IDEAS home Printed from https://ideas.repec.org/a/gam/jsusta/v13y2021i19p10556-d641425.html

An Attribute-Based Access Control for IoT Using Blockchain and Smart Contracts

Author

Listed:
  • Syed Yawar Abbas Zaidi

    (Department of Computer Science, COMSATS University Islamabad, Islamabad 44500, Pakistan)

  • Munam Ali Shah

    (Department of Computer Science, COMSATS University Islamabad, Islamabad 44500, Pakistan)

  • Hasan Ali Khattak

    (School of Electrical Engineering and Computer Science, National University of Sciences and Technology (NUST), Islamabad 44500, Pakistan)

  • Carsten Maple

    (Secure Cyber Systems Research Group (SCSRG), University of Warwick, Coventry CV4 7AL, UK)

  • Hafiz Tayyab Rauf

    (Department of Computer Science, Faculty of Engineering & Informatics, University of Bradford, Bradford BD7 1DP, UK)

  • Ahmed M. El-Sherbeeny

    (Industrial Engineering Department, College of Engineering, King Saud University, P.O. Box 800, Riyadh 11421, Saudi Arabia)

  • Mohammed A. El-Meligy

    (Industrial Engineering Department, College of Engineering, King Saud University, P.O. Box 800, Riyadh 11421, Saudi Arabia)

Abstract

With opportunities brought by the Internet of Things (IoT), it is quite a challenge to maintain concurrency and privacy when a huge number of resource-constrained distributed devices are involved. Blockchain have become popular for its benefits, including decentralization, persistence, immutability, auditability, and consensus. Great attention has been received by the IoT based on the construction of distributed file systems worldwide. A new generation of IoT-based distributed file systems has been proposed with the integration of Blockchain technology, such as the Swarm and Interplanetary File System. By using IoT, new technical challenges, such as Credibility, Harmonization, large-volume data, heterogeneity, and constrained resources are arising. To ensure data security in IoT, centralized access control technologies do not provide credibility. In this work, we propose an attribute-based access control model for the IoT. The access control lists are not required for each device by the system. It enhances access management in terms of effectiveness. Moreover, we use blockchain technology for recording the attribute, avoiding data tempering, and eliminating a single point of failure at edge computing devices. IoT devices control the user’s environment as well as his or her private data collection; therefore, the exposure of the user’s personal data to non-trusted private and public servers may result in privacy leakage. To automate the system, smart contracts are used for data accessing, whereas Proof of Authority is used for enhancing the system’s performance and optimizing gas consumption. Through smart contracts, ciphertext can be stored on a blockchain by the data owner. Data can only be decrypted in a valid access period, whereas in blockchains, the trace function is achieved by the storage of invocation and the creation of smart contracts. Scalability issues can also be resolved by using the multichain blockchain. Eventually, it is concluded from the simulation results that the proposed system is efficient for IoT.

Suggested Citation

  • Syed Yawar Abbas Zaidi & Munam Ali Shah & Hasan Ali Khattak & Carsten Maple & Hafiz Tayyab Rauf & Ahmed M. El-Sherbeeny & Mohammed A. El-Meligy, 2021. "An Attribute-Based Access Control for IoT Using Blockchain and Smart Contracts," Sustainability, MDPI, vol. 13(19), pages 1-26, September.
    • Handle: RePEc:gam:jsusta:v:13:y:2021:i:19:p:10556-:d:641425
    as

