Publication
With the improvement of Internet of Things (IoT) technologies, services, and applications, there is a proliferation of access to smart devices in everyday life. However, granting access and controlling access rights for each resource is challenging in highly dynamic and large-scale IoT deployments. In particular, multiple access information may need to be provided to an entity when granting access rights to several resources. The situation becomes more complex when an entity is required to share its identity attribute to receive the access information. These raise the question of what identity information an entity needs to provide to obtain the required access to a particular resource and, subsequently, what access information needs to be provided when accessing that resource. That said, there is a need for a flexible approach where an entity can share a distinct identity and access attributes for accessing a resource without revealing additional information. Such flexibility in sharing information is significant given the privacy risk of an entity's identity. This paper presents an architecture that delivers access rights to an entity with selective disclosure of information. Our approach ensures the minimum exchange of information (identity and access attribute) to enhance an entity's privacy when granting access rights to an entity. We use blockchain to provide data authenticity (i.e., tamper-proof), transparency and automatic execution of access rights based on shared attributes using smart contracts. We implement a proof of concept of the proposed system using Hyperledger fabric as a permissioned blockchain network. Our results demonstrate the feasibility of the proposed system showing efficiency in granting access rights.