Combining IOTA and Attribute-Based Encryption for Access Control in the Internet of Things.

Unauthorized resource access represents a typical security threat in the Internet of Things (IoT), while distributed ledger technologies (e.g., blockchain and IOTA) hold great promise to address this threat. Although blockchain-based IoT access control schemes have been the most popular ones, they suffer from several significant limitations, such as high monetary cost and low throughput of processing access requests. To overcome these limitations, this paper proposes a novel IoT access control scheme by combining the fee-less IOTA technology and the Ciphertext-Policy Attribute-Based Encryption (CP-ABE) technology. To control the access to a resource, a token, which records access permissions to this resource, is encrypted by the CP-ABE technology and uploaded to the IOTA Tangle (i.e., the underlying database of IOTA). Any user can fetch the encrypted token from the Tangle, while only those who can decrypt this token are authorized to access the resource. In this way, the proposed scheme enables not only distributed, fee-less and scalable access control thanks to the IOTA but also fine-grained attribute-based access control thanks to the CP-ABE. We show the feasibility of our scheme by implementing a proof-of-concept prototype system using smart phones (Google Pixel 3XL) and a commercial IoT gateway (NEC EGW001). We also evaluate the performance of the proposed scheme in terms of access request processing throughput. The experimental results show that our scheme enables object owners to authorize access rights to a large number of subjects in a much (about 5 times) shorter time than the existing access control scheme called Decentralized Capability-based Access Control framework using IOTA (DCACI), significantly improving the access request processing throughput.

Exploiting Smart Contracts for Capability-Based Access Control in the Internet of Things.

Due to the rapid penetration of the Internet of Things (IoT) into human life, illegal access to IoT resources (e.g., data and actuators) has greatly threatened our safety. Access control, which specifies who (i.e., subjects) can access what resources (i.e., objects) under what conditions, has been recognized as an effective solution to address this issue. To cope with the distributed and trust-less nature of IoT systems, we propose a decentralized and trustworthy Capability-Based Access Control (CapBAC) scheme by using the Ethereum smart contract technology. In this scheme, a smart contract is created for each object to store and manage the capability tokens (i.e., data structures recording granted access rights) assigned to the related subjects, and also to verify the ownership and validity of the tokens for access control. Different from previous schemes which manage the tokens in units of subjects, i.e., one token per subject, our scheme manages the tokens in units of access rights or actions, i.e., one token per action. Such novel management achieves more fine-grained and flexible capability delegation and also ensures the consistency between the delegation information and the information stored in the tokens. We implemented the proposed CapBAC scheme in a locally constructed Ethereum blockchain network to demonstrate its feasibility. In addition, we measured the monetary cost of our scheme in terms of gas consumption to compare our scheme with the existing Blockchain-Enabled Decentralized Capability-Based Access Control (BlendCAC) scheme proposed by other researchers. The experimental results show that the proposed scheme outperforms the BlendCAC scheme in terms of the flexibility, granularity, and consistency of capability delegation at almost the same monetary cost.

Tracking pedestrians across multiple microcells based on successive Bayesian estimations.

We propose a method for tracking multiple pedestrians using a binary sensor network. In our proposed method, sensor nodes are composed of pairs of binary sensors and placed at specific points, referred to as gates, where pedestrians temporarily change their movement characteristics, such as doors, stairs, and elevators, to detect pedestrian arrival and departure events. Tracking pedestrians in each subregion divided by gates, referred to as microcells, is conducted by matching the pedestrian gate arrival and gate departure events using a Bayesian estimation-based method. To improve accuracy of pedestrian tracking, estimated pedestrian velocity and its reliability in a microcell are used for trajectory estimation in the succeeding microcell. Through simulation experiments, we show that the accuracy of pedestrian tracking using our proposed method is improved by up to 35% compared to the conventional method.

Bayesian estimation-based pedestrian tracking in microcells.

We consider a pedestrian tracking system where sensor nodes are placed only at specific points so that the monitoring region is divided into multiple smaller regions referred to as microcells. In the proposed pedestrian tracking system, sensor nodes composed of pairs of binary sensors can detect pedestrian arrival and departure events. In this paper, we focus on pedestrian tracking in microcells. First, we investigate actual pedestrian trajectories in a microcell on the basis of observations using video sequences, after which we prepare a pedestrian mobility model. Next, we propose a method for pedestrian tracking in microcells based on the developed pedestrian mobility model. In the proposed method, we extend the Bayesian estimation to account for time-series information to estimate the correspondence between pedestrian arrival and departure events. Through simulations, we show that the tracking success ratio of the proposed method is increased by 35.8% compared to a combinatorial optimization-based tracking method.