Secure and Privacy-preserving Smart Contract-based Solution for Access Control in IoT

Chao Lin, Key Laboratory of Aerospace Information Security and Trusted Computing, Ministry of Education, School of Cyber Science and Engineering, Wuhan University, Wuhan, China; Debiao He^*, Key Laboratory of Aerospace Information Security and Trusted Computing, Ministry of Education, School of Cyber Science and Engineering, Wuhan University, Wuhan, China; Xinyi Huang, School of Mathematics and Computer Science, Fujian Normal University, China; and Kim-Kwang Raymond Choo, Department of Information Systems and Cyber Security, University of Texas at San Antonio, San Antonio, USA

^*Debiao He is the corresponding author.

IEEE Blockchain Technical Briefs, July 2018

 

Internet of Things is, as the name suggests, a network of Internet-enabled objects (e.g. sensors and smart devices) with applications in smart homes, smart cities (e.g. medical and health-care settings, and intelligent transportation) [1]. The interconnection of physical objects provides efficient data collection and sharing in IoT applications, although there are also underpinning security concerns (e.g. potential data or privacy leakage). Hence, one particular area of focus it to design an effective and (provably) secure access control scheme to protect related resources (e.g. the collected or processed data) against unauthorized access (or modification).

Conventional access control systems are generally centralized (in the sense of having the same trust domain), which are known to suffer from the following limitations: a single point of failure and lack of support for dynamicity (i.e. the need to be mobile and belong to different management communities) and polycentricity (i.e. the capability to be managed by several managers) in IoT devices. Thus, there has been interest in researching on the role of blockchain in IoT access control (e.g. transaction-based [2][3] and smart contract-based [4][5][6]). Blockchain is a distributed and chronological ledger commonly maintained by public / private / permissioned nodes (corresponding to the three types of blockchain), according to a consensus mechanism such as Proof-of-Work (PoW), Proof-of-Stake (PoS) and Practical Byzantine Fault Tolerance (PBFT) [6]. In other words, blockchain can provide decentralization, verifiability and immutability to enhance security (in conjunction with other cryptographic tools), service availability (avoiding the single point of failure), system scalability (e.g. due to programmable smart contracts), and potentially other features / properties. Despite the potential of blockchain in IoT access control, a number of limitations need to be addressed, and these are as follows:

Pseudonym. The claimed anonymity is mainly guaranteed by allocating some addresses generated from a one-time public key (e.g. Ethereum address) to IoT devices, and clearly it will be challenging to identify a specific IoT device in a large real-world infrastructure such as a smart city (or even a smart campus or university system, such as the University of Texas system that spans 14 institutions). It is also known that there are several ways (e.g. transaction graph analysis [7] and quantitative analysis [8]) to find the connection between an address and it’s concrete entity. Once an adversary can link the allocated address to a specific device, all of the device’s request / management access records will be disclosed; hence, compromising the device’s identity and location privacy.

Non-lightweight. Some blockchain designs use transactions to publish or update access control policy (into the chain directly or via a smart contract).  However, this requires the IoT devices to be capable of publishing transactions. However, transactions in some current pervasive blockchain systems (e.g. Bitcoin and Ethereum) are constructed based on the Elliptic Curve Digital Signature Algorithm (ECDSA). This cryptographic primitive may not be able to be deployed directly on IoT systems, particularly resource-constrained IoT devices as these devices generally have limited memory space that cannot support the computational and storage costs required of the ECDSA algorithm.

Policy-public. Blockchain-based solutions generally require the submission of access control policies directly into the blockchain (note that even in smart contract-based approaches, smart contracts’ data will be eventually chained into the blockchain) to ensure verifiable-consistency, immutability and hence traceability. Unfortunately, this will also reveal all the access control policies to the public, meaning that anyone can learn the required policies to access IoT devices’ resources even when they are not authorized. This will further leak IoT devices’ sensitive information beyond the inferred metadata from accessible data.

Insufficiency. From the view of smart contract-based solutions, the proposals do not take secure design of smart contract into account. Smart contracts deployed and executed in practice may contain design flaws and security vulnerabilities, which can be exploited to facilitate attacks such as tokens-stolen, and deadlocked-state [9]. More seriously, once a contract is deployed in the blockchain, it will be immutable; namely, its functionality cannot be modified anymore. Hence, it is important to ensure the security of smart contracts before deploying it in the blockchain.

