1. Introduction
Internet of Things (IoT) is a disruptive technology that resulted from the progress in sensor, communication, and embedded systems. It is a global network spawned from the evolution of the wireless sensor network [
1]. IoT is a fully decentralized and heterogeneous system that has raised serious concerns about security and privacy. IoT architecture is composed of a perception layer responsible for the real-time collection of data from the environment. It is primarily realized using one or more ubiquitous sensors. The network layer is responsible for connecting the perception layer to the global Internet. In the context of fog/edge computing, this layer can also process and store data before sending it to the cloud server. The third layer is the application layer that processes, stores, and interprets data for subsequent actions [
2].
Fog computing is a distributed computing system that has been advocated to address the shortcomings of cloud computing. The system, as depicted in
Figure 1, is composed of end devices, fog nodes, and cloud servers. In the lower layer, the end devices/nodes represent many tiny and cheap devices (ranging into the billions) responsible for sensing and actuating. Fog devices that are in the middle layer have computation and storage resources larger than end nodes. They also connect end devices to the cloud servers. The number of end devices in this layer is a few thousand. Finally, the top layer represents the cloud servers with extensive computing and storage capabilities. They are used to run heavy data analytic algorithms.
To harmonize fog computing and to ensure the interoperability of hardware and software, IEEE has adopted the openfog reference architecture [
3]. This latter is articulated around four pillars: data analytics, IT business and cross fog applications and control, performance, security, and manageability.
Parallel to the fog computing paradigm, dew and multi-access edge computing (MEC) were advocated to address the shortcomings of cloud computing. The dew-cloud architecture comprises a perception layer (sensors and actuators), a dew-server, and a cloud server [
4]. The MEC is a computing paradigm proposed by the European Telecommunications Standards Institute (ETSI) that aims to bring cloud services near to the edge of the cellular network for context-aware applications [
5].
IoT security has been identified by many scholars as a major concern for its effective widespread use [
6] that has led IoT security shield to receive tremendous attention from the Defense Advanced Research Projects Agency (DARPA). In addition, ten research themes in IoT were identified by [
7]. These themes have been clustered in three groups: security for end nodes; adaptive and context-aware security; and cognitive IoT security. As a reaction, some recent papers investigated the potential of machine learning (ML), artificial intelligence (AI), and blockchain to address the security issue in IoT [
8].
Several attacks in wireless sensor networks (WSNs) were classified according to the following categories: selective forwarding attack, sinkhole attacks, wormhole attacks, Sybil attacks and man-in-the-middle attacks [
9]. Furthermore, many types of attacks on IEEE 802.15.4 standards were attributed to three main groups, namely stenography attacks, message manipulation attacks, and radio jamming attacks. In [
10], attacks were first classified according to the security goals that they wish to hit such as availability, integrity, and confidentiality. Then, the threats of information security were considered in the attack classification, namely: network attacks, host attacks, and application attacks. The most relevant attacks in IoT systems are listed in [
11], namely: end device attacks, communication channel attacks, network protocol attacks, sensory data attacks, Dos attacks, and software attacks. It is obvious that attacks in the IoT domain can lead to disastrous consequences, for instance, hackers in one country can remotely gain unauthorized access to traffic light controllers and alter the traffic flow for their benefit [
12]. In 2017, a ransomware attack on the colonial pipeline system in the US caused a huge economic loss and disrupted the fuel supply [
13]. The ransomware attack is a very profitable cyberattack as victims have to pay the ransom money in exchange for the release of hijacked ICT resources or personnel data [
14]. Ransomware is a new generation of ransom attacks targeting wearable devices. Whatever the type of attack, it invades security services such as authenticity, integrity, confidentiality, and availability. These services can be protected using security mechanisms such as access control. This latter encompasses two phases, namely: the authentication and the authorization.
The authorization phase represents the process that specifies who can access particular resources and under which conditions. This represents an effective solution to prevent illegal access to IoT resources, such as smart devices and data. Traditional access control approaches are unable to give an effective mechanism to encounter the requirements of IoT systems. Additionally, most of these approaches use a centralized authorization server, which may generate an important communication overhead and involve high latency. In addition, using a single centralized authorization server that treats all access control requests can lead to a single point of failure (SPOF). To address these issues, many researchers used blockchain technology. This represents a P2P system that manages a distributed ledger. This latter can be used to store agreements, transactions, events, and smart contracts. The emergence of blockchain technology permitted the users to benefit from its properties, such as immutability, decentralization, anonymity, and confidentiality. Several surveys on the use of blockchain technology in access control were proposed. These papers did not present a deep analysis of the proposed solutions. Furthermore, none of these surveys mentioned in detail the phase of access control taken into consideration. Some of them presented the use of blockchain technology in several IoT applications but not, especially in access control. Additionally, most of these works neglected the existence of three categories of comparison criteria: some relating to blockchain technology, others relating to access control itself, and the last category that is concerned with the implementation and evaluation metrics. All the points mentioned above are motivating factors for the presentation of this work.
