A Lightweight Blockchain-Based Predictive Framework For Context-Aware Access Control In Iot Systems

Fig.1 Proposed Predictive Access Control Framework for IoT System

Fig.1 illustrates the architecture of the proposed predictive access control framework for IoT systems. The framework consists of three primary layers: the IoT device layer, the predictive intelligence layer, and the blockchain validation layer. IoT devices generate access requests containing contextual attributes such as device ID, timestamp, location, and request frequency. These requests are analyzed by the LSTM-based predictive module, which analyzes temporal patterns to identify anomalous behavior. Based on the prediction, requests are categorized into normal and high-risk categories. Normal requests are processed through a lightweight authorization path without blockchain involvement, while high-risk requests are forwarded to the blockchain layer for secure validation using smart contracts and consensus mechanisms. The final access decision is recorded, and all validated transactions are stored in the blockchain ledger to ensure transparency and auditability.

2. System Architecture

The proposed system consists of three logical layers:

1. IoT Device Layer

This layer includes heterogeneous IoT devices that generate access requests. Each request contains attributes such as device identity, timestamp, location, and access type. These attributes represent the contextual information required for decision-making.

2. Predictive Intelligence Layer

This layer processes incoming requests and performs anomaly prediction using an LSTM model. The model analyzes temporal and contextual features such as request frequency and location patterns to identify abnormal behavior.

Requests identified as normal are processed with minimal delay, while anomalous or high-risk requests are flagged for further validation. This selective filtering reduces the number of transactions forwarded to the blockchain layer.

3. Blockchain Validation Layer

This layer enforces access control policies using smart contracts deployed on a consortium blockchain network. Only filtered requests are submitted for validation, ensuring reduced computational overhead. The blockchain provides tamper-resistant logging, decentralized trust, and secure policy enforcement.

3. Predictive Access Control Mechanism

The predictive component uses an LSTM-based model to capture temporal dependencies in access request patterns. Each request is represented as a feature vector including:

• Device ID
• Timestamp
• Location
• Request frequency
• Access type

The LSTM model processes sequential input and produces a probability score indicating whether a request is normal or anomalous.

The risk associated with an access request is represented as:

Risk=fA_s, A_o,A_e

where A_s represents subject attributes (e.g., device ID), A_o represents object or resource attributes, and A_e represents environmental attributes such as location and time.

The classification decision is defined as:

y_t>θ→Anomalous Request

y_t≤θ→Normal Request

where y_t denotes the predicted probability score generated by the LSTM model at time t, and θ represents a predefined threshold used to distinguish between normal and anomalous access requests.

If the predicted probability exceeds a predefined threshold, the request is classified as anomalous and subjected to strict validation. Otherwise, it is processed through the lightweight path.

This mechanism enables proactive security by identifying potential threats before full validation, thereby reducing system load.

4. Workflow of the Proposed System

The end-to-end workflow of the system is as follows:

1. An IoT device generates an access request with contextual attributes.
2. The request is forwarded to the predictive intelligence layer.
3. The LSTM model evaluates the request and assigns a risk score.
4. Based on the prediction:

• Normal requests are processed directly
• Suspicious requests are forwarded to the blockchain layer

5. The blockchain layer validates the request using smart contracts.
6. The final authorization decision is recorded for audit purposes.

This workflow ensures that only necessary requests undergo expensive blockchain validation, improving overall efficiency.

5. Design Rationale

The framework is designed to address the trade-off between performance and security in IoT access control systems.

• Traditional models offer low latency but lack adaptability.
• Blockchain-based systems provide strong security but introduce high overhead.

The proposed approach balances these factors by introducing predictive filtering, which reduces redundant validation while maintaining decentralized trust.

RESULTS AND DISCUSSION

1. Experimental Setup

The proposed framework was evaluated using a simulated IoT environment with synthetically generated access request data. The dataset consists of 1,200 access requests, including both normal and anomalous patterns characterized by variations in request frequency, location, and temporal attributes.

To ensure compatibility with the predictive model, the dataset was preprocessed by encoding categorical attributes such as device ID, location, and access type into numerical form. Numerical features including timestamp and request frequency were normalized using Min-Max scaling to ensure uniform input representation.

The dataset was divided into training and testing sets using an 80:20 split, resulting in 960 training samples and 240 testing samples.

Three access control models were considered for comparative evaluation:

Traditional ABAC model, which performs rule-based authorization without predictive filtering

blockchain-only model, where all access requests are validated through smart contract execution and consensus

Proposed predictive framework, which integrates LSTM-based anomaly detection with selective blockchain validation

The performance of these models was evaluated using key metrics including authorization latency, system throughput, and prediction accuracy.

