摘要
物联网(IoT)中的传感节点具有海量性、动态性等特点,使得传统的中心式的授权决策访问控制难以满足更高的物联网环境需求。结合基于属性的访问控制模型(ABAC)与区块链技术,利用ABAC中属性和权限相关联的特点及区块链去中心化的思想来解决IoT中设备海量性的问题;同时针对节点接入和权限传递等动态性问题,提出一种基于区块链的新方法来表示资源访问策略,利用智能合约来实现权限的动态传递,将协议策略和权利交换过程展现在链上,任何用户都可以随时知道策略与资源和当前拥有访问资源的权限。通过对比分析和实验结果表明,该架构与现有传统的架构相比,能更有效地解决IoT中设备存在的海量性、动态性的问题。
Sensor nodes in the Internet of Things(IoT)are massive and dynamic,making traditional authorization decision-making access control incompatible with the higher requirements of the IoT environment.Attribute-based access control model(ABAC)was combined with blockchain technology,and attributes and permissions associations in ABAC were used in conjunction with decentralization within blockchain technology to address the problem of massive devices in IoT.To represent the resource access policy,a new method based on blockchain was proposed to deal with dynamic problems such as node access and permission transfer.In the smart contract,permissions were dynamically transferred and the policy and right exchange process were displayed on the chain.Any user could see the policy and resources,as well as the current permission to access those resources.According to the results of experiments,compared with the existing traditional architecture,this architecture was more effective to solve the massive and dynamic problems of devices in the Internet of Things.
作者
巩坪
王九如
宋万水
张问银
孙崇然
GONG Ping;WANG Jiuru;SONG Wanshui;ZHANG Wenyin;SUN Chongran(School of Information Science and Engineering,Linyi University,Linyi 276000,China;School of Information Science and Engineering,Shandong Normal University,Jinan 250358,China)
出处
《郑州大学学报(理学版)》
CAS
北大核心
2023年第3期28-33,共6页
Journal of Zhengzhou University:Natural Science Edition
基金
山东省重点研发计划项目(2019GNC106027,2019JZZY010134)
山东省自然科学基金项目(ZR2020MF058,ZR2020MF029)。
关键词
访问控制
区块链
权限传递
智能合约
access control
blockchain
permission transfer
smart contract