Loading…

Decentralized authorization in constrained IoT environments exploiting interledger mechanisms

We present models that utilize smart contracts and interledger mechanisms to provide decentralized authorization for constrained IoT devices. The models involve different tradeoffs in terms of cost, delay, complexity, and privacy, while exploiting key advantages of smart contracts and multiple block...

Full description

Saved in:
Bibliographic Details
Published in:Computer communications 2020-02, Vol.152, p.243-251
Main Authors: Siris, Vasilios A., Dimopoulos, Dimitrios, Fotiou, Nikos, Voulgaris, Spyros, Polyzos, George C.
Format: Article
Language:English
Subjects:
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:We present models that utilize smart contracts and interledger mechanisms to provide decentralized authorization for constrained IoT devices. The models involve different tradeoffs in terms of cost, delay, complexity, and privacy, while exploiting key advantages of smart contracts and multiple blockchains that communicate with interledger mechanisms. These include immutably recording hashes of authorization information and policies in smart contracts, resilience through the execution of smart contract code on all blockchain nodes, and cryptographically linking transactions and IoT events recorded on different blockchains using hash-lock and time-lock mechanisms. In the case of two ledgers, an authorization and a payment ledger, the authorization ledger can be a private Ethereum network or a permissioned ledger such as Hyperledger Fabric. For decentralized authorization where a subset of m-out-of-n authorization servers are required, we present two policies for selecting the m servers. The first policy can utilize statistics of the authorization servers such as transaction cost and response time. The second policy selects the first m servers that respond. The proposed models are evaluated on the public Ethereum testnets Rinkeby and Ropsten, and for different implementations on the Hyperledger Fabric permissioned ledger, in terms of execution cost (gas), delay, and reduction of data that needs to be sent to the constrained IoT devices.
ISSN:0140-3664
1873-703X
DOI:10.1016/j.comcom.2020.01.030