The main contributions of this paper are the following:
A provision of a deep analysis of existing surveys on access control solutions that used blockchain technology to address the trusted third party (TTP) issue in an IoT environment.
A background on access control and blockchain technology is presented to explain the importance of their combination to eliminate the use of a trusted third party (TTP) in an access control solution.
A classification of the existing blockchain-based access control solutions according to their nature into two categories, namely: fully decentralized and partially decentralized.
Recent blockchain-based access control frameworks are also classified according to the IoT applications. The analysis of these works according to the domain of application makes it possible to specify the outcomes of each domain.
Blockchain-based authorization solutions are also analyzed according to certain criteria that we judge important.
Open challenges that need to be addressed when designing blockchain-based access control solutions for IoT applications are also discussed.
This paper is structured as follows.
Section 2 presents the recent surveys on blockchain-based access control solutions in IoT environments.
Section 3 gives a brief background on the access control mechanism.
Section 4 presents the blockchain technology and how it can be used in access control. Several works that deployed the blockchain concept in access control were also discussed in
Section 4.
Section 5 presents the most recent blockchain-based access control frameworks proposed in different IoT applications. Blockchain-based authorization solutions are analyzed in
Section 6. Discussion and open issues are presented in
Section 7. Finally,
Section 8 concludes the paper.
2. Related Works
Numerous reports have discussed access control techniques. In this section, surveys pertaining to IoT, cloud computing, and wireless sensor networks (WSNs) are considered.
Table 1 gives a brief description of the contribution and limitations of these survey papers.
Maw et al. [
15] proposed a taxonomy for the classification of access control models used in WSN. The taxonomy clustered the schemes into three classes: role-based, cryptography-based, and privacy-preserving-based access control techniques. They further elaborated on two metrics to compare the access control schemes: the first metric is based on the feature of the scheme (support for data/user privacy, flexibility, support for emergency data access, granularity, and context sensitivity), whereas the second one is based on the implementation performance. This includes computational overhead, energy consumption, and memory requirement.
Cloud computing is a paradigm shift in ICT (information and communication technology). It is a model in which computing resources (storage, network, services, servers, and applications) are shared among geographically distributed users or tenants. There are four categories of cloud computing: private, community, public, and hybrid. The positive and negative aspects of each model are discussed in Stalling and Brown, [
22]. Cloud computing brought new challenges to legacy access control techniques [
23]. The survey work of Cai et al. [
16] discussed the subsequent models for access control: task-based, action-based, attribute-based, usage-based, and encryption-based access control methods. They further compared those models based on ten metrics: security, confidentiality, the flexibility of authorization, minimum privilege, separation of duties, fine-grained control, cloud environment attributes, constraints description, compatibility, and expansibility. At length, the authors identified the security of the virtual server, data set, and cloud platform.
The Internet of Things, IoT, is an emerging technology that connects objects, sensors, humans, machines, and living things using an all-IP network [
24]. IoT is a disruptive technology that ignited the fourth industrial revolution, commonly known as Industry 4.0 or IIOT (Industry IoT). IoT has also been used in healthcare, transportation, agriculture, smart-city, retail, etc. Security of the IoT has received considerable attention from multiple stakeholders [
25]. The legacy access control techniques (RBAC, CapBAC, and ABAC) are unfit for IoT [
24]. To remedy this issue, blockchain-based access control has been proposed as a suitable candidate for IoT. In [
17], Rouhani and Deters analyzed the issues of current access control solutions and explained how blockchain technology can handle these problems. Moreover, they classified the existing proposed solutions according to the following categories: transactions and smart contract category; data sharing category; cloud federation category; multiple organization category; blockchain category; and self-sovereign identities category. The authors also studied the application domain as well as the blockchain platform used in each solution.
