Executive Summary : | The increasing use of Internet of Things (IoT) in various sectors like Vehicle to Everything (V2X), Industrial IoT (IIoT), smart Health, and smart Grid has led to a need for secure and efficient access control mechanisms for the security and privacy of critical resources. Traditional access control mechanisms, which rely on a trusted third party to manage access permissions, are becoming ineffective due to their reliance on a central authority. Blockchain-based access control systems, on the other hand, offer a decentralized approach, allowing a distributed network of nodes to manage access permissions and maintain a tamper-proof record of access activity. This approach enhances security and reduces the risk of a single point of failure. However, current blockchain-based access control systems face significant limitations, such as high energy consumption, reduced dynamicity, difficulty in transitive delegation, and high latency. To address these issues, a refined Role-Capability-based hybrid access control mechanism will be implemented, allowing fine-grained allocation and transitive delegation of access capabilities using smart contracts. This decentralized access control mechanism can be customized with adaptable administrative restrictions, accommodating the dynamic features of IoT networks like V2X and IIoT. Additionally, the system will ensure interoperability among IoT networks by considering the underlying data structure and consensus protocols. |