAI A , WATERS B . Ciphertext-policy attribute-based encryption [C ] // Proceedings of the 2007 IEEE Symposium on Security and Privacy (SP'07) . Piscataway : IEEE Press , 2007 : 321 - 334 .
ANDROULAKI E , BARGER A , BORTNIKOV V , et al . Hyperledger fabric: a distributed operating system for permissioned blockchains [C ] // Proceedings of the Thirteenth EuroSys Conference . New York : ACM Press , 2018 : 1 - 15 .
ONGARO D , OUSTERHOUT J . In search of an understandable consensus algorithm [J ] . Proceedings of the 2014 USENIX Annual Technical Conference , USENIX ATC 2014 , 2014 : 305 - 319 .
LI Z T , KANG J W , YU R , et al . Consortium blockchain for secure energy trading in industrial Internet of things [J ] . IEEE Transactions on Industrial Informatics , 2018 , 14 ( 8 ): 3690 - 3700 .
DING S , CAO J , LI C , et al . A novel attribute-based access control scheme using blockchain for IoT [J ] . IEEE Access , 2019 ( 7 ): 38431 - 38441 .
ZHENG Q H , LI Y , CHEN P , et al . An innovative IPFS-based storage model for blockchain [C ] // Proceedings of the 2018 IEEE/WIC/ACM International Conference on Web Intelligence (WI) . Piscataway : IEEE Press , 2018 : 704 - 708 .
AGRAWAL S , CHASE M . FAME: fast attribute-based message encryption [C ] // Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security . New York : ACM Press , 2017 : 665 - 682 .
LI D W , CHEN J , LIU J W , et al . Efficient CCA2 secure revocable multi-authority large-universe attribute-based encryption [M ] //WEN S, WU W, CASTIGLIONE A, eds. Lecture Notes in Computer Science . Cham : Springer International Publishing , 2017 : 103 - 118 .
XU R , CHEN Y , BLASCH E , et al . Blendcac: A blockchain-enabled decentralized capability-based access control for IoTs [C ] // 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData) . Piscataway : IEEE Press , 2018 : 1027 - 1034 .
0
浏览量
104
下载量
0
CSCD
- 网络PDF下载
- WORD下载
- XML下载
- Meta-XML下载
- BibTeX下载
- Endnote下载
- RefMan 下载
- NoteExpress下载
- NoteFirst下载
关联资源
相关文章
相关作者
相关机构
- 技术支持由北京北大方正电子有限公司提供 京ICP备09064830号-19
京公网安备11010802024621 - 本系统建议在Chrome、 IE9+ 以上版本浏览器阅读本站内容,360浏览器请切换至极速模式
- Cookies帮助我们提供服务并提供个性化体验。使用本网站,即表示您同意我们使用Cookies
- 总访问量:70081 今日访问量:136