TABI: Trust-Based ABAC Mechanism for Edge-IoT Using Blockchain Technology

Recent research has focused on applying blockchain technology to solve security-related problems in Internet of Things (IoT) networks. However, implementing blockchain technology directly on IoT networks is prone to high overheads and energy-expensive operations. Therefore, in this paper, we use edge computing technology to avoid these problems. We also propose a novel Trust-based Access Control Mechanism for Edge-IoT Networks using Blockchain technology (named TABI) to implement end-to-end security in resource-constrained IoT networks. The TABI mechanism utilizes both access control and trust evaluation mechanisms to mitigate the impact of malicious IoT users and devices. Additionally, it incorporates permissioned Hyperledger blockchain technology to provide an added layer of security through authentication. The trust evaluation mechanism is implemented as a trust calculation contract (TCC) on the edge devices using Hyperledger Composer. The access control mechanism employs an Attribute-based Access Control (ABAC) mechanism, which is implemented on the Hyperledger blockchain using two smart contracts: the attribute contract (AC) and the access control contract (ACC). We implement a proof-of-concept (PoC) implementation using Hyperledger Caliper (a benchmark testing tool) and Docker images. Our evaluation includes five analyses: Trust Evaluation Mechanism, Access Control Mechanism, Security, Blockchain, and IoT Applications. Through this evaluation, we highlight the effectiveness of TABI in terms of throughput, latency, detection of malicious IoT devices, and resource consumption of the IoT devices. Our analyses demonstrate that TABI is particularly useful in IoT applications that require low latency and resource efficiency.