Modelos de Controle de Acesso Sensíveis ao Contexto com uso de Smart Contracts

Abstract

The constant advances in ubiquitous computing and in the Internet of things (IoT) bring new challenges to access control systems, such as building a mechanism not dependent on a centralized trusted party, and the need to account for contextual data. Such characteristics may be required to enable IoT services in smart homes, smart cities, medical services, or even in mobile computer based health monitoring systems. In these distributed computing environments, direct device to device interactions are commonly based on service requests among the participants, which reinforce the need for flexible and scalable authenticity and confidentiality mechanisms. This work deals with the development of an access control model to address such challenges using a blockchain infrastructure. In the proposed method, services and contextual data are defined using smart contracts, and blockchain logs are used for distributed and trustful information management. Blockchain assets are associated with permissions, and their transfers are used to directly verify access control rights in service invocation requests. A reference implementation of the the proposed model has been developed using the Hyperledger system and the results show the viability of this methodology.