In [
18], Riabi et al. proposed a comprehensive review of the existing blockchain-based access control solutions. They classified these works into two categories, namely: transaction-based access control and smart-contract-based access control. They focused their comparison only on blockchain criteria: transaction or smart contract. Furthermore, the authors did not specify the access control phase for which the blockchain technology is used. Finally, Riabi et al. did not give information about the evaluation and implementation of their solutions.
A review paper on blockchain-based authorization in IoT was presented in Patil et al. [
19]. Several categories were used in this article to classify recent works, namely the attribute-based access control (ABAC) category, the fair access category, the distributed access control category, distributed key management category, token-based access control category, control chain category, attribute update oriented access control category, ripple protocol consensus algorithm (RPCA)-based authorization category and multiple smart contracts-based authorization. In this paper, the authors give some other use cases of blockchain technology such as vehicular ad hoc networks (VANETs), healthcare, and supply chain applications.
In [
20], Hussain et al. presented a survey on recent blockchain-based access control schemes. They used two groups to classify these solutions. The first group is concerned with access control based on blockchain transactions. The second one is relative to the solutions that used the smart contract technology. Additionally, the authors give the positive and negative aspects of each solution while defining its level of security. The implementation criterion was also taken into consideration in this survey.
The recent work of Shantanu et al. [
21] summarized the advantages of blockchain-based access control and compared recent works using five features: permission enforcement, access rights transfer, resource management, scalability, and attribute management. The authors reported that further work is needed in standardization, policy, identity, and trust management.
After a deep analysis of
Table 1, it is clear that most of the existing survey papers presented a taxonomy of the blockchain-based access control solutions. This taxonomy is concerned with two different concepts, namely: blockchain technology and access control itself. Blockchain technology has its criteria that permit us to evaluate the effectiveness of the access control model. To illustrate, it is suitable to give the example of two blockchain-based access control solutions, one only using transactions for the creation of security policies and the management of access requests. The second one uses a smart contract with transactions. This last combination makes it possible to reduce the response time to an access request because it eliminates the search for security policies on the blockchain. On the other hand, access control has its criteria that can influence the effectiveness of the solution. For instance, the choice of access control model influences the efficiency of the solution. When taking the case of the RBAC model, its inadequateness for a distributed and large-scale environment such as the IoT is detectable. It is fair to say that a survey on blockchain-based access control solutions must consider all the necessary criteria relative to both blockchain technology and the access control process. This assumption will be highlighted and discussed in this article.
6. Analysis of Blockchain-Based Authorization Frameworks for IoT
Numerous blockchain-based authorization solutions were presented in the literature. A review is provided in this subsection about existing solutions along with an analysis according to three groups of criteria defined in
Table 2. The first group is related to criteria regarding blockchain technology. In particular, Cr1, Cr2, Cr3, and Cr4 are identified. While the second group encompasses the criteria that are related to access control, namely Cr5, Cr6, and Cr7. At last, the third group contains two general criteria that are: Cr8 and Cr9.
- 1.
Cr1: number and type of the blockchain
After a deep analysis of the blockchains used in the proposed access control solutions (summarized in
Table 3, it can be stated that no solution used a public blockchain. Some authors deployed a private one in [
27,
34,
36,
41,
44,
49,
52]. In parallel, others used a consortium blockchain in [
37,
42,
57,
58,
61,
68]. This choice of type is determined by the nature of the information relating to the access control process. This information is generally confidential and sensitive, with an obligation of not being publicly accessible. Regarding the number of the blockchains, the authors in [
37] employed a hierarchical blockchain architecture to ensure good scalability, high throughput, and less transaction latency. In [
52], Hussein et al. used two blockchains, namely policy chain and data chain. Conclusively, it is safe to estimate that the choice of the type of blockchain is related to the nature of the stored data. Furthermore, using two different blockchains one for data and one for policy, can accelerate the search operation and improve the blockchain management.
- 2.
Cr2: type of consensus algorithm used in the blockchain
Several existing frameworks have adopted different consensus algorithms to validate blocks (summarized in
Table 4). In [
27], Sun et al. used the distributed proof of stake (DPOS) algorithm, which guarantees high levels of scalability. Above that, it offers a fast “delegated” voting system. Unfortunately, the DPOS algorithm can expose the blockchain to issues related to the voting approach. For instance, DPoS users with small stakes may decide that their vote has no significance compared to the votes of larger stakeholders.
