Attribute-Based Access Control for Smart Cities: A Smart-Contract-Driven Framework

Attribute-Based Access Control for Smart Cities: A Smart-Contract-Driven Framework

Efficient and reliable access control in smart cities is critical for the protection of various resources for decision making and task execution. Existing centralized access control schemes suffer from the limitations of single point of failure, low reliability, and poor scalability. This article, t...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE internet of things journal 2021-04, Vol.8 (8), p.6372-6384
Hauptverfasser: Zhang, Yuanyu, Yutaka, Mirei, Sasabe, Masahiro, Kasahara, Shoji
Format: Artikel
Sprache:eng
Schlagworte:
Access control
Attribute-based access control (ABAC)
Blockchain
Cryptography
Decision making
Internet of Things
Medical services
Resource management
Security management
Smart cities
smart contract
Smart contracts
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 6384
container_issue 8
container_start_page 6372
container_title IEEE internet of things journal
container_volume 8
creator Zhang, Yuanyu
Yutaka, Mirei
Sasabe, Masahiro
Kasahara, Shoji
description Efficient and reliable access control in smart cities is critical for the protection of various resources for decision making and task execution. Existing centralized access control schemes suffer from the limitations of single point of failure, low reliability, and poor scalability. This article, therefore, proposes a distributed and reliable access control framework for smart cities by combining the blockchain smart contract technology and the attribute-based access control (ABAC) model. The framework consists of one policy management contract (PMC) for managing the ABAC policies, one subject attribute management contract (SAMC) for managing the attributes of subjects (i.e., entities accessing resources), one object attribute management contract (OAMC) for managing the attributes of objects (i.e., resources being accessed), and one access control contract (ACC) for performing the access control. To show the feasibility of the proposed framework, we construct a local private Ethereum blockchain system to implement the four smart contracts and also conduct experiments to evaluate the monetary cost as well as to compare the proposed framework with an existing access control list (ACL)-based scheme. The experimental results show that although the proposed scheme consumes more money than the ACL-based scheme at the deployment stage, it introduces less monetary cost during the system running especially for large-scale smart cities.
doi_str_mv 10.1109/JIOT.2020.3033434
format Article
fullrecord <record><control><sourceid>proquest_RIE</sourceid><recordid>TN_cdi_ieee_primary_9238038</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>9238038</ieee_id><sourcerecordid>2510425711</sourcerecordid><originalsourceid>FETCH-LOGICAL-c402t-d064f5948497299094fd5ce634f3c2300859b610c41e0c9579d294aaacc48a583</originalsourceid><addsrcrecordid>eNpNkE1LAzEQhoMoWGp_gHgJeE6dfO1uvK2r1UqhoPUc0mwWtrZNTVLFf-_WLeJpZuB5Z5gHoUsKY0pB3TxP54sxAwZjDpwLLk7QgHGWE5Fl7PRff45GMa4AoItJqrIBeilTCu1ynxy5M9HVuLTWxYgrv03Br3HjA37dmJBw1abWxVtc9jP5JYxN5D60n26LJ8Fs3JcP7xforDHr6EbHOkRvk4dF9URm88dpVc6IFcASqSETjVSiECpnSoESTS2ty7houGUcoJBqmVGwgjqwSuaqZkoYY6wVhZEFH6Lrfu8u-I-9i0mv_D5su5OaSQqCyZzSjqI9ZYOPMbhG70LbPfCtKeiDPX2wpw_29NFel7nqM61z7o9XjBfAC_4De_xo-w</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2510425711</pqid></control><display><type>article</type><title>Attribute-Based Access Control for Smart Cities: A Smart-Contract-Driven Framework</title><source>IEEE Electronic Library (IEL)</source><creator>Zhang, Yuanyu ; Yutaka, Mirei ; Sasabe, Masahiro ; Kasahara, Shoji</creator><creatorcontrib>Zhang, Yuanyu ; Yutaka, Mirei ; Sasabe, Masahiro ; Kasahara, Shoji</creatorcontrib><description>Efficient and reliable access control in smart cities is critical for the protection of various resources for decision making and task execution. Existing centralized access control schemes suffer from the limitations of single point of failure, low reliability, and poor scalability. This article, therefore, proposes a distributed and reliable access control framework for smart cities by combining the blockchain smart contract technology and the attribute-based access control (ABAC) model. The framework consists of one policy management contract (PMC) for managing the ABAC policies, one subject attribute management contract (SAMC) for managing the attributes of subjects (i.e., entities accessing resources), one object attribute management contract (OAMC) for managing the attributes of objects (i.e., resources being accessed), and one access control contract (ACC) for performing the access control. To show the feasibility of the proposed framework, we construct a local private Ethereum blockchain system to implement the four smart contracts and also conduct experiments to evaluate the monetary cost as well as to compare the proposed framework with an existing access control list (ACL)-based scheme. The experimental results show that although the proposed scheme consumes more money than the ACL-based scheme at the deployment stage, it introduces less monetary cost during the system running especially for large-scale smart cities.