Enabling Opportunistic Users in Multi-Tenant IoT Systems using Decentralized Identifiers and Permissioned Blockchains

In this work, we leverage advances in decentralized identifiers and permissioned blockchains to build a flexible user authentication and authorization mechanism that offers enhanced privacy, achieves fast revocation, and supports distributed "policy decision points" executed in mutually untrusted entities. The proposed solution can be applied in multi-tenant "IoT hubs" that interconnect diverse IoT silos and enable authorization of "guest" users, i.e., opportunistic users that have no trust relationship with the system, which has not encountered or known them before.
Comment: Proceedings of the 2nd International ACM Workshop on Security and Privacy for the Internet-of-Things