AALMOND

Abstract

Access control (AC) is an important security parameter in industrial networks; a mismanaged AC system leads to security breaches. The existing security solutions significantly consider the AC methods in the Industrial Internet of Things (IIoT); however, falsified identity can bypass the secure AC system. Thus, a centralized AC method leads to risks for data security. We are the first to address the risk factors of granted access in an industrial environment and present a risk-adaptive AC framework for IIoT. Our proposed solution framework uses blockchain to provide secure decentralized AC in the industrial environment with privacy-preserved multiparty data sharing. We name our framework 'adaptive AC for multiparty data computation in industrial decentralization (AALMOND).' AALMOND uses lightweight cryptographic operations to reduce the complexity of the execution and loosen up the tight bounds on resource-constrained industrial devices. Further, the risk-adaptive AC in AALMOND provides a better security analysis of the multiparty sharing data. Our framework uses role-based, attribute-based, and organization-based ACs to map the assets for risk calculation. We put all the required policies in a smart contract for the ease of multiparty data sharing to obtain a transparent AC execution more suitably. We also pioneer in the calculation of the risk adaptivity of AALMOND considering the National Institute of Standards and Technology recommendations of operation risk, security risk, and heuristic risk. We measure the performance of AALMOND with state-of-the-art frameworks based on throughput, latency, complexity analysis, and risk adaptivity factors. We find that AALMOND is efficient for IIoT as it shows 24% reduced latency and 20% better throughput as compared to the other existing models.