The IOTA Foundation, a non-profit focused on distributed ledger technology (DLT) and open-source development, today announces the launch of IOTA Access, an open-source DLT framework for building access control systems. Currently, the IOTA Foundation is working with partners including Jaguar Land Rover, STMicroelectronics, EDAG, RIDDLE&CODE, NTT DATA Romania, ETO GRUPPE and BiiLabs to bring a secure, highly-configurable, and permission-less access control framework to smart devices around the globe.
Existing access systems require centralization. Permissions revolve around an internet connection, with privileges and permissions being stored on a server or in the cloud. The device granting access must maintain a connection to these systems to continually check for permissions, making it highly restrictive. In the automotive world, for example, this just doesn't work. Vehicles do not have a stable, and consistent connection at all times. Constantly checking in with the centralized structure poses the same problem as other centralized systems: it requires a lot of bandwidth, and it provides a single point of failure.
IOTA Access decentralizes access and permission structures. It allows them to be embedded in the vehicle, for example, directly to process these signals on an individual level rather than as part of a larger, centralized structure.
Imagine this scenario. You agree to share your car with your roommate, Andy. He can borrow the car at specific hours, hours that you’re sleeping, and he's working. In exchange, he agrees to pay a fee for gasoline and maintenance. Andy also agrees to maintain insurance and return with the vehicle by 7 am each day so that you can leave for work at 8.
IOTA Access adds trust to transactions like these through an additional layer of transparency and flexible delegation of vehicle functions. If Andy is to use the vehicle, he must meet certain conditions to access it. With IOTA Access, these conditions are controlled electronically, granting or revoking permission to the car based on whether or not he meets the outlined requirements. For example, access is allowed if it’s between 11 pm and 7 am, if he has a valid insurance policy, and transfers 600 IOTAs per month to your wallet. And though IOTA Access starts with automotive, its use cases are endless. IOTA plans to expand Access into multiple access and permission uses cases as it moves forward.
"The challenge is in how to delegate access to our resources while ensuring that strict conditions are met," said IOTA co-founder Dominik Schiener. "In business, managing these contracts often falls under the control of entire departments or legal teams. With IOTA Access, we manage the bulk of this work from embedded devices, platforms, or even a smartphone app."
With IOTA Access, on IOTA's Tangle protocol, a user can grant access to any physical device or data stream in a remote, permission-less, and auditable manner. All of this is controlled behind the scenes, built into products or platforms that manage transactional details and grant or revoke access without user input.
This framework for access-controlled integration works with any IoT resource, whether a vehicle, smart lock or sensor embedded in another object. With IOTA Access, users or organizations can directly grant and revoke access at any time, add additional restrictions, or make on-the-fly changes to these agreements electronically. Using IOTA, both users have access to the terms and any extra entries to the ledger, such as past usage, changes to the agreement, and payments both sent and received.
IOTA Access works for small tasks, like lending a laptop or limiting screen time for children — only allowing access after they meet specific conditions. It can also control entire buildings, granting access to employees or tenants based on time of day, employee ID, or clearance level.
"Controlling access under specified conditions requires trust that both users will meet their portion of the agreement,"said IOTA co-founder David Sønstebø. "With IOTA Access we can provide that layer of transparency to ensure that both parties are honoring the agreement and observing its conditions."
Control access to specific machine functions and only under specified conditions
Flexible policy management
Delegate machine access rights to multiple tenants
Maintain transparency of controls through immutable audit trails
Easily integrate into existing apps and platforms via APIs
For more information on IOTA Access and to test it out, please visit: www.iota.org/solutions/access
The IOTA Foundation is a global non-profit foundation supporting the research and development of new distributed ledger technologies (DLT), including the IOTA Tangle.
The IOTA Tangle solves the fundamental shortcomings of blockchain: scalability, environmental sustainability and cost. IOTA is an open-source protocol connecting the human economy with the machine economy by facilitating novel Machine-to-Machine (M2M) interactions, including secure data transfer and feeless micropayments. To learn more visit www.iota.org, the IOTA Foundation YouTube channel and follow @iotatoken on Twitter.