    Download full text from publisher

    File URL: https://www.mdpi.com/2071-1050/13/19/10556/pdf
    Download Restriction: no
    File URL: https://www.mdpi.com/2071-1050/13/19/10556/
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Lee, In & Lee, Kyoochun, 2015. "The Internet of Things (IoT): Applications, investments, and challenges for enterprises," Business Horizons, Elsevier, vol. 58(4), pages 431-440.
    2. Israr Ahmad & Munam Ali Shah & Hasan Ali Khattak & Zoobia Ameer & Murad Khan & Kijun Han, 2020. "FIViz: Forensics Investigation through Visualization for Malware in Internet of Things," Sustainability, MDPI, vol. 12(18), pages 1-23, September.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Raed M. Bani-Hani & Ahmed S. Shatnawi & Lana Al-Yahya, 2024. "Vulnerability Detection and Classification of Ethereum Smart Contracts Using Deep Learning," Future Internet, MDPI, vol. 16(9), pages 1-35, September.
    2. Iqra Nazir & Nermish Mushtaq & Waqas Amin, 2025. "Smart Grid Systems: Addressing Privacy Threats, Security Vulnerabilities, and Demand–Supply Balance (A Review)," Energies, MDPI, vol. 18(19), pages 1-77, September.
    3. Urooj Waheed & Sadiq Ali Khan & Muhammad Masud & Huma Jamshed & Touqeer Ahmed Jumani & Najeeb Ur Rehman Malik, 2025. "Blockchain-Based, Dynamic Attribute-Based Access Control for Smart Home Energy Systems," Energies, MDPI, vol. 18(8), pages 1-40, April.
    4. Mohsen Rouached & Aymen Akremi & Mouna Macherki & Naoufel Kraiem, 2024. "Policy-Based Smart Contracts Management for IoT Privacy Preservation," Future Internet, MDPI, vol. 16(12), pages 1-24, December.
    5. Evin Özkan & Neda Azizi & Omid Haass, 2021. "Leveraging Smart Contract in Project Procurement through DLT to Gain Sustainable Competitive Advantages," Sustainability, MDPI, vol. 13(23), pages 1-25, December.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Leonel Jorge Ribeiro Nunes & Radu Godina & João Carlos de Oliveira Matias, 2019. "Technological Innovation in Biomass Energy for the Sustainable Growth of Textile Industry," Sustainability, MDPI, vol. 11(2), pages 1-12, January.
    2. Athanasios Tsipis & Asterios Papamichail & Ioannis Angelis & George Koufoudakis & Georgios Tsoumanis & Konstantinos Oikonomou, 2020. "An Alertness-Adjustable Cloud/Fog IoT Solution for Timely Environmental Monitoring Based on Wildfire Risk Forecasting," Energies, MDPI, vol. 13(14), pages 1-35, July.
    3. Bent Flyvbjerg & Alexander Budzier & Jong Seok Lee & Mark Keil & Daniel Lunn & Dirk W. Bester, 2022. "The Empirical Reality of IT Project Cost Overruns: Discovering A Power-Law Distribution," Papers 2210.01573, arXiv.org.
    4. Akhtar, Pervaiz & Khan, Zaheer & Tarba, Shlomo & Jayawickrama, Uchitha, 2018. "The Internet of Things, dynamic data and information processing capabilities, and operational agility," Technological Forecasting and Social Change, Elsevier, vol. 136(C), pages 307-316.
    5. Li, Ying & Dai, Jing & Cui, Li, 2020. "The impact of digital technologies on economic and environmental performance in the context of industry 4.0: A moderated mediation model," International Journal of Production Economics, Elsevier, vol. 229(C).
    6. Ciachorowski Damian & Lis Anna Maria & Miranda Elem, 2025. "Sustainability in digital transformation: towards an integrated framework," Engineering Management in Production and Services, Sciendo, vol. 17(4), pages 86-103.
    7. Thu-Hang Hoang & Thi-Trang Tran & Lam Nha Tu Huynh & Dung Khanh Vo & Bao Gia Huynh & Tam Minh Thi Tran & Nguyen Dang Nguyen, 2025. "Advances and barriers in promoting green logistics 4.0 from a multi-stakeholder perspective–a systematic review," Environment Systems and Decisions, Springer, vol. 45(2), pages 1-19, June.
    8. Kumar, V. & Ramachandran, Divya & Kumar, Binay, 2021. "Influence of new-age technologies on marketing: A research agenda," Journal of Business Research, Elsevier, vol. 125(C), pages 864-877.
    9. Madhukar Patil & M. Suresh, 2019. "Modelling the Enablers of Workforce Agility in IoT Projects: A TISM Approach," Global Journal of Flexible Systems Management, Springer;Global Institute of Flexible Systems Management, vol. 20(2), pages 157-175, June.
    10. Abdel Ghafar, Ahmed Ismail & Vazquez Castro, Ágeles & Essam Khedr, Mohamed, 2019. "Multidimensional Self-Organizing Chord-Based Networking for Internet of Things," 2nd Europe – Middle East – North African Regional ITS Conference, Aswan 2019: Leveraging Technologies For Growth 201736, International Telecommunications Society (ITS).
    11. Vasja Roblek & Maja Meško & Alojz Krapež, 2016. "A Complex View of Industry 4.0," SAGE Open, , vol. 6(2), pages 21582440166, June.
    12. Artur Pollak & Agata Hilarowicz & Maciej Walczak & Damian Gąsiorek, 2020. "A Framework of Action for Implementation of Industry 4.0. an Empirically Based Research," Sustainability, MDPI, vol. 12(14), pages 1-16, July.
    13. Daliborka Witschel & Julian Marius Müller & Kai-Ingo Voigt, 2023. "What Takes the Wind out of Their Sails? A Micro-Foundational Perspective of Challenges for Building Dynamic Capabilities Towards Digital Business Model Innovation," Schmalenbach Journal of Business Research, Springer, vol. 75(3), pages 345-388, September.
    14. Pillai, Rajasshrie & Sivathanu, Brijesh & Dwivedi, Yogesh K., 2020. "Shopping intention at AI-powered automated retail stores (AIPARS)," Journal of Retailing and Consumer Services, Elsevier, vol. 57(C).
    15. Zahra, Shaker A. & Liu, Wan & Si, Steven, 2023. "How digital technology promotes entrepreneurship in ecosystems," Technovation, Elsevier, vol. 119(C).
    16. Zhang, Yimeng & Ma, Xinyu & Pang, Jianing & Xing, Hailong & Wang, Jian, 2023. "The impact of digital transformation of manufacturing on corporate performance — The mediating effect of business model innovation and the moderating effect of innovation capability," Research in International Business and Finance, Elsevier, vol. 64(C).
    17. Jelena Končar & Aleksandar Grubor & Radenko Marić & Sonja Vučenović & Goran Vukmirović, 2020. "Setbacks to IoT Implementation in the Function of FMCG Supply Chain Sustainability during COVID-19 Pandemic," Sustainability, MDPI, vol. 12(18), pages 1-21, September.
    18. Sandeep Jagtap & George Skouteris & Vilendra Choudhari & Shahin Rahimifard & Linh Nguyen Khanh Duong, 2021. "An Internet of Things Approach for Water Efficiency: A Case Study of the Beverage Factory," Sustainability, MDPI, vol. 13(6), pages 1-10, March.
    19. Evans, Olaniyi, 2018. "Digital Agriculture: Mobile Phones, Internet & Agricultural Development in Africa," MPRA Paper 90359, University Library of Munich, Germany.
    20. In Lee, 2020. "Internet of Things (IoT) Cybersecurity: Literature Review and IoT Cyber Risk Management," Future Internet, MDPI, vol. 12(9), pages 1-21, September.

    More about this item

    Keywords

    ;
    ;
    ;
    ;
    ;

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jsusta:v:13:y:2021:i:19:p:10556-:d:641425. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.