</description><identifier>ISSN: 2327-4662</identifier><identifier>EISSN: 2327-4662</identifier><identifier>DOI: 10.1109/JIOT.2020.3033434</identifier><identifier>CODEN: IITJAU</identifier><language>eng</language><publisher>Piscataway: IEEE</publisher><subject>Access control ; Attribute-based access control (ABAC) ; Blockchain ; Cryptography ; Decision making ; Internet of Things ; Medical services ; Resource management ; Security management ; Smart cities ; smart contract ; Smart contracts</subject><ispartof>IEEE internet of things journal, 2021-04, Vol.8 (8), p.6372-6384</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2021</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c402t-d064f5948497299094fd5ce634f3c2300859b610c41e0c9579d294aaacc48a583</citedby><cites>FETCH-LOGICAL-c402t-d064f5948497299094fd5ce634f3c2300859b610c41e0c9579d294aaacc48a583</cites><orcidid>0000-0002-1200-9112 ; 0000-0001-9785-8350 ; 0000-0002-3248-5909</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/9238038$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>314,780,784,796,27924,27925,54758</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/9238038$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Zhang, Yuanyu</creatorcontrib><creatorcontrib>Yutaka, Mirei</creatorcontrib><creatorcontrib>Sasabe, Masahiro</creatorcontrib><creatorcontrib>Kasahara, Shoji</creatorcontrib><title>Attribute-Based Access Control for Smart Cities: A Smart-Contract-Driven Framework</title><title>IEEE internet of things journal</title><addtitle>JIoT</addtitle><description>Efficient and reliable access control in smart cities is critical for the protection of various resources for decision making and task execution. Existing centralized access control schemes suffer from the limitations of single point of failure, low reliability, and poor scalability. This article, therefore, proposes a distributed and reliable access control framework for smart cities by combining the blockchain smart contract technology and the attribute-based access control (ABAC) model. The framework consists of one policy management contract (PMC) for managing the ABAC policies, one subject attribute management contract (SAMC) for managing the attributes of subjects (i.e., entities accessing resources), one object attribute management contract (OAMC) for managing the attributes of objects (i.e., resources being accessed), and one access control contract (ACC) for performing the access control. To show the feasibility of the proposed framework, we construct a local private Ethereum blockchain system to implement the four smart contracts and also conduct experiments to evaluate the monetary cost as well as to compare the proposed framework with an existing access control list (ACL)-based scheme. The experimental results show that although the proposed scheme consumes more money than the ACL-based scheme at the deployment stage, it introduces less monetary cost during the system running especially for large-scale smart cities.</description><subject>Access control</subject><subject>Attribute-based access control (ABAC)</subject><subject>Blockchain</subject><subject>Cryptography</subject><subject>Decision making</subject><subject>Internet of Things</subject><subject>Medical services</subject><subject>Resource management</subject><subject>Security management</subject><subject>Smart cities</subject><subject>smart contract</subject><subject>Smart contracts</subject><issn>2327-4662</issn><issn>2327-4662</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2021</creationdate><recordtype>article</recordtype><sourceid>RIE</sourceid><recordid>eNpNkE1LAzEQhoMoWGp_gHgJeE6dfO1uvK2r1UqhoPUc0mwWtrZNTVLFf-_WLeJpZuB5Z5gHoUsKY0pB3TxP54sxAwZjDpwLLk7QgHGWE5Fl7PRff45GMa4AoItJqrIBeilTCu1ynxy5M9HVuLTWxYgrv03Br3HjA37dmJBw1abWxVtc9jP5JYxN5D60n26LJ8Fs3JcP7xforDHr6EbHOkRvk4dF9URm88dpVc6IFcASqSETjVSiECpnSoESTS2ty7houGUcoJBqmVGwgjqwSuaqZkoYY6wVhZEFH6Lrfu8u-I-9i0mv_D5su5OaSQqCyZzSjqI9ZYOPMbhG70LbPfCtKeiDPX2wpw_29NFel7nqM61z7o9XjBfAC_4De_xo-w</recordid><startdate>20210415</startdate><enddate>20210415</enddate><creator>Zhang, Yuanyu</creator><creator>Yutaka, Mirei</creator><creator>Sasabe, Masahiro</creator><creator>Kasahara, Shoji</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>RIA</scope><scope>RIE</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>8FD</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><orcidid>https://orcid.org/0000-0002-1200-9112</orcidid><orcidid>https://orcid.org/0000-0001-9785-8350</orcidid><orcidid>https://orcid.org/0000-0002-3248-5909</orcidid></search><sort><creationdate>20210415</creationdate><title>Attribute-Based