Access control mechanism for the Internet of Things based on blockchain and inner product encryption

The dynamic, massive, and lightweight properties of the Internet of Things device nodes lead to complicated application environments, and traditional access control mechanisms cannot match the current security requirements of the Internet of Things. Although attribute encryption schemes support more fine-grained access control, their overt access policies can endanger users’ privacy. To address the above problems, this paper proposes an Internet of Things access control mechanism based on blockchain and inner product encryption. First, the mechanism employs blockchain technology to provide distributed and decentralized access control management in the Internet of Things, allowing for dynamic management of the Internet of Things data while avoiding the problem of a single point of failure. And utilizing the tamper-evident feature of blockchain, this system stores the hash value of the ciphertext in the third-party storage on the chain to ensure the integrity of the ciphertext so that the third-party storage can be trusted. Furthermore, malicious user access is prevented by deploying smart contracts on the blockchain, which provide automatic and traceable access control to massive amounts of Internet of Things data. Then, in order to guarantee data security and user privacy for lightweight Internet of Things devices, fine-grained access control and complete hiding of access policies are achieved using the property of vector representation of attributes in inner product encryption. Finally, the experimental findings reveal that the mechanism has high efficiency while providing security and can meet the particular access control requirements of the Internet of Things.