Smart contract token-based privacy-preserving access control system for industrial Internet of Things

Due to mobile Internet technology's rapid popularization, the Industrial Internet of Things (IIoT) can be seen everywhere in our daily lives. While IIoT brings us much convenience, a series of security and scalability issues related to permission operations rise to the surface during device communications. Hence, at present, a reliable and dynamic access control management system for IIoT is in urgent need. Up till now, numerous access control architectures have been proposed for IIoT. However, owing to centralized models and heterogeneous devices, security and scalability requirements still cannot be met. In this paper, we offer a smart contract token-based solution for decentralized access control in IIoT systems. Specifically, there are three smart contracts in our system, including the Token Issue Contract (TIC), User Register Contract (URC), and Manage Contract (MC). These three contracts collaboratively supervise and manage various events in IIoT environments. We also utilize the lightweight and post-quantum encryption algorithm-Nth-degree Truncated Polynomial Ring Units (NTRU) to preserve user privacy during the registration process. Subsequently, to evaluate our proposed architecture's performance, we build a prototype platform that connects to the local blockchain. Finally, experiment results show that our scheme has achieved secure and dynamic access control for the IIoT system compared with related research.