傳統以服務商為中心的IOT管理系統在實際使用上因服務商的不可控性而產生許多已知的安全、用戶隱私與交易公平性等疑慮。因此，IOT管理系統的其中一個發展趨勢是將權限與隱私的管理歸還給使用者自行決定管理，也就是分散式自主管理方式，因而消弭服務商不透明的管理方式所造成的不可信任風險。但自主管理方式在授權憑證設計、公平交易機制、硬體建置成本與雙重支付問題上需有配套的完整解決方案。

因此，我們針對上述問題提出一套授權交易系統應用區塊鏈技術並結合我們之前研究的分散式物聯網的權限自主管理的UREKA架構。我們的方法無需改變分散式權限管理系統的設計，而應用區塊鏈智慧合約技術進行額外的授權交易與交易監督。此方法可兼具分散式系統的隱私、安全保護，以及區塊鏈系統的可信任交易。讓IOT系統在隱私、安全與可信任的前提下能實現資料與服務的自主授權交易。

此外，我們的系統特色是物聯網裝置無需有網路連線功能，因此無需昂貴的網路連線硬體。使用者可透過自身持有的行動裝置做為傳遞中介，向區塊鏈申請並下載加密的授權票（U票）證明使用權，然後用近距離傳輸給目標裝置查驗並執行，而後將裝置上的執行結果（R票）由裝置簽名加密再透過使用者回傳區塊鏈結算。

此創新的物聯網裝置自主權限交易管理系統，不只大大降低了IOT裝置的硬體建置成本並增加裝置的可佈署位置的彈性，更重要的是為自主管理系統提供可信任的對外授權交易。

The traditional service provider-centric IoT management systems contain many open issues on system security, user privacy, and there are no transparent and fair transaction dispute resolution processes. These issues occur mainly because no proper authorities can monitor service providers. Therefore, the one of trends is to develop distributed user-self-sovereign IoT access management systems and let users manage their own IoT devices. However, more concrete methods are required to realize the access authorization process, establish a fair transaction system, construct economic hardware devices.

Therefore, we propose in this paper a transaction management solution that integrates blockchain smart contract technology along with the distributed UREKA IoT architecture, we have previously developed. The smart-contract transaction system is built on top of the existing distributed IoT system. Our method leverages the privacy and security protection scheme of the UREKA architecture, but establish additional trustable transactions on the blockchain. The proposed design provides a feasible solution to realize the self-sovereign requirements. It allows IoT device owners and users to independently manage access controls of their devices and data of transactions under the premise of privacy, security, and trust.

A unique feature of our proposed design is that our target IoT devices require no internet connection capability and hence eliminate expensive Wi-Fi hardware components and significantly reduce device cost. A user can conveniently use any mobile device as an intermediary, request and retrieve an encrypted access authorization ticket (U-ticket) from the target device owner from the blockchain, and then transfer the U ticket to the target device for verification and access. The execution result of the access is encrypted by the device signature and compiled as an R-ticket to submit to the blockchain smart contract by the user to complete the access transaction.

This innovative IoT-device-access transaction system not only dramatically reduces the IoT device cost, energy consumption, increases the flexibility of the device deployable location, but, most importantly, provides a trustable access transaction method for the distributed self-sovereign IoT management infrastructure.

