BLOCKCHAIN BASED ACCESS MANAGEMENT FRAMEWORK FOR INTERNET OF THINGS (IoT)

Abstract

The Internet of Things (IoT) has revolutionized the landscape of data generation and exchange, where the vast data produced by IoT devices necessitate stringent security measures. Securing IoT devices poses challenges due to resource constraints, limited processing power, and the lack of standardized security protocols. The substantial data volume generated raises privacy concerns, emphasizing the need for ensuring confidentiality and integrity while sharing information across devices and networks. As IoT applications expand across industries like healthcare, manufacturing, and smart cities, the criticality of robust security protocols becomes even more pronounced. Addressing these challenges demands innovative access control frameworks capable of adapting to the dynamic and diverse nature of IoT environments while ensuring data protection and access integrity. 2. Challenges and Motivation From the literature analysis, various research gaps have been identified which are given below:  Implementation of challenges arises when applying existing access control standards to smart objects due to their limited capabilities.  The incorporation of a robust, trusted third party for access control might compromise user privacy.  Assumptions regarding the constant connectivity of IoT devices to the internet may not always hold true.  There exists a demand for high data availability within IoT environments.  The need to dynamically adjust policies to align with the evolving organizational needs remains a crucial consideration. 3. Research Objective We have focused on the following research objectives: i. Study and development of authorization algorithm for the data sharing. ii. Study and design of an architecture for the IoT data management. iii. Study and development of a data access control model for the Internet of Things. xiv iv. To perform a comparative analysis of proposed access control techniques with the state-of-the-arts techniques. 4. Research Proposal We have carried out detailed study of existing literature and identified research gaps which are mentioned above. We have proposed following research proposals to address the identified research gaps:  Authorization Algorithm for Data Sharing: One of the pivotal components of this framework is its implementation of a two-tier authorization system, encompassing both static and dynamic authorization policies. Static policies define access rights based on predefined rules, while dynamic policies dynamically adapt based on real-time interactions, leveraging historical access patterns to assess trustworthiness. The fusion of these authorization mechanisms augments the framework's adaptability, catering to the dynamic nature of IoT environments.  Secure IoT Data Management and Sharing Architecture: The integration of Blockchain and IPFS in this framework ensures secure and decentralized data storage, addressing concerns surrounding data integrity and accessibility. Access policies, encrypted record hashes, and dynamic authorization configurations are securely stored on the Blockchain, while IPFS (Inter Planetary File System) serves as a distributed storage mechanism for actual IoT-generated data. This combination enhances data security, integrity, and availability, while circumventing single points of failure and vulnerabilities inherent in centralized systems.  Blockchain based Access Control Model for IoT Environment: This research presents a pioneering approach to data access management in IoT ecosystems, leveraging Blockchain and IPFS to fortify security, enable efficient data sharing, and establish trust among entities. Adopting a trust-based access control model and implementing dynamic authorization policies offer a resilient and adaptive solution to the evolving challenges of securing IoT environments. Performance evaluations and simulations underscore the efficacy and scalability of the research proposals, emphasizing its ability to handle substantial IoT data volumes efficiently. The evaluations provide insights into the running costs of smart contracts, validating the framework's feasibility for real-world deployment.