Tokoin: A Coin-Based Accountable Access Control Scheme for Internet of Things

by   Chunchi Liu, et al.

With the prevalence of Internet of Things (IoT) applications, IoT devices interact closely with our surrounding environments, bringing us unparalleled smartness and convenience. However, the development of secure IoT solutions is getting a long way lagged behind, making us exposed to common unauthorized accesses that may bring malicious attacks and unprecedented danger to our daily life. Overprivilege attack, a widely reported phenomenon in IoT that accesses unauthorized or excessive resources, is notoriously hard to prevent, trace and mitigate. To tackle this challenge, we propose Tokoin-Based Access Control (TBAC), an accountable access control model enabled by blockchain and Trusted Execution Environment (TEE) technologies, to offer fine-graininess, strong auditability, and access procedure control for IoT. TBAC materializes the virtual access power into a definite-amount and secure cryptographic coin termed "tokoin" (token+coin), and manages it using atomic and accountable state-transition functions in a blockchain. We also realize access procedure control by mandating every tokoin a fine-grained access policy defining who is allowed to do what at when in where by how. The tokoin is peer-to-peer transferable, and can be modified only by the resource owner when necessary. We fully implement TBAC with well-studied cryptographic primitives and blockchain platforms and present a readily available APP for regular users. We also present a case study to demonstrate how TBAC is employed to enable autonomous in-home cargo delivery while guaranteeing the access policy compliance and home owner's physical security by regulating the physical behaviors of the deliveryman.


page 14

page 15

page 18


Blockchain of Things (BCoT): The Fusion of Blockchain and IoT Technologies

Blockchain, as well as Internet of Things (IoT), is considered as two ma...

Blockchain for IoT Access Control: Recent Trends and Future Research Directions

With the rapid development of wireless sensor networks, smart devices, a...

A Federated Capability-based Access Control Mechanism for Internet of Things (IoTs)

The prevalence of Internet of Things (IoTs) allows heterogeneous embedde...

Combining IOTA and Attribute-Based Encryption for Access Control in the Internet of Things

Unauthorized resource access represents a typical security threat in the...

ACE of Spades in the IoT Security Game: A Flexible IPsec Security Profile for Access Control

The Authentication and Authorization for Constrained Environments (ACE) ...

Making Access Control Easy in IoT

Secure installation of Internet of Things (IoT) devices requires configu...

Secure and Computationally-Efficient Cryptographic Primitive based on Cellular Automation

Mageto, a random number generator based on one-dimensional cellular auto...

Please sign up or login with your details

Forgot password? Click here to reset