Enabling Opportunistic Users in Multi-Tenant IoT Systems using Decentralized Identifiers and Permissioned Blockchains

Abstract: In this work, we leverage advances in decentralized identifiers and permissioned blockchains to build a flexible user authentication and authorization mechanism that offers enhanced privacy, achieves fast revocation, and supports distributed "policy decision points" executed in mutually untrusted entities. The proposed solution can be applied in multi-tenant "IoT hubs" that interconnect diverse IoT silos and enable authorization of "guest" users, i.e., opportunistic users that have no trust relationship with the system, which has not encountered or known them before.