计算机应用 ›› 2020, Vol. 40 ›› Issue (4): 931-941.DOI: 10.11772/j.issn.1001-9081.2019111931

• 区块链 •    下一篇

基于区块链的物联网访问控制框架

史锦山1,2, 李茹1,2, 松婷婷1,2   

  1. 1. 内蒙古大学 计算机学院, 呼和浩特 010021;
    2. 内蒙古自治区无线网络与移动计算重点实验室(内蒙古大学), 呼和浩特 010021
  • 收稿日期:2019-11-05 修回日期:2019-11-26 出版日期:2020-04-10 发布日期:2019-12-17
  • 通讯作者: 李茹
  • 作者简介:史锦山(1990-),男,内蒙古呼和浩特人,博士研究生,CCF会员,主要研究方向:区块链、访问控制、物联网;李茹(1974-),女,内蒙古呼和浩特人,教授,博士,CCF高级会员,主要研究方向:区块链、数据挖掘、下一代互联网;松婷婷(1996-),女,内蒙古包头人,硕士研究生,CCF会员,主要研究方向:区块链。
  • 基金资助:
    国家自然科学基金资助项目(61862046);内蒙古自治区科技计划项目(201702019);赛尔网络下一代互联网技术创新项目(NGII20170415)。

Blockchain-based access control framework for Internet of things

SHI Jinshan1,2, LI Ru1,2, SONG Tingting1,2   

  1. 1. College of Computer Science, Inner Mongolia University, Hohhot Inner Mongolia 010021, China;
    2. Inner Mongolia Autonomous Region Key Laboratory of Wireless Networking and Mobile Computing(Inner Mongolia University), Hohhot Inner Mongolia 010021, China
  • Received:2019-11-05 Revised:2019-11-26 Online:2020-04-10 Published:2019-12-17
  • Supported by:
    This work is partially supported by the National Natural Science Foundation of China (61862046),the Inner Mongolia Autonomous Region Science and Technology Program(201702019),the CERNET Innovation Project(NGII20170415).

摘要: 物联网(IoT)中入网设备的海量性、动态性和设备轻量级是内在联系并同时存在的特征。为了同时满足上述三个特征,提出一种基于区块链的IoT访问控制(BBIAC)框架。首先提出了该框架下的BBIAC模型,在IoT授权过程中引入属性的概念以满足模型对海量性的支持;而区块链自身的分布式结构和身份认证方式为该模型提供了动态性的支持;同时,区块链自身提供的安全性和多机构信任使BBIAC模型可以将需要大规模计算和存储的部分部署在区块链中,使该模型支持轻量级的IoT设备。接着,介绍了BBIAC模型完整的工作流程。然后,通过着色Perti网(CPN)对BBIAC模型进行形式化的安全性评估,证明了BBIAC模型的安全性。实验结果表明,BBIAC适用于具有海量性、动态性和设备轻量级特征的IoT环境。

关键词: 访问控制, 区块链, 物联网, 属性, 着色Petri网

Abstract: The characteristics of massiveness,dynamics,and lightweight devices for network devices in the Internet of Things(IoT)are inherently connected and exist simultaneously. To satisfy these three characteristics simultaneously,a Blockchain-Based IoT Access Control(BBIAC)framework was proposed. Firstly,the BBIAC model under this framework was proposed,the concept of attribute was introduced into the process of IoT authorization to realize the model's support for massiveness;the distributed structure and identity authentication method of blockchain provide the support of dynamics for the model. Secondly,the complete workflow of BBIAC model was introduced. Thirdly,the formal safety assessment of BBIAC was performed by Colored Petri Network(CPN),and the security of the BBIAC model was proved. Experimental results show that BBIAC is suitable for IoT environments with characteristics of massiveness,dynamics and lightweight devices.

Key words: access control, blockchain, Internet of Things (IoT), attribute, Colored Petri Net (CPN)

中图分类号: