The collaborative demand in the Internet of Things (IoT) is becoming stronger. One of the collaborative challenges is the security of interoperability between different management domains. Although cross-domain access control mechanisms exist in IoT, the majority of them are based on a trusted third party. In addition, the heterogeneity of multidomain policies makes it difficult for authority delegation to satisfy the principle of least authority. In this paper, we propose a blockchain-based IoT cross-domain delegation access control method (CDDAC). The delegation-trajectory-on-blockchain strategy proposed enhances the scalability of the cross-domain delegation system. The presented multidomain delegation trajectory aggregation scheme supports the forensic analysis of the cross-domain delegation system. The performance of CDDAC is evaluated in the Ropsten, which is the Ethereum’s official public blockchain test network. The experimental results show that CDDAC has faster delegation verification speed and higher decision-making efficiency than existing work, demonstrating the lightweight and scalability of the method.

中文翻译：

---

一种基于区块链的物联网跨域委托访问控制方法

物联网 (IoT) 中的协作需求越来越强烈。协作挑战之一是不同管理域之间互操作性的安全性。尽管物联网中存在跨域访问控制机制，但其中大多数是基于受信任的第三方。此外，多域策略的异构性使得权限下放难以满足最小权限原则。在本文中，我们提出了一种基于区块链的物联网跨域委托访问控制方法（CDDAC）。提出的区块链委托轨迹策略增强了跨域委托系统的可扩展性。提出的多域委托轨迹聚合方案支持跨域委托系统的取证分析。CDDAC 的性能在 Ropsten 中进行评估，Ropsten 是以太坊的官方公共区块链测试网络。实验结果表明，CDDAC比现有工作具有更快的委托验证速度和更高的决策效率，证明了该方法的轻量级和可扩展性。