Blockchain-Assisted Transparent Cross-Domain Authorization and Authentication for Smart City

【Author】 Huang, Cheng; Xue, Liang; Liu, Dongxiao; Shen, Xuemin; Zhuang, Weihua; Sun, Rob; Ying, Bidi

【Source】IEEE INTERNET OF THINGS JOURNAL

【影响因子】10.238

【Abstract】Secure cross-domain authorization and authentication (AA) enable application service providers (ASPs) to allow users for resource access from different trusted domains. In this article, we propose a unified blockchain-assisted secure cross-domain AA framework for smart city, which can guarantee transparent cross-domain resource access while preserving user privacy. In the framework, ASPs can flexibly delegate their authentication capabilities to the blockchain, and users authorized by different ASPs can be authenticated by the blockchain where the authentication events are publicly audited and traced. Since the blockchain is publicly accessible, users' sensitive identity attributes may be exposed during the authentication process. To address privacy leakage caused by the authentication events, several privacy-preserving techniques, including threshold-based homomorphic encryption, zero-knowledge proof, and random permutation, are exploited to hide users' sensitive information on the blockchain. Moreover, to improve user revocation efficiency, we integrate a cryptographic accumulator and secure hash functions into the framework where ASPs are allowed to revoke their users through a global revocation contract. Our security analysis shows that the proposed framework can achieve all desirable security and privacy properties, and a proof-of-concept prototype has been developed to demonstrate the correctness and efficiency of the proposed framework.

【Keywords】Blockchain; cross-domain authorization and authentication (AA); decentralized trust; identity attribute privacy; smart city applications

【发表时间】2022 44819

【收录时间】2022-11-24

【文献类型】理论模型

【主题类别】

区块链应用-实体经济-智慧城市领域