{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,15]],"date-time":"2026-02-15T14:43:54Z","timestamp":1771166634232,"version":"3.50.1"},"reference-count":53,"publisher":"Oxford University Press (OUP)","issue":"2","license":[{"start":{"date-parts":[[2022,12,30]],"date-time":"2022-12-30T00:00:00Z","timestamp":1672358400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/academic.oup.com\/journals\/pages\/open_access\/funder_policies\/chorus\/standard_publication_model"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024,2,17]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:p>Security faces huge challenges in Internet of Things (IoT) environments. In particular, conventional access control standards and models tend to be less tailored for IoT due to the constrained nature of smart objects. Usually, a powerful third party is used to handle the access control logic. However, this third party is lacking in transparency and could harm user privacy. Therefore, providing a distributed access control solution, while considering transparency and privacy-preserving awareness in IoT smart systems, is of paramount importance. The described issue can be addressed using the emergent Blockchain technology that provides a promising choice to build a new generation of decentralized and transparent access control solutions. This paper proposes a smart contract-based access control framework for IoT smart healthcare systems, which is based on smart contracts to provide a distributed and trustworthy access control, combined with the GTRBAC model to express fine-grained access control policies while considering temporal authorization constraints. To prove the feasibility and validity of the proposed framework, this paper also provides a detailed technical description and an initial implementation and execution. An experimental evaluation shows that security properties\u2019 analyses on smart contracts achieved the best possible evaluation with no vulnerabilities found, and the cost of access control operations increases linearly as the number of policy constraints increases. Besides, a comparative analysis reveals that the proposed approach can achieve good results with low gas costs and latency.<\/jats:p>","DOI":"10.1093\/comjnl\/bxac183","type":"journal-article","created":{"date-parts":[[2022,12,31]],"date-time":"2022-12-31T06:32:06Z","timestamp":1672468326000},"page":"407-422","source":"Crossref","is-referenced-by-count":18,"title":["A Smart Contract-Based Access Control Framework For Smart Healthcare Systems"],"prefix":"10.1093","volume":"67","author":[{"given":"Amal","family":"Abid","sequence":"first","affiliation":[{"name":"ReDCAD, ENIS, University of Sfax , Tunisia"}]},{"given":"Saoussen","family":"Cheikhrouhou","sequence":"additional","affiliation":[{"name":"ReDCAD, ENIS, University of Sfax , Tunisia"}]},{"given":"Slim","family":"Kallel","sequence":"additional","affiliation":[{"name":"ReDCAD, ENIS, University of Sfax , Tunisia"}]},{"given":"Zahir","family":"Tari","sequence":"additional","affiliation":[{"name":"RMIT University, School of Science , Melbourne, Australia"}]},{"given":"Mohamed","family":"Jmaiel","sequence":"additional","affiliation":[{"name":"ReDCAD, ENIS, University of Sfax , Tunisia"}]}],"member":"286","published-online":{"date-parts":[[2022,12,30]]},"reference":[{"key":"2024021913301447200_ref1","doi-asserted-by":"crossref","first-page":"2233","DOI":"10.1109\/TII.2014.2300753","article-title":"Internet of things in industries: a survey","volume":"10","author":"Da Xu","year":"2014","journal-title":"IEEE Transactions on Industrial Informatics"},{"key":"2024021913301447200_ref2","volume-title":"Electronic health record (ehr) market size","author":"Intelligence, P. S"},{"key":"2024021913301447200_ref3","volume-title":"Hipaa journal-hipaa compliance news-hipaa breach news","author":"HIPAA"},{"key":"2024021913301447200_ref4","doi-asserted-by":"crossref","first-page":"36","DOI":"10.1049\/iet-sen.2018.5034","article-title":"Modelling and verifying time-aware processes for cyber-physical environments","volume":"13","author":"Graja","year":"2019","journal-title":"IET softw"},{"key":"2024021913301447200_ref5","doi-asserted-by":"crossref","first-page":"524","DOI":"10.1109\/JIOT.2016.2569094","article-title":"Data exfiltration from internet of things devices: ios devices as case studies","volume":"4","author":"D\u2019Orazio","year":"2016","journal-title":"IEEE Internet Things J."