To solve these issues in existing blockchain-based solutions for access control in IoT, we propose a new smart contract-based solution, combining two cryptographic primitives (i.e. Group Signature, Public Key Encryption) and FsolidM [9]. Our proposal comprises the following entities: owner (maintaining the access control policy of its IoT devices), gateway (publishing the transaction for IoT devices), IoT devices (collecting data for owner), and permissioned nodes (maintaining the blockchain ledger and serving as a group manager for executing the group signature scheme). We will also briefly introduce the core designs as follows.

• A permissioned blockchain is more appropriate in our context, where hundreds of thousands transactions are conducted within seconds. The use of the permissioned blockchain also offers advantages such as increased privacy control and the ability to modify the cost requirement. Here, we propose adopting JUICE¹ (an open service platform) to realize our architecture, because it can support Solidity (a programming language designed for writing contracts such as Ethereum). We can also build a user-friendly graphical interface using Java and JavaScript, and JUICE provides a rich set of cryptographic API calls (e.g. homomorphic encryption, group signature, and zero-knowledge proof) for privacy-preserving applications.
• We suggest replacing ECDSA with a group signature scheme (e.g. [10]) in the transaction to achieve conditional anonymity. That is, no one but the group manager (i.e. permissioned nodes) can trace and reveal the group member identity of a signer. Note that resource-constrained IoT devices generally cannot support the computations of a group signature scheme, and hence we use the gateway to publish transactions for the devices. Generally, these IoT devices connect to an external environment via a physical connected gateway (with certain computational capacities).
• In order to protect the confidentiality of access control policies recorded in the blockchain, the owner needs to encrypt the access control policies using the gateway’s public key via some public key encryption scheme first. Then, the owner uploads the encrypted polices into the smart contract and only the corresponding gateway with the secret key can decrypt and obtain the policies.
• Considering the possible security vulnerabilities from smart contracts, we propose using FsolidM to design and deploy our secure smart contract for access control in IoT. As discussed in [9], FsolidM provides a user-friendly graphical editor that enables developers to design smart contracts as fnite-state machine (FSM) and a corresponding tool for translating FSM into Solidity code.

Due to the integration of group signature schemes and a simple public key encryption in smart contract, our proposal can efficiently mitigate two conflicting requirements, namely: anonymity versus accountability, and transparency versus confidentiality, as well as addressing the deficiencies of conventional centralized or even existing blockchain-based systems. Hopefully, our proposal can inspire other secure blockchain-based applications in IoT such as data sharing, authentication, communication, and so forth.

 

¹ https://www.juzhen.io/

 

Acknowledgement

1. The work was supported in part by the National Key Research and Development Program of China under Grant 2017YFB0802500.
2. The work was supported in part by the National Natural Science Foundation of China under Grant 61501333, Grant 61572379, Grant 61472287, and Grant 61772377.
3. The work was supported in part by the Natural Science Foundation of Hubei Province of China under Grant 2017CFA007 and Grant 2015CFA068.
4. The work was supported in part by the Cloud Technology Endowed Professorship.

 

References

[1] I. Yaqoob, E. Ahmed, I. A. T. Hashem, A. I. A. Ahmed, A. Gani, M. Imran, and M. Guizani, “Internet of things architecture: Recent advances, taxonomy, requirements, and open challenges,” IEEE Wireless Communication, vol. 24, no. 3, pp. 10 - 16, 2017.

[2] G. Zyskind, O. Nathan, A. Pentland, “Decentralizing Privacy: Using Blockchain to Protect Personal Data,” IEEE Symposium on Security and Privacy Workshops, pp. 180 - 184, 2015.

[3] A. Ouaddah, A.A.E. Kalam, A.A. Ouahman, “FairAccess: a new Blockchain-based access control framework for the Internet of Things,” Hindawi Security and Communication Networks, vol. 9, no. 18, pp. 5943 -5964, 2016.

[4] Y. Zhang, S. Kasahara, Y. Shen, X. Jiang, J. Wan, “Smart Contract-Based Access Control for the Internet of Things,” CoRR abs/1802.04410, 2018 (https://arxiv.org/abs/1802.04410).

[5] O. Novo, “Blockchain Meets IoT: An Architecture for Scalable Access Management in IoT,” IEEE Internet of Things Journal, vol. 5, no. 2, pp. 1184 - 1195, 2018.

[6] C. Lin, D. He, X. Huang, K.-K. R. Choo, A. V. Vasilakos, “Bsein: A blockchain-based secure mutual authentication with fine-grained access control system for industry 4.0,” Elsevier Journal of Network and Computer Applications, vol. 116, pp. 42-52, 2018.

[7] M. Ober, S. Katzenbeisser, K. Hamacher, “Structure and Anonymity of the Bitcoin Transaction Graph,” MDPI Future Internet, vol. 5, no. 2, pp. 237 - 250, 2013.

