xDBAuth: Blockchain Based Cross Domain Authentication and Authorization Framework for Internet of Things

The innovation of ubiquitous and pervasive computing helps service-oriented organizations in the realization of a virtual coalition. The virtual coalition is a set of IoT domains i.e., smart homes and smart hospitals that are linked together through communication lines to share resources. Such virtual coalitions need secure cross-domain permission delegation and access control mechanisms. In existing approaches, permission delegation and access control are performed at the resource owner domain or by a single trusted third party. This single trusted third party may fail to work or compromise. Therefore, it will collapse either the whole system or the security of the system. We propose xDBAuth, a decentralized Blockchain (BC) based permission delegation and access control framework for the Internet of Things (IoT). Also, we proposed a hierarchy of local and global smart contracts that perform permission delegation and access control for both internal and external user/IoT devices. Additionally, the proposed framework preserves an external user's privacy by allowing them to get authentication in their parent IoT domains. During authentication, Proof-of-Authenticity/Integrity (PoAI) mechanism is used to find and retrieve user/IoT device platform hashes stored on local BC. After successful authentication, BC authorizes the user/IoT device based on the validation of delegation policies stored on BC. We implemented the proposed framework using Node.js. The results show that the proposed xDBAuth is a lightweight framework with less computational overhead. xDBAuth produces high throughput in an environment having a large number of concurrent requests.