Enabling Opportunistic Users in Multi-Tenant IoT Systems using Decentralized Identifiers and Permissioned Blockchains
This addresses security and privacy challenges for IoT systems that need to handle untrusted guest users, though it appears incremental as it builds on existing blockchain and identifier technologies.
The paper tackles the problem of authenticating and authorizing opportunistic users in multi-tenant IoT systems by developing a mechanism using decentralized identifiers and permissioned blockchains, achieving enhanced privacy, fast revocation, and support for distributed policy decision points.
In this work, we leverage advances in decentralized identifiers and permissioned blockchains to build a flexible user authentication and authorization mechanism that offers enhanced privacy, achieves fast revocation, and supports distributed "policy decision points" executed in mutually untrusted entities. The proposed solution can be applied in multi-tenant "IoT hubs" that interconnect diverse IoT silos and enable authorization of "guest" users, i.e., opportunistic users that have no trust relationship with the system, which has not encountered or known them before.