基于智能合约的物联网访问控制系统

在物联网环境下，传统访问控制方法采用集中式的决策实体进行访问控制授权，容易出现单点故障和数据篡改等问题，造成用户隐私数据的丢失及设备被他人非法占用。利用区块链的去中心化、不可篡改及可编程的特性，将区块链技术和访问控制技术相结合，提出一种新的物联网访问控制系统，并为该系统设计一个依托于超级账本的访问控制策略模型FACP。每个物联网设备根据FACP设置访问控制策略，只有符合访问控制策略的用户才可使用该设备，同时系统将用户划分为资源拥有者和资源请求者，以便于更好地区分不同需求的用户。实验结果表明，该系统可为物联网设备提供细粒度与动态的访问控制，且具有较高的吞吐量与较低的延迟，能够保证物联网设备访问控制的安全性及可靠性。

Access Control System of Internet of Things Based on Smart Contract

Traditional access control methods in the Internet of Things(IoT)environment use centralized decisionmaking entities for access control authorization,which is prone to single-point failures and data tampering problems,resulting in the loss of user privacy data and the illegal use of equipment by others.To address these issues,this paper proposes an IoT access control system using smart contract,which introduces the decentralized,tamper-resistant and programmable blockchain technique into access control,and on this basis designs an access control policy model FACP that relies on hyperledger fabric for the system.Each IoT device sets an access control policy based on FACP,and only users who comply with the access control policy can use the device.At the same time,in order to better distinguish users with different needs,the system divides users into two categories:resource owners and resource requesters.Experimental results show that the system can provide fine-grained and dynamic access control for IoT devices with high throughput and low latency,ensuring the security and reliability of IoT device access control.