DSpace Repository

Exploiting Smart Contracts for Capability-Based Access Control in the Internet of Things

Show simple item record

dc.contributor.author Nakamura, Yuta en
dc.contributor.author YuanYu, Zhang en
dc.contributor.author Sasabe, Masahiro en
dc.contributor.author Kasahara, Shoji en
dc.date.accessioned 2020-04-21T10:55:43Z
dc.date.available 2020-04-21T10:55:43Z
dc.date.issued 2020-03-24
dc.identifier.issn 1424-8220
dc.identifier.uri http://hdl.handle.net/10061/13980
dc.description.abstract Due to the rapid penetration of the Internet of Things (IoT) into human life, illegal access to IoT resources (e.g., data and actuators) has greatly threatened our safety. Access control, which specifies who (i.e., subjects) can access what resources (i.e., objects) under what conditions, has been recognized as an effective solution to address this issue. To cope with the distributed and trust-less nature of IoT systems, we propose a decentralized and trustworthy Capability-Based Access Control (CapBAC) scheme by using the Ethereum smart contract technology. In this scheme, a smart contract is created for each object to store and manage the capability tokens (i.e., data structures recording granted access rights) assigned to the related subjects, and also to verify the ownership and validity of the tokens for access control. Different from previous schemes which manage the tokens in units of subjects, i.e., one token per subject, our scheme manages the tokens in units of access rights or actions, i.e., one token per action. Such novel management achieves more fine-grained and flexible capability delegation and also ensures the consistency between the delegation information and the information stored in the tokens. We implemented the proposed CapBAC scheme in a locally constructed Ethereum blockchain network to demonstrate its feasibility. In addition, we measured the monetary cost of our scheme in terms of gas consumption to compare our scheme with the existing Blockchain-Enabled Decentralized Capability-Based Access Control (BlendCAC) scheme proposed by other researchers. The experimental results show that the proposed scheme outperforms the BlendCAC scheme in terms of the flexibility, granularity, and consistency of capability delegation at almost the same monetary cost. en
dc.language.iso en
dc.publisher MDPI en
dc.relation.isreplacedby https://www.mdpi.com/1424-8220/20/6/1793
dc.rights © 2020 by the authors. en
dc.subject Ethereum Blockchain en
dc.subject Internet of Things en
dc.subject Capability-Based Access Control en
dc.subject CapBAC en
dc.title Exploiting Smart Contracts for Capability-Based Access Control in the Internet of Things en
dc.type.nii Journal Article en
dc.contributor.transcription ナカムラ, ユウタ ja_Kana
dc.contributor.transcription ササベ, マサヒロ ja_Kana
dc.contributor.transcription カサハラ, ショウジ ja_Kana
dc.contributor.alternative 中村, 優太 ja
dc.contributor.alternative 張, 元玉 ja
dc.contributor.alternative 笹部, 昌弘 ja
dc.contributor.alternative 笠原, 正治 ja
dc.textversion none en
dc.identifier.jtitle Sensors
dc.identifier.volume 20
dc.identifier.issue 6
dc.relation.doi 10.3390/s20061793
dc.identifier.NAIST-ID 85629699
dc.identifier.NAIST-ID 74653619
dc.identifier.NAIST-ID 74650847
dc.identifier.NAIST-ID 73298887


Files in this item

Files Size Format View

There are no files associated with this item.

This item appears in the following Collection(s)

Show simple item record

Search DSpace


Advanced Search

Browse

My Account