},{"key":"2024021913301447200_ref6","doi-asserted-by":"crossref","first-page":"146","DOI":"10.1016\/j.comnet.2014.11.008","article-title":"Security, privacy and trust in internet of things: the road ahead","volume":"76","author":"Sicari","year":"2015","journal-title":"Computer Networks"},{"key":"2024021913301447200_ref7","doi-asserted-by":"crossref","first-page":"38","DOI":"10.1109\/2.485845","article-title":"Role-based access control models","volume":"29","author":"Sandhu","year":"1996","journal-title":"Computer"},{"key":"2024021913301447200_ref8","volume-title":"Proceedings of the IEEE International Conference on Web Services (ICWS)","author":"Yuan","year":"2005"},{"key":"2024021913301447200_ref9","doi-asserted-by":"crossref","first-page":"40","DOI":"10.1109\/35.312842","article-title":"Access control: principle and practice","volume":"32","author":"Sandhu","year":"1994","journal-title":"IEEE Communications Magazine"},{"key":"2024021913301447200_ref10","doi-asserted-by":"crossref","first-page":"147","DOI":"10.1016\/j.future.2013.05.010","article-title":"An extended attribute based access control model with trust and privacy: application to a collaborative crisis management system","volume":"31","author":"Smari","year":"2014","journal-title":"Future Generation Computer Systems"},{"key":"2024021913301447200_ref11","doi-asserted-by":"crossref","first-page":"85","DOI":"10.1109\/MC.2015.33","article-title":"Attribute-based access control","volume":"48","author":"Hu","year":"2015","journal-title":"Computer"},{"key":"2024021913301447200_ref12","doi-asserted-by":"crossref","DOI":"10.12785\/amis\/080416","article-title":"An efficient authentication and access control scheme for perception layer of internet of things","volume-title":"Applied Mathematics & Information Sciences","author":"Ye","year":"2014"},{"key":"2024021913301447200_ref13","doi-asserted-by":"crossref","first-page":"2266","DOI":"10.1016\/j.comnet.2012.12.018","article-title":"On the features and challenges of security and privacy in distributed internet of things","volume":"57","author":"Roman","year":"2013","journal-title":"Computer Networks"},{"key":"2024021913301447200_ref14","first-page":"67","volume-title":"Proceedings of the IEEE World Forum on Internet of Things (WF-IoT)","author":"Skarmeta","year":"2014"},{"key":"2024021913301447200_ref15","article-title":"Bitcoin: a peer-to-peer electronic cash system","author":"Nakamoto","year":"2008","journal-title":"Cryptography Mailing list"},{"key":"2024021913301447200_ref16","first-page":"1","article-title":"Ethereum: a secure decentralised generalised transaction ledger","volume":"151","author":"Wood","year":"2014","journal-title":"Ethereum project"},{"key":"2024021913301447200_ref17","first-page":"841","article-title":"Novidchain: Blockchain-based privacy-preserving platform for covid-19 test\/vaccine certificates","volume":"52","author":"Abid","year":"2022","journal-title":"Software: Practice and Experience"},{"key":"2024021913301447200_ref18","doi-asserted-by":"crossref","first-page":"764","DOI":"10.1145\/3384419.3430605","volume-title":"Proceedings of the International Conference on Embedded Networked Sensor Systems (SenSys)","author":"Abid","year":"2020"},{"key":"2024021913301447200_ref19","article-title":"Survey on blockchain for internet of things","volume":"13","author":"Wang","year":"2019","journal-title":"Computer Communications"},{"key":"2024021913301447200_ref20","doi-asserted-by":"crossref","first-page":"685","DOI":"10.15439\/2022F194","volume-title":"Proceedings of the Conference on Computer Science and Intelligence Systems (FedCSIS)","author":"Abid","year":"2022"},{"key":"2024021913301447200_ref21","doi-asserted-by":"crossref","first-page":"12240","DOI":"10.1109\/ACCESS.2018.2812844","article-title":"Rbac-sc: role-based access control using smart