Dr. Mohamed Taha Abd El-Fatah Taha Abd Allah :: Publications:

The purpose of this article is to propose a framework named IoT-AC/Bc to secure smart cities. This article describes a new method that integrates Role-Based Access Control (RBAC) and Zero-Knowledge Proof (ZKP) models based on IoT and blockchain technologies. This method enables fast access authentication on smart city gates using ZKP, which provides an extra layer of security to address access control challenges. The framework consists of an Internet of Things Access Control-based Blockchain Smart Contract that manages user authentication, access session identities, and asset real-time interactions; and a Blockchain Ledger Management Smart Contract that implements distributed access control and tracks the ledger history of different activities. The framework achieves availability, scalability, multi-factor authentication, and decentralization, which strengthens distribution, role authority, access rights, and concurrent identity access requests. The results are demonstrated through a comparative analysis focused on the number of multithreaded requests, the cost of smart contract deployment, the multi-factor authentication performance for users’ interactions with the smart city gates, and the security strength levels. The framework’s performance effectiveness is evaluated through a case study that consists of various scenarios. The framework allows improving the security level by 94% under low and medium attack strength and 89% under high attack strength for 18 security attacks. This paper is novel because the framework uses ZKP over a blockchain network as an extra cryptographic technique with RBAC as a logical access control model to achieve fast accessibility authorization for users’ transactions while preserving their private identity on smart city gates.