{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,16]],"date-time":"2026-02-16T08:58:36Z","timestamp":1771232316184,"version":"3.50.1"},"reference-count":45,"publisher":"MDPI AG","issue":"11","license":[{"start":{"date-parts":[[2023,11,20]],"date-time":"2023-11-20T00:00:00Z","timestamp":1700438400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Deakin University and the Air Force Office of Scientific Research","award":["FA2386-23-1-4003"],"award-info":[{"award-number":["FA2386-23-1-4003"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Computers"],"abstract":"<jats:p>The Internet of Things (IoT) has recently attracted much interest from researchers due to its diverse IoT applications. However, IoT systems encounter additional security and privacy threats. Developing an efficient IoT system is challenging because of its sophisticated network topology. Effective access control is required to ensure user privacy in the Internet of Things. Traditional access control methods are inappropriate for IoT systems because most conventional access control approaches are designed for centralized systems. This paper proposes a decentralized access control framework based on smart contracts with three parts: initialization, an access control protocol, and an inspection. Smart contracts are used in the proposed framework to store access control policies safely on the blockchain. The framework also penalizes users for attempting unauthorized access to the IoT resources. The smart contract was developed using Remix and deployed on the Ropsten Ethereum testnet. We analyze the performance of the smart contract-based access policies based on the gas consumption of blockchain transactions. Further, we analyze the system\u2019s security, usability, scalability, and interoperability performance.<\/jats:p>","DOI":"10.3390\/computers12110240","type":"journal-article","created":{"date-parts":[[2023,11,20]],"date-time":"2023-11-20T10:32:32Z","timestamp":1700476352000},"page":"240","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":13,"title":["Smart Contract-Based Access Control Framework for Internet of Things Devices"],"prefix":"10.3390","volume":"12","author":[{"given":"Md. Rahat","family":"Hasan","sequence":"first","affiliation":[{"name":"Department of Computer Science and Engineering, Jagannath University, Dhaka 1100, Bangladesh"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9443-937X","authenticated-orcid":false,"given":"Ammar","family":"Alazab","sequence":"additional","affiliation":[{"name":"Centre for Artificial Intelligence and Optimization, Torrens University, Brisbane, QLD 4006, Australia"}]},{"given":"Siddhartha Barman","family":"Joy","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering, Jagannath University, Dhaka 1100, Bangladesh"}]},{"given":"Mohammed Nasir","family":"Uddin","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering, Jagannath University, Dhaka 1100, Bangladesh"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4316-4975","authenticated-orcid":false,"given":"Md Ashraf","family":"Uddin","sequence":"additional","affiliation":[{"name":"School of Information Technology, Deakin University, Waurn Ponds Campus, Geelong, VIC 3125, Australia"}]},{"given":"Ansam","family":"Khraisat","sequence":"additional","affiliation":[{"name":"School of Information Technology, Deakin University, Waurn Ponds Campus, Geelong, VIC 3125, Australia"}]},{"given":"Iqbal","family":"Gondal","sequence":"additional","affiliation":[{"name":"School of Computing Technologies, STEM College, RMIT University, Melbourne, VIC 3001, Australia"}]},{"given":"Wahida Ferdose","family":"Urmi","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering, Jagannath University, Dhaka 1100, Bangladesh"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3192-1000","authenticated-orcid":false,"given":"Md. Alamin","family":"Talukder","sequence":"additional","affiliation":[{"name":"Department of Computer Science and Engineering, Jagannath University, Dhaka 1100, Bangladesh"}]}],"member":"1968","published-online":{"date-parts":[[2023,11,20]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"10250","DOI":"10.1109\/JIOT.2020.2997651","article-title":"An in-depth analysis of IoT security requirements, challenges, and their countermeasures via software-defined security","volume":"7","author":"Iqbal","year":"2020","journal-title":"IEEE Internet Things J."