1. Ruj, Sushmita, Milos Stojmenovic, and Amiya Nayak. "Privacy preserving access control with authentication for securing data in clouds." 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012). IEEE, 2012.
2. Benazzouz, Yazid, et al. "Sharing user IoT devices in the cloud." 2014 IEEE world forum on internet of things (WF-IoT). IEEE, 2014.
3. Maesa, Damiano Di Francesco, Paolo Mori, and Laura Ricci. "Blockchain based access control." IFIP International Conference on Distributed Applications and Interoperable Systems. Springer, Cham, 2017.
4. Nakamoto, Satoshi, and A. Bitcoin. "A peer-to-peer electronic cash system." Bitcoin.–URL: https://bitcoin. org/bitcoin. pdf (2008).
5. Douceur, John R. "The sybil attack." International workshop on peer-to-peer systems. Springer, Berlin, Heidelberg, 2002.
6. Exosite, L. L. C. "BlockQuick: Super-Light Client Protocol for Blockchain Validation on Constrained Devices."
7. Yuan, Yong, and Fei-Yue Wang. "Towards blockchain-based intelligent transportation systems." 2016 IEEE 19th International Conference on Intelligent Transportation Systems (ITSC). IEEE, 2016.
8. An introduction to ethereum smart contracts. [Online]. Available：
http：//solidity.readthedocs.io/en/develop/introduction-to-smart-contracts.html
9. Y.-C. Yang, R.-S. Tsay “Ureka: A User Self-managed IoT Access System based on Blockchain Smart-Contract Technology and P2P Personal Network”. Master's thesis, Department of Computer Science, National Tsing Hua University, (2018). https://hdl.handle.net/11296/k65ayj
10. Ethereum smart contract platform. [Online]. Available：
https：//www.ethereum.org/
11. Zhu, Yan, et al. "Digital asset management with distributed permission over blockchain and attribute-based access control." 2018 IEEE International Conference on Services Computing (SCC). IEEE, 2018.
12. Zhang, Yuanyu, et al. "Smart contract-based access control for the internet of things." IEEE Internet of Things Journal 6.2 (2018): 1594-1605.
13. Hernandez-Ramos, Jose L., et al. "Toward a lightweight authentication and authorization framework for smart objects." IEEE Journal on Selected Areas in Communications 33.4 (2015): 690-702.
14. Roman, Rodrigo, Jianying Zhou, and Javier Lopez. "On the features and challenges of security and privacy in distributed internet of things." Computer Networks 57.10 (2013): 2266-2279.
15. Hernández-Ramos, José L., et al. "DCapBAC: embedding authorization logic into smart things through ECC optimizations." International Journal of Computer Mathematics 93.2 (2016): 345-366.
16. Bogner, Andreas, Mathieu Chanson, and Arne Meeuw. "A decentralised sharing app running a smart contract on the ethereum blockchain." Proceedings of the 6th International Conference on the Internet of Things. 2016.
17. slock.it [Online]. Available：https://slock.it/
18. Ouaddah, Aafaf, Anas Abou Elkalam, and Abdellah Ait Ouahman. "FairAccess: a new Blockchain‐based access control framework for the Internet of Things." Security and Communication Networks 9.18 (2016): 5943-5964.
19. Pinno, Otto Julio Ahlert, Andre Ricardo Abed Gregio, and Luis CE De Bona. "Controlchain: Blockchain as a central enabler for access control authorizations in the iot." GLOBECOM 2017-2017 IEEE Global Communications Conference. IEEE, 2017.
20. Novo, Oscar. "Blockchain meets IoT: An architecture for scalable access management in IoT." IEEE Internet of Things Journal 5.2 (2018): 1184-1195.
21. Zhang, Yuanyu, et al. "Smart contract-based access control for the internet of things." IEEE Internet of Things Journal 6.2 (2018): 1594-1605.
22. Eze, Peter, Tochukwu Eziokwu, and Chinedu Okpara. "A triplicate smart contract model using blockchain technology." Circulation in Computer Science–Disruptive Computing, Cyber-Physical Systems (CPS), and Internet of Everything (IoE) (2017): 1-10.
23. Xu, Lei, et al. "Dl-bac: Distributed ledger based access control for web applications." Proceedings of the 26th International Conference on World Wide Web Companion. 2017.
24. Zhu, Yan, et al. "Digital asset management with distributed permission over blockchain and attribute-based access control." 2018 IEEE International Conference on Services Computing (SCC). IEEE, 2018.
25. Ramachandran, Aravind, and Dr Kantarcioglu. "Using blockchain and smart contracts for secure data provenance management." arXiv preprint arXiv:1709.10000 (2017).
26. Azaria, Asaph, et al. "Medrec: Using blockchain for medical data access and permission management." 2016 2nd International Conference on Open and Big Data (OBD). IEEE, 2016.
27. Xia, Qi, et al. "BBDS: Blockchain-based data sharing for electronic medical records in cloud environments." Information 8.2 (2017): 44.
28. Viriyasitavat, Wattana, et al. "Blockchain-based business process management (BPM) framework for service composition in industry 4.0." Journal of Intelligent Manufacturing (2018): 1-12.
29. Crosby, Michael, et al. "Blockchain technology: Beyond bitcoin." Applied Innovation 2.6-10 (2016): 71.
30. Pustišek, Matevž, and Andrej Kos. "Approaches to front-end IoT application development for the Ethereum blockchain." Procedia Computer Science 129 (2018): 410-419.
31. Androulaki, Elli, et al. "Hyperledger fabric: a distributed operating system for permissioned blockchains." Proceedings of the Thirteenth EuroSys Conference. 2018.
32. Dhillon, Vikram, David Metcalf, and Max Hooper. "The hyperledger project." Blockchain enabled applications. Apress, Berkeley, CA, 2017. 139-149.
33. Zhu, Yan, et al. "Digital asset management with distributed permission over blockchain and attribute-based access control." 2018 IEEE International Conference on Services Computing (SCC). IEEE, 2018.
34. Fujimura, Shigeru, et al. "BRIGHT: A concept for a decentralized rights management system based on blockchain." 2015 IEEE 5th International Conference on Consumer Electronics-Berlin (ICCE-Berlin). IEEE, 2015.
35. Maesa, Damiano Di Francesco, Paolo Mori, and Laura Ricci. "Blockchain based access control." IFIP International Conference on Distributed Applications and Interoperable Systems. Springer, Cham, 2017.
36. Dorri, Ali, et al. "Blockchain for IoT security and privacy: The case study of a smart home." 2017 IEEE international conference on pervasive computing and communications workshops (PerCom workshops). IEEE, 2017.
37. Huh, Seyoung, Sangrae Cho, and Soohyung Kim. "Managing IoT devices using blockchain platform." 2017 19th international conference on advanced communication technology (ICACT). IEEE, 2017.
38. Dorri, Ali, Salil S. Kanhere, and Raja Jurdak. "Towards an optimized blockchain for IoT." 2017 IEEE/ACM Second International Conference on Internet-of-Things Design and Implementation (IoTDI). IEEE, 2017.