一种基于区块链的物联网访问控制方案  被引量：1

作　　者：杨久华 沈苏彬[2] YANG Jiu-hua;SHEN Su-bin(School of Computer Science,Nanjing University of Posts and Telecommunications,Nanjing 210046,China;National Engineering Research Center on Communication and Networking,Nanjing University of Posts and Telecommunications,Nanjing 210046,China)

机构地区：[1]南京邮电大学计算机学院,江苏南京210046 [2]南京邮电大学通信与网络技术国家工程研究中心,江苏南京210046

出　　处：《计算机技术与发展》2023年第12期136-142,共7页Computer Technology and Development

基　　金：江苏省未来网络前瞻性研究项目(BY20130951108)。

摘　　要：区块链技术应用于物联网资源管理领域得到了广泛的关注,致力于解决物联网环境下集中式资源存储和管理存在的单点故障、隐私和信任等问题。通过研究区块链技术底层原理,结合现有的研究工作成果和其他数据安全技术,提出一种基于区块链和基于属性访问控制的物联网访问控制方案。为了权衡资源安全和访问控制过程透明化,提出双链的去中心化访问控制模型,将资源元数据信息和访问控制信息分开存储和管理,有利于高效地查询所需信息。为了提高访问控制评估和权限验证速度,划分属性并提出静态属性令牌和引入多项式函数的访问树策略表达方式。最后,利用智能合约实现访问控制逻辑,仿真实验表明方案能够有效地保护资源的隐私和安全,是一种动态的、可信的访问控制方案。The application of blockchain technology in the resource management field of the Internet of Things has received wide attention,and is committed to solve the single point of failure,privacy,trust and other problems of centralized resource storage and management in the Internet of Things environment.By studying the underlying principles of blockchain technology,combining with existing research achievements and other data security technologies,a blockchain based and attribute based access control scheme for the Internet of Things is proposed.In order to balance resource security and transparency of access control processes,a dual chain decentralized access control model is proposed,which stores and manages resource metadata information and access control information separately,which is conducive to efficiently query the required information.In order to improve the speed of access control evaluation and permission verification,attributes are divided and static attribute tokens are proposed,as well as an access tree policy expression method that introduces polynomial function.Finally,the smart contract is used to implement access control.Simulation experiments show that as a dynamic and reliable access control scheme,it can effectively protect the privacy and security of resources.

关 键 词：物联网 区块链 资源存储 访问控制模型 智能合约 

分 类 号：TP309.2[自动化与计算机技术—计算机系统结构]