},{"key":"ref_2","unstructured":"Singh, P., and Khari, M. (2023). Internet of Things: Technological Advances and New Applications, Apple Academic Press."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"71","DOI":"10.18280\/rces.090205","article-title":"Low Power Wide Area Network Technologies: Open Problems, Challenges, and Potential Applications","volume":"9","author":"Danladi","year":"2022","journal-title":"Rev. Comput. Eng. Stud."},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"6594","DOI":"10.3390\/su15086594","article-title":"Extending the IoT-Stream Model with a Taxonomy for Sensors in Sustainable Smart Cities","volume":"15","author":"Santos","year":"2023","journal-title":"Sustainability"},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"100860","DOI":"10.1016\/j.iot.2023.100860","article-title":"Blockchain and Internet of Things in Smart Cities and Drug Supply Management: Open Issues, Opportunities, and Future Directions","volume":"23","author":"Malik","year":"2023","journal-title":"Internet Things"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"2330","DOI":"10.3390\/s21072330","article-title":"Application of IoT in healthcare: Keys to implementation of the sustainable development goals","volume":"21","author":"Espinosa","year":"2021","journal-title":"Sensors"},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"1246","DOI":"10.3390\/electronics9081246","article-title":"IoT technology applications-based smart cities: Research analysis","volume":"9","year":"2020","journal-title":"Electronics"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"100006","DOI":"10.1016\/j.bcra.2021.100006","article-title":"A survey on the adoption of blockchain in iot: Challenges and solutions","volume":"2","author":"Uddin","year":"2021","journal-title":"Blockchain Res. Appl."},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Tawalbeh, L., Muheidat, F., Tawalbeh, M., and Quwaider, M. (2020). IoT Privacy and Security: Challenges and Solutions. Appl. Sci., 10.","DOI":"10.3390\/app10124102"},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"280","DOI":"10.1016\/j.iotcps.2023.04.002","article-title":"Ethical hacking for IoT: Security issues, challenges, solutions and recommendations","volume":"3","author":"Yaacoub","year":"2023","journal-title":"Internet Things Cyber-Phys. Syst."},{"key":"ref_11","doi-asserted-by":"crossref","first-page":"3020","DOI":"10.3390\/s23063020","article-title":"Applying Access Control Enabled Blockchain (ACE-BC) Framework to Manage Data Security in the CIS System","volume":"23","author":"Alharbi","year":"2023","journal-title":"Sensors"},{"key":"ref_12","doi-asserted-by":"crossref","first-page":"853","DOI":"10.1007\/s12652-022-04370-2","article-title":"Secure data authentication and access control protocol for industrial healthcare system","volume":"14","author":"Gupta","year":"2023","journal-title":"J. Ambient. Intell. Humaniz. Comput."},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"1901","DOI":"10.3390\/electronics12081901","article-title":"Security and Internet of Things: Benefits, Challenges, and Future Perspectives","volume":"12","author":"Taherdoost","year":"2023","journal-title":"Electronics"},{"key":"ref_14","unstructured":"Vignesh Saravanan, K., Jothi Thilaga, P., Kavipriya, S., and Vijayalakshmi, K. (2023). AI Models for Blockchain-Based Intelligent Networks in IoT Systems: Concepts, Methodologies, Tools, and Applications, Springer."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"103159","DOI":"10.1016\/j.adhoc.2023.103159","article-title":"A Comprehensive Survey on Authentication and Secure Key Management in Internet of Things: Challenges, Countermeasures, and Future Directions","volume":"146","author":"Rao","year":"2023","journal-title":"Ad Hoc Networks"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Mishra, S. (2023). Exploring the Impact of AI-Based Cyber Security Financial Sector Management. Appl. Sci., 13.","DOI":"10.3390\/app13105875"},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"15","DOI":"10.18034\/ajtp.v10i1.659","article-title":"Securing Financial Information in the Digital Realm: Case Studies in Cybersecurity for Accounting Data Protection","volume":"10","author":"Kafi","year":"2023","journal-title":"Am. J. Trade Policy"},{"key":"ref_18","first-page":"29","article-title":"Impact of Controls on Data Integrity and Information Systems","volume":"13","author":"Duggineni","year":"2023","journal-title":"Sci. Technol."