[8] D. Ron, A. Shamir, “Quantitative Analysis of the Full Bitcoin Transaction Graph,” Financial Cryptography, pp. 6 - 24, 2013.

[9] A. Mavridou, A. Laszka, “Designing Secure Ethereum Smart Contracts: A Finite State Machine Based Approach,” CoRR abs/1711.09327, 2017 (https://arxiv.org/abs/1711.09327).

[10] T. Ho, L. Yen, C. Tseng, “Simple-Yet-Efficient Construction and Revocation of Group Signatures,” International Journal of Foundations of Computer Science, vol. 26, no. 5, pp. 611 - 624, 2015.

 

---

 

Chao Lin received his Bachelor and Master degrees from the School of Mathematics and Computer Science, Fujian Normal University in 2013 and 2017, respectively. Currently, he is pursuing his Ph.D. degree in the School of Cyber Science and Engineering, Wuhan University. His research interests mainly include authentication of graph data and blockchain security.

 

 

Debiao He received his Ph.D. degree in applied mathematics from School of Mathematics and Statistics, Wuhan University in 2009. He is currently a Professor of the School of Cyber Science and Engineering, Wuhan University. His main research interests include cryptography and information security, in particular, cryptographic protocols.

 

 

Xinyi Huang received the Ph.D. degree from the University of Wollongong, Australia. He is currently a Professor with the School of Mathematics and Computer Science, Fujian Normal University, China, and the Co-Director of Fujian Provincial Key Laboratory of Network Security and Cryptology. He is an Associate Editor for the IEEE Transactions on Dependable and Secure Computing. He serves on the Editorial Board of International Journal of Information Security (IJIS, Springer), and has served as the Program/General Chair or Program Committee Member in over 80 international conferences. His research interests include applied cryptography and network security.

 

Kim-Kwang Raymond Choo (SM’15) received his Ph.D. in Information Security in 2006 from Queensland University of Technology, Australia. He currently holds the Cloud Technology Endowed Professorship at The University of Texas at San Antonio (UTSA). In 2016, he was named the Cybersecurity Educator of the Year - APAC (Cybersecurity Excellence Awards are produced in cooperation with the Information Security Community on LinkedIn), and in 2015 he and his team won the Digital Forensics Research Challenge organized by Germany’s University of Erlangen-Nuremberg. He is the recipient of 2018 UTSA College of Business Col. Jean Piccione and Lt. Col. Philip Piccione Endowed Research Award for Tenured Faculty, ESORICS 2015 Best Paper Award, 2014 Highly Commended Award by the Australia New Zealand Policing Advisory Agency, Fulbright Scholarship in 2009, 2008 Australia Day Achievement Medallion, and British Computer Society’s Wilkes Award in 2008. He is also a Fellow of the Australian Computer Society.

 

Editor:

Zheng Yan is currently a full professor at the Xidian University, China and a visiting professor and Finnish academy research fellow at the Aalto University, Finland. She received the Doctor of Science in Technology from the Helsinki University of Technology, Finland. She authored and co-authored about 200 peer-reviewed articles, 8 conference proceedings and solely authored two books. She is an inventor of 60+ granted patents and PCT patents, all of them were adopted or purchased by industry. Some of her granted patents are applied in international standards. She has given 20 keynotes and invited talks in international conferences and universities. Her research interests are in trust, security and privacy; data mining; mobile applications and services; social networking and cloud computing. Prof. Yan serves as an organizational and technical committee member for more than 80 international conferences and workshops. She is an associate editor of IEEE IoT Journal, Information Fusion, Information Sciences, IEEE Access, JNCA, Soft Computing, IEEE Blockchain Technical Briefs, Security and Communication Networks, etc. and a special issue leading guest editor of ACM TOMM, Future Generation Computer Systems, Computers & Security, IJCS, MONET, IEEE Systems Journal, etc. She is a founder steering committee co-chair of IEEE Blockchain conference. She is organizing and has organized 10+ conferences, such as IEEE Blockchain 2018, NSS/ICA3PP/IEEE CIT2017, IEEE TrustCom/BigDataSE/ISPA-2015, IEEE CIT2014, etc. Her recent awards include a number of Outstanding Leadership Awards for IEEE conference organization; the 2017 IEEE ComSoc TCBD Best Journal Paper Award; Outstanding Associate Editor of 2017 for IEEE Access; EU Eureka Excellence Award (2017); Best Individual of Shaanxi Province from Abroad (2014), “100 Expert Plan” winner of Shaanxi Province, China (2011); Sisu Award of Nokia Research Center (2010); EU ITEA Bronze Achievement Award (2008). She is a senior member of IEEE.