TY - GEN
T1 - How to divide a permission token in the delegation process of blockchain-based access control for IoT
AU - Heo, Jeonghwa
AU - Jang, Heewoong
AU - Lee, Heejo
N1 - Funding Information:
This work was supported by the Institute of Information & Communications Technology Planning & Evaluation (IITP) grant funded by the Korea government (MSIT) (No. 2019-0-01697 Development of Automated Vulnerability Discovery Technologies for Blockchain Platform Security, No. 2019-0-01343 Regional Strategic Industry Convergence Security Core Talent Training Business, and No. IITP-2021-2020-0-01819 ICT Creative Consilience program).
Funding Information:
This work was supported by the Institute of Information and Communications Technology Planning and Evaluation (IITP) grant funded by the Korea government (MSIT) (No. 2019-0-01697 Development of Automated Vulnerability Discovery Technologies for Blockchain Platform Security, No. 2019-0-01343 Regional Strategic Industry Convergence Security Core Talent Training Business, and No. IITP-2021-2020-0-01819 ICT Creative Consilience program)
Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - There are several security problems arising from the characteristics of IoT, and one of them is weak access control. Traditional access control models require one centralized authority that stores all the information for access control and validates access rights. This single point of failure in IoT access control could lead to situations where a single breach can cause sensitive information leakage across the entire system. Various studies have been conducted to mitigate this security risk by introducing a decentralized architecture based on blockchain technology called BBAC. However, most BBAC models consider only a simple access control situation, which can lead to a 'the Greatest privilege problem'. This study proposes a novel access control model that enforces minimum privilege to an access token by the division and modification of access rights. As a result, we contributed to enhancing the practicality of the BBAC and mitigating risks that may arise in the delegation process.
AB - There are several security problems arising from the characteristics of IoT, and one of them is weak access control. Traditional access control models require one centralized authority that stores all the information for access control and validates access rights. This single point of failure in IoT access control could lead to situations where a single breach can cause sensitive information leakage across the entire system. Various studies have been conducted to mitigate this security risk by introducing a decentralized architecture based on blockchain technology called BBAC. However, most BBAC models consider only a simple access control situation, which can lead to a 'the Greatest privilege problem'. This study proposes a novel access control model that enforces minimum privilege to an access token by the division and modification of access rights. As a result, we contributed to enhancing the practicality of the BBAC and mitigating risks that may arise in the delegation process.
KW - Access control model
KW - BBAC
KW - Blockchain
KW - IoT
UR - http://www.scopus.com/inward/record.url?scp=85130790315&partnerID=8YFLogxK
U2 - 10.1109/SysCon53536.2022.9773848
DO - 10.1109/SysCon53536.2022.9773848
M3 - Conference contribution
AN - SCOPUS:85130790315
T3 - SysCon 2022 - 16th Annual IEEE International Systems Conference, Proceedings
BT - SysCon 2022 - 16th Annual IEEE International Systems Conference, Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 16th Annual IEEE International Systems Conference, SysCon 2022
Y2 - 25 April 2022 through 23 May 2022
ER -