OAuth 2.0 meets Blockchain for Authorization in Constrained IoT Environments
This addresses authorization challenges for IoT environments, but it appears incremental as it combines existing technologies without a clear breakthrough.
The paper tackled the problem of providing delegated authorization for constrained IoT devices by integrating blockchain and smart contract technology with the OAuth 2.0 framework, resulting in models that offer tradeoffs in privacy, delay, and cost while leveraging blockchain advantages like payment linking and immutable records.
We present models for utilizing blockchain and smart contract technology with the widely used OAuth 2.0 open authorization framework to provide delegated authorization for constrained IoT devices. The models involve different tradeoffs in terms of privacy, delay, and cost, while exploiting key advantages of blockchains and smart contracts. These include linking payments to authorization grants, immutably recording authorization information and policies in smart contracts, and offering resilience through the execution of smart contract code on all blockchain nodes.