The Internet of Things (IoT) necessitates robust access control mechanisms to secure a vast array of interconnected devices. Most of the existing IoT systems in practice use centralized solutions. We identify the problems in such solutions and adopt the blockchain based decentralized access control approach. Though there are works in the literature that use blockchain for access control, there are some gaps in these works. We develop a blockchain embedded access control (BEAC) framework to bridge the gaps. First, blockchain based solutions for access control require an enabling P2P network while existing P2P overlays do not support some required features. We develop a novel P2P infrastructure to seamlessly support our BEAC framework. Second, most of the works consider blockchain based access control for a single access control model, and we develop a generic blockchain mechanism and show that it can support the embedding of various access control models. Finally, existing works adopt existing blockchain mechanisms which may incur a high communication overhead. We develop a shortcut approach to improve the number of message rounds in the access protocol. Our experiments demonstrate the efficacy of our system, showing that the shortcut mechanism can reduces access time by approximately 43%.

翻译：物联网（IoT）需要强大的访问控制机制来保护大量互联设备的安全。目前实践中的大多数物联网系统采用集中式解决方案。我们识别了此类解决方案中存在的问题，并采用了基于区块链的去中心化访问控制方法。尽管现有文献中存在利用区块链实现访问控制的研究，但这些工作仍存在一些不足。为此，我们开发了区块链嵌入式访问控制（BEAC）框架以弥补这些缺陷。首先，基于区块链的访问控制解决方案需要支持点对点（P2P）网络，而现有的P2P覆盖网络无法满足某些必要特性。我们构建了一种新型P2P基础设施，以无缝支持BEAC框架。其次，现有研究大多针对单一访问控制模型设计基于区块链的访问控制方案，而我们开发了一种通用区块链机制，并证明其能够支持多种访问控制模型的嵌入。最后，现有研究采用的区块链机制可能产生较高的通信开销。我们提出了一种快捷方法，以减少访问协议中的消息往返轮次。实验结果表明，我们的系统具有显著效能，其中快捷机制能将访问时间降低约43%。