xDBAuth: Blockchain Based Cross Domain Authentication and Authorization Framework for Internet of Things

The innovation of ubiquitous and pervasive computing helps service-oriented organizations in the realization of a virtual coalition. The virtual coalition is a set of IoT domains i.e., smart homes and smart hospitals that are linked together through communication lines to share resources. Such virtu...

Full description

Saved in:
Bibliographic Details
Published inIEEE access Vol. 8; pp. 58800 - 58816
Main Authors Ali, Gauhar, Ahmad, Naveed, Cao, Yue, Khan, Shahzad, Cruickshank, Haitham, Qazi, Ejaz Ali, Ali, Azaz
Format Journal Article
LanguageEnglish
Published Piscataway IEEE 2020
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
Access control
Authentication
Authorization
Blockchain
Cryptography
Domains
Internet of Things
permission delegation
Smart buildings
Smart contracts
Smart homes
Trusted third parties
Ubiquitous computing
Online AccessGet full text

Cover

More Information
Summary:The innovation of ubiquitous and pervasive computing helps service-oriented organizations in the realization of a virtual coalition. The virtual coalition is a set of IoT domains i.e., smart homes and smart hospitals that are linked together through communication lines to share resources. Such virtual coalitions need secure cross-domain permission delegation and access control mechanisms. In existing approaches, permission delegation and access control are performed at the resource owner domain or by a single trusted third party. This single trusted third party may fail to work or compromise. Therefore, it will collapse either the whole system or the security of the system. We propose xDBAuth, a decentralized Blockchain (BC) based permission delegation and access control framework for the Internet of Things (IoT). Also, we proposed a hierarchy of local and global smart contracts that perform permission delegation and access control for both internal and external user/IoT devices. Additionally, the proposed framework preserves an external user's privacy by allowing them to get authentication in their parent IoT domains. During authentication, Proof-of-Authenticity/Integrity (PoAI) mechanism is used to find and retrieve user/IoT device platform hashes stored on local BC. After successful authentication, BC authorizes the user/IoT device based on the validation of delegation policies stored on BC. We implemented the proposed framework using Node.js. The results show that the proposed xDBAuth is a lightweight framework with less computational overhead. xDBAuth produces high throughput in an environment having a large number of concurrent requests.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2020.2982542