We consider access control for IoT systems that involves shared accesses to the IoT devices as well as their data. Since IoT devices are dispersed all over the edge of the Internet, traditional centralized access control has problems. Blockchain based decentralized access control is thus the new solution trend. However, existing blockchain based access control methods do not focus on performance issues and may incur a high communication overhead. In this paper, we develop a Pruning Blockchain based Access Control (PBAC) protocol to cutdown the unnecessary message rounds and achieve high efficiency in access validations and policy management. The protocol includes a shortcut and a Role and Device Hierarchy-Based Access Control (R&D-BAC) approaches for different environment settings. To realize the PBAC protocol, it is necessary to carefully engineer the system architecture, which is also discussed in the paper. Experiments demonstrate the efficacy of the PBAC protocol, specifically, the shortcut mechanism reduces access time by approximately 43%, and R&D-BAC outperforms traditional blockchain based RBAC by more than two folds.
翻译:暂无翻译