contract","volume":"6","author":"Cruz","year":"2018","journal-title":"IEEE Access"},{"key":"2024021913301447200_ref22","doi-asserted-by":"crossref","first-page":"101622","DOI":"10.1016\/j.is.2020.101622","article-title":"Controlled flexibility in blockchain-based collaborative business processes","volume":"104","author":"L\u00f3pez-Pintado","year":"2020","journal-title":"Information Systems"},{"key":"2024021913301447200_ref23","doi-asserted-by":"crossref","first-page":"1594","DOI":"10.1109\/JIOT.2018.2847705","article-title":"Smart contract-based access control for the internet of things","volume":"6","author":"Zhang","year":"2018","journal-title":"IEEE Internet Things J."},{"key":"2024021913301447200_ref24","first-page":"1","volume-title":"Proceedings of the IEEE Global Communications Conference (GLOBECOM)","author":"Yutaka","year":"2019"},{"key":"2024021913301447200_ref25","doi-asserted-by":"crossref","first-page":"6372","DOI":"10.1109\/JIOT.2020.3033434","article-title":"Attribute-based access control for smart cities: a smart-contract-driven framework","volume":"8","author":"Zhang","year":"2020","journal-title":"IEEE Internet Things J."},{"key":"2024021913301447200_ref26","doi-asserted-by":"crossref","first-page":"5943","DOI":"10.1002\/sec.1748","article-title":"Fairaccess: a new blockchain-based access control framework for the internet of things","volume":"9","author":"Ouaddah","year":"2016","journal-title":"Security and Communication Networks"},{"key":"2024021913301447200_ref27","first-page":"39","article-title":"Blendcac: a smart contract enabled decentralized capability-based access control mechanism for the iot","volume":"7","author":"Xu","year":"2018","journal-title":"Comput. Secur."},{"key":"2024021913301447200_ref28","doi-asserted-by":"crossref","first-page":"1793","DOI":"10.3390\/s20061793","article-title":"Exploiting smart contracts for capability-based access control in the internet of things","volume":"20","author":"Nakamura","year":"2020","journal-title":"Sensors"},{"key":"2024021913301447200_ref29","doi-asserted-by":"crossref","first-page":"66792","DOI":"10.1109\/ACCESS.2019.2917555","article-title":"Blockchain for secure ehrs sharing of mobile cloud based e-health systems","volume":"7","author":"Nguyen","year":"2019","journal-title":"IEEE access"},{"key":"2024021913301447200_ref30","doi-asserted-by":"crossref","first-page":"11717","DOI":"10.1109\/JIOT.2021.3058946","article-title":"Fortified-chain: a blockchain-based framework for security and privacy-assured internet of medical things with effective access control","volume":"8","author":"Egala","year":"2021","journal-title":"IEEE Internet Things J."},{"key":"2024021913301447200_ref31","doi-asserted-by":"crossref","first-page":"4","DOI":"10.1109\/TKDE.2005.1","article-title":"A generalized temporal role-based access control model","volume":"17","author":"Joshi","year":"2005","journal-title":"IEEE Transactions on Knowledge and Data Engineering"},{"key":"2024021913301447200_ref32","doi-asserted-by":"crossref","DOI":"10.4324\/9780203081327","volume-title":"Business process management: practical guidelines to successful implementations","author":"Jeston","year":"2014"},{"key":"2024021913301447200_ref33","first-page":"325","volume-title":"Proceedings of the International Conference on Risks and Security of Internet and Systems","author":"Abid","year":"2019"},{"key":"2024021913301447200_ref34","article-title":"Ipfs-content addressed, versioned, p2p file system","author":"Benet","year":"2014"},{"key":"2024021913301447200_ref35","volume-title":"Aes proposal: Rijndael","author":"Daemen","year":"1999"},{"key":"2024021913301447200_ref36","doi-asserted-by":"crossref","first-page":"120","DOI":"10.1145\/359340.359342","article-title":"A method for obtaining digital signatures and public-key cryptosystems","volume":"21","author":"Rivest","year":"1978","journal-title":"Communications of the ACM"},{"key":"2024021913301447200_ref37","doi-asserted-by":"crossref","first-page":"557","DOI":"10.1142\/S0218488502001648","article-title":"K-anonymity: a model for protecting