},{"key":"ref_19","first-page":"1","article-title":"Enterprise Data Security Measures: A Comparative Review of Effectiveness and Risks Across Different Industries and Organization Types","volume":"6","author":"Bandari","year":"2023","journal-title":"Int. J. Bus. Intell. Big Data Anal."},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Hussein, D., Bertin, E., and Frey, V. (2017, January 7\u20139). Access control in IoT: From requirements to a candidate vision. Proceedings of the 2017 20th Conference on Innovations in Clouds, Internet and Networks (ICIN), Paris, France.","DOI":"10.1109\/ICIN.2017.7899435"},{"key":"ref_21","doi-asserted-by":"crossref","first-page":"237","DOI":"10.1016\/j.comnet.2016.11.007","article-title":"Access control in The Internet of Things: Big challenges and new opportunities","volume":"112","author":"Ouaddah","year":"2016","journal-title":"Comput. Netw."},{"key":"ref_22","first-page":"1","article-title":"Guide to attribute based access control (abac) definition and considerations (draft)","volume":"800","author":"Hu","year":"2013","journal-title":"NIST Spec. Publ."},{"key":"ref_23","doi-asserted-by":"crossref","first-page":"8076","DOI":"10.1109\/JIOT.2019.2920987","article-title":"Blockchain for Internet of Things: A survey","volume":"6","author":"Dai","year":"2019","journal-title":"IEEE Internet Things J."},{"key":"ref_24","doi-asserted-by":"crossref","first-page":"13938","DOI":"10.1109\/ACCESS.2021.3051602","article-title":"Blockchain security attacks, challenges, and solutions for the future distributed iot network","volume":"9","author":"Singh","year":"2021","journal-title":"IEEE Access"},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"1815","DOI":"10.1007\/s11277-020-07947-2","article-title":"Blockchain for IoT access control, security and privacy: A review","volume":"117","author":"Patil","year":"2021","journal-title":"Wirel. Pers. Commun."},{"key":"ref_26","unstructured":"Nayab, A., and Javaid, N. (2023, November 01). An Efficient Distributed Data Communication Framework Using Blockchain for Vehicle-to-Vehicle Communication. Available online: https:\/\/www.researchgate.net\/publication\/334626508_An_Efficient_Distributed_Data_Communication_Framework_Using_Blockchain_for."},{"key":"ref_27","doi-asserted-by":"crossref","first-page":"229","DOI":"10.1016\/j.comcom.2020.02.011","article-title":"Designing secure blockchain-based access control scheme in IoT-enabled Internet of Drones deployment","volume":"153","author":"Bera","year":"2020","journal-title":"Comput. Commun."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Mohsan, S.A.H., Khan, M.A., Noor, F., Ullah, I., and Alsharif, M.H. (2022). Towards the unmanned aerial vehicles (UAVs): A comprehensive review. Drones, 6.","DOI":"10.3390\/drones6060147"},{"key":"ref_29","unstructured":"Ouaddah, A., Elkalam, A., and Ouahman, A. (2017). Europe and MENA Cooperation Advances in Information and Communication Technologies, Springer."},{"key":"ref_30","doi-asserted-by":"crossref","unstructured":"Xu, R., Chen, Y., Blasch, E., and Chen, G. (August, January 30). Blendcac: A blockchain-enabled decentralized capability-based access control for iots. Proceedings of the 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), Halifax, NS, Canada.","DOI":"10.1109\/Cybermatics_2018.2018.00191"},{"key":"ref_31","doi-asserted-by":"crossref","first-page":"126","DOI":"10.1016\/j.cose.2018.06.004","article-title":"Bubbles of Trust: A decentralized blockchain-based authentication system for IoT","volume":"78","author":"Hammi","year":"2018","journal-title":"Comput. Secur."},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"18207","DOI":"10.1109\/ACCESS.2020.2968492","article-title":"Fabric-IoT: A blockchain-based access control system in IoT","volume":"8","author":"Liu","year":"2020","journal-title":"IEEE Access"},{"key":"ref_33","unstructured":"Sivaselvan, N., Bhat, V., and Rajarajan, M. (2020, January 28\u201331). Blockchain-based Scheme for Authentication and Capability-based Access Control in IoT Environment. Proceedings of the 2020 11th IEEE Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON), New York, NY, USA."