Research On Right Transfer Control Model Of Internet Of Things Based On Smart Contract

The expansion of the scale of the Internet of Things has raised concerns about data resource security.Access control is one of the key technologies to ensure the security of the Internet of Things and has been widely applied in data resource protection.Traditional access control models are mostly built on "centralized" trusted entities,and the idea of "decentralized" blockchain technology can avoid the problems brought by "centralized" models.With the development of the Internet of Things,a complex network environment with many characteristics such as openness,heterogeneity,and multiple security domains has emerged.In such a complex network environment,the right flow of data resources is becoming increasingly frequent,and resources face various security issues during the access authorization process,such as low efficiency of right management,poor flexibility and scalability of control models,low transparency of right judgments,and inconsistent access standards.In the face of the above challenges,in response to the massive,dynamic,and distributed characteristics of sensor nodes in the Internet of Things,this paper studies an Internet of Things access control model based on smart contracts,achieving secure transfer of rights within and between domains.The main work is as follows:1.Combining the Attribute Based Access Control Model(ABAC)with blockchain technology,a more flexible right transfer access control model has been constructed.This model utilizes the ABAC model to achieve precise association between attributes and rights;The authority Transfer contract(TS)and Access Control contract(CS)are deployed on the chain to dynamically verify the subject under the access request,and the corresponding relationship between attribute and authority is precisely designed to realize the fine-grained access control of the principle of least privilege and ensure the efficient and secure transfer of authority.2.A cross domain access control model was proposed,using blockchain as a carrier for attribute storage.By setting up cross organizational nodes in different organizations,channels for inter organizational connections were established;Utilizing three intelligent combinations,PAP Contract,PDP Contract,and PIP Contract,to replace ABAC model nodes and achieve automated decision-making of rights in access control;At the same time,the credibility of cross domain access control is improved based on credit management mechanism.From the perspective of user attributes,behavior analysis,etc.,the fuzzy analytic hierarchy process is used to calculate the user’s current credit and historical credit,and the final credit is calculated from the three perspectives of data visualization,intelligent management,and intelligent operation and maintenance.The final credit value is linked and visible to all security domains to further ensure the security of inter domain access control.Theoretical analysis and experimental research results indicate that the proposed scheme can achieve more secure and effective rights dynamic transfer and inter domain access compared to existing research results.The feasibility of the model was verified by deploying smart contracts locally;The credibility of the model was verified through security analysis of consensus mechanisms and credit evaluation methods.All test results indicate that the model described in this article is feasible and effective.