In [
40,
43], the authors used the proof of work (PoW) algorithm despite the fact that there is the strong requirement of a large computational capacity leading to large consumption of energy. In [
37,
44,
48], the practical Byzantine fault tolerance (PBFT) algorithm was used. This algorithm offers high processing transactions with low latency. In [
52], Hussein et al. used the proof of authority (PoA) algorithm that can be considered as a recent family of Byzantine fault tolerant (BFT) consensus algorithms that work on private blockchain. PoA is known as a lighter message exchange algorithm because it improves the performance and the scalability of the system compared to traditional practical Byzantine fault tolerance (PBFT).
In [
41], Islam and Madria did not use one of the familiar consensus algorithms, yet there was a deployment of an endorsement policy wherein the data owner specifies the identity of all endorsing peers using a configuration transaction. Therefore, these findings can help judge that choosing an efficient consensus algorithm is an issue that needs to be addressed. For this purpose, several criteria must be evaluated, namely energy consumption, computing capacity, scaling, and latency.
- 3.
Cr3: smart contract and number of contracts
After a deep analysis of the proposed solutions (summarized in
Table 4), it is clear that some authors only used transactions in the blockchain [
36,
44,
52]. These transactions can be of different types according to their functions such as access transaction, update transaction, and add transaction. In [
52], Hussein et al. used two blockchains to reduce the transaction’s research time. For this purpose, they used two different types of transactions, namely policy transactions and data transactions. Some others combined smart contract technology with transactions to achieve an effective blockchain-based access control system. The difference in these solutions depends on the distinction of smart contracts number.
In [
34], Novo used one smart contract in which all the operations allowed in the system were defined. These operations are triggered by blockchain transactions. This solution is problematic for the reason that the manager who controls the contract can be a malicious user. In [
41], Islam and Madria used a single smart contract where they implemented the policy evaluation. They divided security policies into two categories, meta-policies which are immutable, having the power to define who can modify or delete a security policy. In addition, the authors defined security policies, which are based on the ABAC model. These policies are stored in the blockchain using transactions. In [
42], Zhang et al. proposed a system where a chain code is used on authority nodes. This solution consists of transactions being used to invoke the chain code to record the access information and transfer the access control decision to the requester. In [
46], Zhai et al. deployed one smart contract on the blockchain to improve decision-making efficiency. In [
56], Dukkipati and Zhang deployed one smart contract to verify the user’s policy but they used an external database system to store security policies. These solutions can lead to policy manipulation attacks. In [
27,
37,
40,
48], several smart contracts were used.
In conclusion, it can be notable that smart contracts are faster, simpler, and have reduced system administration. Although they have several advantages, they are still prone to problems. For instance, an error in the code can be expensive to correct and consume a lot of time. Hence, to propose a blockchain-based access control, there is a high chance of confronting certain issues, such as choosing to use an intelligent contract with transactions or only limiting ourselves to transactions. In addition, it is necessary to know the number and the content of these smart contracts.
- 4.
Cr4: the blockchain platform
Blockchain technology can be used in different ways. The first implemented blockchain was Bitcoin [
30]. It used several features such as cryptography, peer-to-peer network, and the PoW as a consensus algorithm. In 2013, a Bitcoin developer named Vitalik Buterin built the Ethereum platform [
70], where the main goal was to make the development of decentralized applications easier. The Ethereum platform uses Solidity language to implement smart contracts. To take advantage of the robustness of the Bitcoin network, a new open source platform has been developed; this is the Rootstock blockchain. The latter uses the merge mining principle.
On the other hand, the Linux foundation proposes the hyperledger blockchain [
70]. Several projects are handled such as hyperledger fabric and hyperledger caliper. The first one is used to implement applications and solutions with modular architecture. Additionally, the hyperledger caliper permits the evaluation of the performance of a blockchain implementation using some predefined use cases.
Table 5 summarized the different works with their blockchain platforms. It can be stated the Ethereum platform is the most used one.
- 5.
Cr5: Access control nature:
In
Section 4, a brief description of the recent blockchain-based authorization solutions is provided. These solutions were classified according to their access control nature, namely fully decentralized and partially decentralized.
Table 6 summarizes these works. Significantly, the fully decentralized category encompasses token-based, policy-based, cryptography-based, and the hybrid-based architectures. The hybrid solutions combined the policy-based architecture and the cryptography-based one. It can also combine token-based and policy-based architectures.