},{"key":"ref_34","doi-asserted-by":"crossref","first-page":"2067","DOI":"10.1007\/s10586-020-03058-6","article-title":"A decentralized lightweight blockchain-based authentication mechanism for IoT systems","volume":"23","author":"Khalid","year":"2020","journal-title":"Clust. Comput."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"337","DOI":"10.1016\/j.dcan.2022.10.005","article-title":"Smart contract token-based privacy-preserving access control system for industrial Internet of Things","volume":"9","author":"Wang","year":"2023","journal-title":"Digit. Commun. Netw."},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"36452","DOI":"10.1109\/ACCESS.2023.3257027","article-title":"DABAC: Smart Contract-Based Spatio-Temporal Domain Access Control for the Internet of Things","volume":"11","author":"Guo","year":"2023","journal-title":"IEEE Access"},{"key":"ref_37","doi-asserted-by":"crossref","first-page":"4694","DOI":"10.1109\/JIOT.2018.2879679","article-title":"Scalable access management in IoT using blockchain: A performance evaluation","volume":"6","author":"Novo","year":"2019","journal-title":"IEEE Internet Things J."},{"key":"ref_38","doi-asserted-by":"crossref","first-page":"222","DOI":"10.1016\/j.ins.2020.12.035","article-title":"LBAC: A lightweight blockchain-based access control scheme for the internet of things","volume":"554","author":"Qin","year":"2021","journal-title":"Inf. Sci."},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Sultan, A., Mushtaq, M.A., and Abubakar, M. (2019, January 15\u201318). IOT security issues via blockchain: A review paper. Proceedings of the 2019 International Conference on Blockchain Technology, Honolulu, HI, USA.","DOI":"10.1145\/3320154.3320163"},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Alvi, S.T., Uddin, M.N., Islam, L., and Ahamed, S. (2020, January 17\u201319). A Blockchain based Cost effective Digital Voting System using SideChain and Smart Contracts. Proceedings of the 2020 11th International Conference on Electrical and Computer Engineering (ICECE), Dhaka, Bangladesh.","DOI":"10.1109\/ICECE51571.2020.9393081"},{"key":"ref_41","doi-asserted-by":"crossref","first-page":"32700","DOI":"10.1109\/ACCESS.2018.2846779","article-title":"Continuous patient monitoring with a patient centric agent: A block architecture","volume":"6","author":"Uddin","year":"2018","journal-title":"IEEE Access"},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Alvi, S.T., Uddin, M.N., and Islam, L. (2020, January 20\u201322). Digital Voting: A Blockchain-based E-Voting System using Biohash and Smart Contract. Proceedings of the 2020 Third International Conference on Smart Systems and Inventive Technology (ICSSIT), Tirunelveli, India.","DOI":"10.1109\/ICSSIT48917.2020.9214250"},{"key":"ref_43","doi-asserted-by":"crossref","first-page":"100159","DOI":"10.1016\/j.iot.2020.100159","article-title":"Blockchain leveraged decentralized IoT eHealth framework","volume":"9","author":"Uddin","year":"2020","journal-title":"Internet Things"},{"key":"ref_44","doi-asserted-by":"crossref","unstructured":"Sultana, T., Almogren, A., Akbar, M., Zuair, M., Ullah, I., and Javaid, N. (2020). Data Sharing System Integrating Access Control Mechanism using Blockchain-Based Smart Contracts for IoT Devices. Appl. Sci., 10.","DOI":"10.3390\/app10020488"},{"key":"ref_45","doi-asserted-by":"crossref","unstructured":"Zaidi, S.Y.A., Shah, M.A., Khattak, H.A., Maple, C., Rauf, H.T., El-Sherbeeny, A.M., and El-Meligy, M.A. (2021). An Attribute-Based Access Control for IoT Using Blockchain and Smart Contracts. Sustainability, 13.","DOI":"10.3390\/su131910556"}],"container-title":["Computers"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2073-431X\/12\/11\/240\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,10]],"date-time":"2025-10-10T21:26:23Z","timestamp":1760131583000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2073-431X\/12\/11\/240"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,11,20]]},"references-count":45,"journal-issue":{"issue":"11","published-online":{"date-parts":[[2023,11]]}},"alternative-id":["computers12110240"],"URL":"https:\/\/doi.org\/10.3390\/computers12110240","relation":{},"ISSN":["2073-431X"],"issn-type":[{"value":"2073-431X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023,11,20]]}}}