Access Control for Smart Cities: A Smart-Contract-Driven Framework</title><author>Zhang, Yuanyu ; Yutaka, Mirei ; Sasabe, Masahiro ; Kasahara, Shoji</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c402t-d064f5948497299094fd5ce634f3c2300859b610c41e0c9579d294aaacc48a583</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2021</creationdate><topic>Access control</topic><topic>Attribute-based access control (ABAC)</topic><topic>Blockchain</topic><topic>Cryptography</topic><topic>Decision making</topic><topic>Internet of Things</topic><topic>Medical services</topic><topic>Resource management</topic><topic>Security management</topic><topic>Smart cities</topic><topic>smart contract</topic><topic>Smart contracts</topic><toplevel>online_resources</toplevel><creatorcontrib>Zhang, Yuanyu</creatorcontrib><creatorcontrib>Yutaka, Mirei</creatorcontrib><creatorcontrib>Sasabe, Masahiro</creatorcontrib><creatorcontrib>Kasahara, Shoji</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Technology Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts – Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><jtitle>IEEE internet of things journal</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Zhang, Yuanyu</au><au>Yutaka, Mirei</au><au>Sasabe, Masahiro</au><au>Kasahara, Shoji</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Attribute-Based Access Control for Smart Cities: A Smart-Contract-Driven Framework</atitle><jtitle>IEEE internet of things journal</jtitle><stitle>JIoT</stitle><date>2021-04-15</date><risdate>2021</risdate><volume>8</volume><issue>8</issue><spage>6372</spage><epage>6384</epage><pages>6372-6384</pages><issn>2327-4662</issn><eissn>2327-4662</eissn><coden>IITJAU</coden><abstract>Efficient and reliable access control in smart cities is critical for the protection of various resources for decision making and task execution. Existing centralized access control schemes suffer from the limitations of single point of failure, low reliability, and poor scalability. This article, therefore, proposes a distributed and reliable access control framework for smart cities by combining the blockchain smart contract technology and the attribute-based access control (ABAC) model. The framework consists of one policy management contract (PMC) for managing the ABAC policies, one subject attribute management contract (SAMC) for managing the attributes of subjects (i.e., entities accessing resources), one object attribute management contract (OAMC) for managing the attributes of objects (i.e., resources being accessed), and one access control contract (ACC) for performing the access control. To show the feasibility of the proposed framework, we construct a local private Ethereum blockchain system to implement the four smart contracts and also conduct experiments to evaluate the monetary cost as well as to compare the proposed framework with an existing access control list (ACL)-based scheme. The experimental results show that although the proposed scheme consumes more money than the ACL-based scheme at the deployment stage, it introduces less monetary cost during the system running especially for large-scale smart cities.</abstract><cop>Piscataway</cop><pub>IEEE</pub><doi>10.1109/JIOT.2020.3033434</doi><tpages>13</tpages><orcidid>https://orcid.org/0000-0002-1200-9112</orcidid><orcidid>https://orcid.org/0000-0001-9785-8350</orcidid><orcidid>https://orcid.org/0000-0002-3248-5909</orcidid><oa>free_for_read</oa></addata></record>
fulltext fulltext_linktorsrc
identifier ISSN: 2327-4662
ispartof IEEE internet of things journal, 2021-04, Vol.8 (8), p.6372-6384
issn 2327-4662
2327-4662
language eng
recordid cdi_ieee_primary_9238038
source IEEE Electronic Library (IEL)
subjects Access control
Attribute-based access control (ABAC)
Blockchain
Cryptography
Decision making
Internet of Things
Medical services
Resource management
Security management
Smart cities
smart contract
Smart contracts
title Attribute-Based Access Control for Smart Cities: A Smart-Contract-Driven Framework
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-21T03%3A02%3A40IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_RIE&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Attribute-Based%20Access%20Control%20for%20Smart%20Cities:%20A%20Smart-Contract-Driven%20Framework&rft.jtitle=IEEE%20internet%20of%20things%20journal&rft.au=Zhang,%20Yuanyu&rft.date=2021-04-15&rft.volume=8&rft.issue=8&rft.spage=6372&rft.epage=6384&rft.pages=6372-6384&rft.issn=2327-4662&rft.eissn=2327-4662&rft.coden=IITJAU&rft_id=info:doi/10.1109/JIOT.2020.3033434&rft_dat=%3Cproquest_RIE%3E2510425711%3C/proquest_RIE%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2510425711&rft_id=info:pmid/&rft_ieee_id=9238038&rfr_iscdi=true