@article {TAPAS2020324, title = {Experimenting with smart contracts for access control and delegation in IoT}, journal = {Future Generation Computer Systems}, volume = {111}, year = {2020}, pages = {324 - 338}, abstract = {In a Smart City scenario, the authors envisioned an IoT-Cloud framework for the management of boards and resources scattered over a geographic area. It can also become a tool to let device owners contribute freely to the infrastructure. In this paper, we present an authorization and delegation model for the IoT-Cloud based on blockchain technology. We focus on smart city{\^a}{\texteuro}TMs design and simulation of smart contracts to address the specific characteristics of smart environments and analyze access control and delegation mechanism in IoT. In particular, the scheme is implemented for the Ethereum platform in the form of smart contracts. We present the theoretical analysis of the proposed solution. We perform experiments on local testnet Ganache and public testnet Rinkeby to evaluate the performance of the presented models. Finally, we discuss the results and limitations of the system and possible solutions to issues.}, keywords = {Access control, authorization, Blockchain, Cloud, Delegation, Ethereum, IoT, smart cities, Smart contracts}, issn = {0167-739X}, doi = {https://doi.org/10.1016/j.future.2020.04.020}, url = {http://www.sciencedirect.com/science/article/pii/S0167739X18326979}, author = {Nachiket Tapas and Francesco Longo and Giovanni Merlino and Antonio Puliafito} } @proceedings {Tapas2018411, title = {Blockchain-Based IoT-cloud authorization and delegation}, journal = {Proceedings - 2018 IEEE International Conference on Smart Computing, SMARTCOMP 2018}, year = {2018}, note = {cited By 0; Conference of 4th IEEE International Conference on Smart Computing, SMARTCOMP 2018 ; Conference Date: 18 June 2018 Through 20 June 2018; Conference Code:138285}, pages = {411-416}, publisher = {Institute of Electrical and Electronics Engineers Inc.}, address = {Taormina, Italy - 18-20 June 2018}, abstract = {

In a Smart City scenario, the authors envisioned an IoT-Cloud framework for the management of boards and resources scattered over a geographic area. It can also become a tool to let device owners contribute freely to the infrastructure. In comparison to datacenter-oriented Cloud middleware, the administrator and the owner of the infrastructure are not one and the same. This translates into the requirement to support delegation-enabled authorization. In this paper, the authors investigate an authorization and delegation model for the IoT-Cloud based on blockchain technology. In particular, the scheme is implemented in the form of smart contracts over the Ethereum platform. Indeed, this approach represents an enhancement, over a function previously designed in a centralized fashion, by enabling the user to audit authorization operations and inspect how access control is actually performed, without blindly trusting the Cloud as a proxy for access to resources. {\textcopyright} 2018 IEEE.

}, keywords = {Access control, Access to resources, authorization, Blockchain, Cloud middlewares, Clouds, Delegation, Delegation modeling, Ethereum, Geographic areas, Internet of Things, middleware, Smart city, Smart contracts}, isbn = {9781538647059}, doi = {10.1109/SMARTCOMP.2018.00038}, url = {https://www.scopus.com/inward/record.uri?eid=2-s2.0-85051495365\&doi=10.1109\%2fSMARTCOMP.2018.00038\&partnerID=40\&md5=57e82ce12e19c3286c34b0612a587237}, author = {Nachiket Tapas and Giovanni Merlino and Francesco Longo} }