Apparently, in [
48], Ali et al. combined the policy-based architecture with a permission delegation mechanism. This last solution is considered as fully decentralized authorization due to several entities participating in the authorization steps, namely policy creation, policy validation, and permission delegation. Moreover, the partially decentralized category includes the token-based, policy-based, and token and cryptography-based architectures. Hence, in essence, ensuring a fully decentralized access control solution can require guaranteeing decentralization at all phases of the authorization step, regardless of the chosen architecture.
- 6.
Cr6: Access control phases
Some authors proposed solutions taking into consideration both phases in parallel. Others, however, were limited to a single phase. In [
50], Vangala et al. only focused on the authentication phase in the smart farming environment without managing the authorization step, and merely using the elliptic curve cryptography (ECC) to ensure authentication at two levels: device-to-device (D2D) authentication and device-to-gateway (D2G) authentication.
In [
35,
39,
44,
46,
57,
62], the authors proposed schemes that manage the authentication and the authorization phases at the same time. Both steps are deemed to be important to ensure system security. Proposing a solution that considers both steps at the same time is a positive point. However, this issue is difficult to manage because it is necessary to know how to combine the most effective methods of the two phases while guaranteeing the security requirements of a distributed and large-scale environment such as the IoT.
- 7.
Cr7: Access control models
A policy-based authorization and access control model is necessary to encapsulate security policies. Analyzing the policy-based authorization solutions presented recently (summarized in
Table 7) showed that a large number of these solutions adopted the ABAC model [
37,
41,
42,
46,
56,
68,
69]. Although the ABAC model is more flexible and scalable than other access control models, a few disadvantages in a dynamic environment require real-time access control such as IoT. To overcome the issues that an ABAC model can face in this type of environment, an efficient multi-Level security attribute-based access control scheme was presented in [
71]. Additionally, the RBAC model was adopted in [
27], where the scheme builds a user role table to locate users. Following this procedure, the authors were able to extend the general RBAC model to be able to provide secure and fine-grained access control.
In [
72], Ameer et al. noticed that each IoT application domain has challenges to consider when choosing the access control model. For this reason, the HABAC model was proposed, which was an attribute-based access control model which was especially designed for a smart home context. To conclude, the choice of an adequate access control model remains an issue to be addressed since it depends on several factors such as the application’s domain, the nature of the environment, and its security requirements.
- 8.
Cr8: Domain application
In
Section 5, the existing blockchain-based access control solutions were classified according to the domain applications, namely: smart farming, smart health, intelligent transportation systems, smart grids, and Industry 4.0. A deep analysis of the recent solutions, reveals that access control in smart farming has not been widely considered by current researchers. In fact, two related works have recently been proposed. Consequently, there are insufficient research resources. Moreover, the authors in [
49] proposed a blockchain-based solution managed by an administrator. This last point allows us to estimate that it is a solution close to traditional centralized access control approaches. Furthermore, Vangala et al. in [
50] focused only on the authentication phase. In summary, as mentioned above, this field of application requires further in-depth studies on its security needs to move towards an adequate access control solution.
Regarding the E-health applications, it cannot be denied that several works have been proposed in this field. Indeed, a recent survey was presented in [
51], wherein Sookhak et al. proposed a taxonomy of the different blockchain-based access control solutions. Furthermore, it is safe to assert that the attention for this domain application can also be due to the health situation that the world has been experiencing in the last three years. Additionally, it may be due to the sensitive nature of medical data as malicious access can cost human lives.
Concerning smart transportation systems, most blockchain-based access control solutions targeted the smart parking issue. Dukkipati and Zhang in [
56] proposed a blockchain-based access control model in which they tried to minimize the number of security policies. To validate their solution, they took into consideration the scenario of a security policy that permits the sharing of information about parking slots, traffic signals flow between two signals. Furthermore, in [
57,
58], the authors focused on the smart parking scenario.
After analyzing smart grids access control schemes, it is notable that the cryptography is largely used [
59,
60,
61,
62]. In [
60,
61], the authors proposed a cryptography- and policy-based solution. In [
62], Nasser et al. used elliptic curve cryptography (ECC).
Finally, regarding Industry 4.0 applications, different access control solutions were proposed. In [
68,
69], the authors presented a policy-based access control. In both solutions, the scheme was based on the ABAC model and used multiple smart contracts. In [
63], Wan et al. used the ECC to ensure data privacy. In [
67], Lahbib et al. intended to guarantee the requester’s anonymity. For this purpose, they used ring signatures. Therefore, it is possible to say that each IoT domain has its relative security requirements. These must later be identified before designing the authorization solution.
