SC-CAAC: A Smart-Contract-Based Context-Aware Access Control Scheme for Blockchain-Enabled IoT Systems

Integrating blockchain technology with the Internet of Things (IoT) facilitates seamless interaction between IoT devices and systems to securely share, access, and exchange data. However, ensuring adequate access control within blockchain-enabled IoT (BIoT) systems remains a significant challenge. It is often difficult to adapt existing access control mechanisms to the dynamic and context-dependent nature of IoT environments, necessitating a robust context-aware approach to ensure adequate security and the privacy of resources within BIoT systems. In this article, we propose a novel smart contract-enabled context-aware access control (SC-CAAC) scheme for BIoT systems. It utilizes context-aware access control models that consider contextual information, including user profile, purpose, date, time, location, resource, and operating environment specifications, to make access control decisions. Smart contracts dynamically enforce access control policies and manage access permissions, ensuring that sensitive data and resources are accessible only to authorized users. The proposed scheme leverages the immutability, transparency, and decentralization of a blockchain that is shared by multiple participants in a consortium network, removing the need for a central authority to record and audit access control policies and decisions and promoting accountability and trust. The implementation and evaluation of our proposed scheme using the Hyperledger Besu blockchain demonstrates its effectiveness and scalability in real-world scenarios.