While Internet of Things (IoT) technology has been widely recognised as an essential part of Smart Cities, it also brings new challenges in terms of privacy and security. Access control (AC) is among the top security concerns, which is critical in resource and information protection over IoT devices. Traditional access control approaches aren’t able to provide a scalable, manageable and efficient mechanism to meet the requirements of IoT systems. These traditional approaches include:

• Access Control Lists (ACL)
• Role-based Access Control (RBAC)
• Attribute-based Access Control (ABAC)

Another weakness in today’s AC is the centralised authorisation server, which can cause a performance bottleneck or be the single point of failure. Inspired by the smart contract on top of a blockchain protocol,
this paper proposes BlendCAC, which is a decentralised, federated capability-based AC mechanism to enable effective protection for devices, services and information in large-scale IoT systems.
A federated capability-based delegation model (FCDM) is introduced to support hierarchical and multi-hop delegation. The mechanism for delegate authorisation and revocation is explored.

A robust identity-based capability token management strategy is proposed, which takes advantage of the smart contract for registration, propagation, and revocation of the access authorisation. A proof-of-concept
prototype has been implemented on both resources-constrained devices (i.e., Raspberry PI nodes) and more powerful computing devices (i.e., laptops) and tested on a local private blockchain network.
The experimental results demonstrate the feasibility of the BlendCAC to offer a decentralised, scalable, lightweight and fine-grained access control solution for IoT systems.