Efficient Attribute-Based Smart Contract Access Control Enhanced by Reputation Assessment

Blockchain's immutability can resist unauthorized changes of ledgers, thus it can be used as a trust enhancement mechanism to a shared system. Indeed, blockchain has been considered to solve the security and privacy issues of the Internet of Things (IoT). In this regard, most researches currently focus on the realization of various access control models and architectures, and are working towards making full use of the blockchain to secure IoT systems. It is worth noting that there has been an increasingly heavy pressure on the blockchain storage caused by dealing with massive IoT data and handling malicious access behaviors in the system, and not many countermeasures have been seen to curb the increase. However, this problem has not been paid enough attention. In this paper, we implement an attribute-based access control scheme using smart contracts in Quorum blockchain. It provides basic access control functions and conserves storage by reducing the number of smart contracts. In addition, a reputation-based technique is introduced to cope with malicious behaviors. Certain illegal transactions can be blocked by the credit-assessment algorithm, which deters possibly malicious nodes and gives more chance to well-behaved nodes. The feasibility of our proposed scheme is demonstrated by doing experiment on a testbed and conducting a case study. Finally, the system performance is assessed based on experimental measurement.