- 9.
Cr9: Implementation of the solution and evaluation criteria
In [
34], Novo implemented a proof of concept (PoC) prototype of the proposed solution evaluating the influence of the new management hub on system scalability and performance. The author used the Ethereum blockchain with a single smart contract implemented with solidity language. The latency of access control operations was also evaluated, and the throughput in the management hub using different scenarios.
In [
36], Algarni et al. did not implement the proposed solution, they left this step for future work. There is also an intention to resolve the big header size issue. In [
37], Abdi et al. performed simulations of the proposed solution by using the Hyperledger Fabric blockchain platform. Additionally, the Golang language was used to implement smart contracts. The authors used the Hyperledger Caliper to evaluate the performance of their solution. For this purpose, they calculated the transaction latency and transaction throughput. In [
39], Xu et al. implemented a proof of concept prototype of the proposed scheme BlendCAC. The Ethereum blockchain with Solidity language was employed in this procedure to implement the smart contract. As hardware equipment, the authors adapted two Raspberry Pi 3, two laptops, and four desktops. The mining process was performed by laptops and desktops while the two raspberry Pi 3 played the role of client and service provider, respectively. Furthermore, the authors evaluated the computational and communication overheads of the proposed solution. As a result, the BlendCAC scheme seems to have less processing time than the RBAC and ABAC models. Additionally, a small amount of overhead was introduced by the BlendCAC scheme. The authors believe that it can be improved if the scheme will be implemented on more powerful smart devices.
In [
40], Zhang et al. provided a case study to show the application of the proposed solution in the IoT. As hardware, they used one desktop computer, one laptop, and two Raspberry Pi 3 Model B. Furthermore, the procedure consisted of employing the Ethereum blockchain and the Solidity programming language to implement smart contracts. The number of gas required to deploy the three smart contracts was evaluated. Parenthetically, the gas is a unit used in the Ethereum platform to measure the capital cost to execute a smart contract. Furthermore, the authors calculated the average time required to deploy the three smart contracts.
In [
41], the proposed access control system was fully implemented. First, Islam and Madria developed an IoT test-bed. Afterward, they implemented the blockchain network in Hyperledger Fabric v1.3. The evaluation of the proposed solution shows that it can treat access control requests of IoT resources faster than the public blockchain and that using the optimum parameter values (block size: 20 and 40 transactions per second, block timeout = 1 s).
In [
43], Nakamura et al. implemented the capability, delegation graph, and the token’s creation, delegation, revocation, and verification functions. They used one MacBook Pro, one MacBook Air, and two Raspberry pi as hardware. The evaluation of the proposed solution is based on a private Ethereum blockchain. Nakamura et al. evaluated the gas consumption of the proposed scheme in the case of token creation, token delegation, and token revocation. Furthermore, they compared the obtained results to those obtained by the BlendCAC scheme [
39]. The experimental results have shown that the proposed solution needs less gas than the BlendCAC scheme. In conclusion, the implementation of the proposed solution can be estimated as the unique point that allows us to validate the proposal and this is after the definition of the most important criteria that need to be evaluated.
This section is dedicated to a comparison between this work and the studies previously summarized in
Section 2. This comparison is based on some criteria deemed important (illustrated in
Table 8). In addition, an in-depth analysis of recent blockchain-based access control solutions (carried out in
Section 6) also consisted of using the same criteria.
Table 2 illustrates a brief description of each criterion. In [
15], Maw et al. satisfied the Cr5 and the Cr9 criteria while Rouhani and Deters in [
17] took into consideration the Cr3, Cr5, and the Cr8 criteria. Moreover, it is shown that in [
16,
18,
19] authors took into account only one criterion: Cr5, Cr3, and Cr1, respectively. Furthermore, Hussein et al. [
20] managed Cr3 and Cr9 criteria. Furthermore, it can be noticed that none of the previously cited comparison criteria was managed by Shantanu et al. [
21]. Finally, According to this analysis, it is clear that only our work took into account all these comparison criteria.
This section includes an analysis of the recent blockchain-based access control models in the IoT environment. This analysis is based on three categories of criteria deemed important. The first group deals with the criteria relative to the blockchain technology whereas the second group encompasses the criteria that are concerned with the access control mechanism. The last group is defined as general feature criteria such as domain application and implementation. Adding on that, this paper provided a comparison between the presented content and the related work papers, and this comparison showed that only this work took into consideration the three categories of criteria.