Towards Decentralized IoT Access Control Scheme with Gateway-Level Cache and Blockchain-Based Trust Infrastructure

The deployment of Internet of Things (IoT) systems in multiple administrative domains brings high demands on access control mechanisms that are scalable, auditable and interoperable. Existing centralized solutions cannot support cross-domain flexibility, while blockchain-based access control schemes that run authorization logic on-chain are plagued with high transaction latency, low throughput, and high operational cost, ruling them out of the high frequency IoT access scenario. This paper presents DGAC-IoT, a decentralized and gateway-assisted access control framework, which unambiguously separates the trust management, policy evaluation and enforcement functionality among the edge and blockchain layers. Access decisions are made fine-grained off-chain at domain gateways incorporating attribute-based access control (ABAC) policies while a permissioned blockchain network using Hyperledger Fabric is used as a distributed trust anchor. Smart contracts (chain-code) are only used to register cryptographically signed authorization commitments, policy updates and revocation events. Gateways have a local authorization cache that is indexed on subject-object-policy tuples and is bounded by explicit validity intervals so that repeated access requests can be resolved without having to interact with the blockchain. The communication is secure and cannot be denied (rejected) using public key infrastructure (PKI), digital signatures, and cryptographic hash functions. The framework is carried out with the use of containerized gateway services orchestrated via Docker and Fabric peers that are deployed across multiple domains. Performance is tested under conditions of rising access request rates, different cache hit ratios and dynamic revocation situations. Results reveal that DGAC-IoT has significant gains for end-to-end access latency, maintains close to linear throughput with scaling of the request load, and limits the scale up of blockchain transactions to a small set of access events. Sensitivity analysis is further used to quantify the effect of the policy expiration time and revocation frequency, as the effect of adaptive cached management and policy management directly affects the system responsiveness and blockchain overhead. These results show that by ensuring that blockchain is only used for immutable authorization commitment and revocation while policy evaluation and enforcement are done off-chain at gateways, a scalable and deployable access control solution for cross-domain IoT environments with heterogeneous trust and performance requirements can be achieved.