privacy","volume":"10","author":"Sweeney","year":"2002","journal-title":"International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems"},{"key":"2024021913301447200_ref38","first-page":"1162","article-title":"Caterpillar: a business process execution engine on the ethereum blockchain","volume":"49","author":"L\u00f3pez-Pintado","year":"2019","journal-title":"Software: Practice and Experience"},{"key":"2024021913301447200_ref39","first-page":"1","volume-title":"Proceedings of the Tunisian-Algerian Joint Conference on Applied Computing(TACC)","author":"Abid","year":"2021"},{"key":"2024021913301447200_ref40","doi-asserted-by":"crossref","first-page":"187","DOI":"10.1145\/1065545.1065547","article-title":"X-gtrbac: an xml-based policy specification framework and architecture for enterprise-wide access control","volume":"8","author":"Bhatti","year":"2005","journal-title":"ACM Transactions on Information and System Security (TISSEC)"},{"key":"2024021913301447200_ref41","volume-title":"Web3 javascript api to interact with ethereum nodes","author":"Web3"},{"key":"2024021913301447200_ref42","volume-title":"Truffle development environment to compile and deploy smart contracts","author":"Truffle"},{"key":"2024021913301447200_ref43","volume-title":"Sc-gtrbac repo, dryad, dataset","author":"Abid","year":"2022"},{"key":"2024021913301447200_ref44","volume-title":"Sc-gtrbac repo, github","author":"Abid","year":"2022"},{"key":"2024021913301447200_ref45","first-page":"156","volume-title":"Proceedings of the Annual Computers, Software, and Applications Conference (COMPSAC)","author":"Mars","year":"2021"},{"key":"2024021913301447200_ref46","first-page":"9","volume-title":"Proceedings of the IEEE International Workshop on Blockchain Oriented Software Engineering (IWBOSE)","author":"Marchesi","year":"2020"},{"key":"2024021913301447200_ref47","first-page":"254","volume-title":"Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS)","author":"Luu","year":"2016"},{"key":"2024021913301447200_ref48","doi-asserted-by":"crossref","first-page":"67","DOI":"10.1007\/978-1-4842-3081-7_6","volume-title":"Blockchain Enabled Applications","author":"Dhillon","year":"2017"},{"key":"2024021913301447200_ref49","first-page":"337","volume-title":"Proceedings of the the International conference on Tools and Algorithms for the Construction and Analysis of Systems","author":"De Moura","year":"2008"},{"key":"2024021913301447200_ref50","first-page":"618","volume-title":"Proceedings of the IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom workshops)","author":"Dorri","year":"2017"},{"key":"2024021913301447200_ref51","first-page":"206","volume-title":"Proceedings of the IFIP International Conference on Distributed Applications and Interoperable Systems","author":"Maesa","year":"2017"},{"key":"2024021913301447200_ref52","first-page":"1","volume-title":"Proceedings of the IEEE Global Communications Conference (GLOBECOM)","author":"Pinno","year":"2017"},{"key":"2024021913301447200_ref53","doi-asserted-by":"crossref","first-page":"61","DOI":"10.1145\/3180457.3180458","volume-title":"Proceedings of the ACM Workshop on Attribute-Based Access Control (ABAC)","author":"Dukkipati","year":"2018"}],"container-title":["The Computer Journal"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/academic.oup.com\/comjnl\/article-pdf\/67\/2\/407\/56701410\/bxac183.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/academic.oup.com\/comjnl\/article-pdf\/67\/2\/407\/56701410\/bxac183.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,2,19]],"date-time":"2024-02-19T13:35:06Z","timestamp":1708349706000},"score":1,"resource":{"primary":{"URL":"https:\/\/academic.oup.com\/comjnl\/article\/67\/2\/407\/6965939"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,12,30]]},"references-count":53,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2022,12,30]]},"published-print":{"date-parts":[[2024,2,17]]}},"URL":"https:\/\/doi.org\/10.1093\/comjnl\/bxac183","relation":{},"ISSN":["0010-4620","1460-2067"],"issn-type":[{"value":"0010-4620","type":"print"},{"value":"1460-2067","type":"electronic"}],"subject":[],"published-other":{"date-parts":[[2024,2]]},"published":{"date-parts":[[2022,12,30]]}}}