2. Prediction Performance

The predictive component of the framework was implemented using a Long Short-Term Memory (LSTM) model to classify access requests as normal or anomalous based on temporal and contextual features.

The model was trained for 10 epochs with a batch size of 32. During training, the model demonstrated stable convergence, with a consistent decrease in loss and improvement in classification accuracy across epochs.

The trained model achieved near-perfect classification accuracy under controlled synthetic conditions. This performance is primarily due to the clear separation between normal and anomalous patterns in the synthetic dataset, particularly in terms of request frequency and contextual attributes.

While the results validate the effectiveness of the predictive mechanism in a controlled environment, real-world IoT systems may exhibit more complex and overlapping patterns. Therefore, further validation using real-world datasets is necessary for comprehensive performance assessment.

3. Latency Analysis

Fig. 2. Latency Comparison of Access Control Models

The latency performance of the evaluated models was analyzed under varying request loads. As shown in Fig. 2, the blockchain-only model exhibits the highest authorization latency, with an average delay of approximately 120ms.  This is primarily due to the requirement of executing smart contracts and performing consensus validation for every access request.

The traditional ABAC model demonstrates the lowest latency, averaging around 35ms, as access decisions are made locally without involving distributed validation mechanisms. However, this approach lacks adaptability and is less effective in handling dynamic and anomalous conditions.

The proposed predictive framework achieves an average latency of approximately 85ms, representing a reduction of nearly 28–32% compared to the blockchain-only model. This improvement is achieved through the predictive filtering mechanism, which minimizes unnecessary blockchain interactions by identifying and selectively processing access requests based on their risk level.

4. Throughput Analysis

Fig. 3. Throughput Comparison under Varying Request Load

The throughput performance of the system was evaluated by measuring the number of requests processed per second under increasing load conditions. As illustrated in Fig. 3, the traditional ABAC model achieves the highest throughput due to minimal processing overhead.

In contrast, the blockchain-only model shows significantly lower throughput, as each request requires validation through consensus mechanisms and smart contract execution, limiting its scalability.

The proposed predictive framework demonstrates improved throughput compared to the blockchain-only model. By filtering non-critical requests before blockchain validation, the system reduces the workload on the distributed ledger, enabling more efficient processing of access requests under high-load conditions.

5. Discussion

The experimental results highlight the inherent trade-off between performance and security in IoT access control systems. Traditional models such as ABAC provide low latency and high throughput but lack adaptability and robustness against dynamic threats. Blockchain-based approaches, while offering enhanced security and decentralized trust, introduce significant computational overhead that negatively impacts system performance.

The proposed framework addresses these limitations by integrating predictive intelligence with blockchain-based validation. The LSTM-based filtering mechanism enables proactive identification of anomalous access patterns, reducing unnecessary blockchain interactions and improving overall system efficiency.

The latency and throughput results further demonstrate that the proposed approach achieves a balanced performance by maintaining enhanced security than traditional models while significantly reducing the overhead associated with blockchain-based systems.

However, it is important to note that the current evaluation is based on a simulated environment using synthetic data. Real-world IoT deployments may involve additional challenges such as noisy data, device mobility, and network variability. Future work will focus on validating the framework using real-world datasets and exploring optimization strategies to further enhance scalability and efficiency.

CONCLUSION

This paper presented a lightweight blockchain-based predictive framework for context-aware access control in IoT systems. The proposed approach integrates LSTM-based anomaly prediction with decentralized Blockchain validation to address the limitations of traditional and blockchain-only access control mechanisms.

The experimental results demonstrate that traditional ABAC models achieve low latency and high throughput but lack adaptability in dynamic environments. In contrast, blockchain-based approaches provide enhanced security and decentralized trust however, they introduce significant computational overhead and increased authorization latency.

The proposed framework effectively balances these trade-offs by incorporating predictive filtering, which reduces unnecessary Blockchain interactions. The results indicate that the framework achieves a reduction in authorization latency of approximately 28–32% compared to blockchain-only models, while also improving throughput under increasing request loads.

The integration of predictive intelligence enables proactive identification of anomalous access patterns, improving system efficiency without compromising security. This makes the proposed framework suitable for large-scale IoT environments where both performance and security are critical.

However, the current study is based on a simulated environment using synthetic data. Real-world IoT systems may present additional challenges, including noisy data, dynamic device behavior, and network variability. Future work will focus on validating the framework using real-world datasets and improving its scalability under dynamic conditions.

REFERENCES

1. A. Ouaddah, A. Abou Elkalam, and A. Ait Ouahman, “Access control in the Internet of Things: Big challenges and new opportunities,” Computer Networks, vol. 112, pp. 237–262, 2017.
2. S. Sicari, A. Rizzardi, L. A. Grieco, and A. Coen-Porisini, “Security, privacy and trust in Internet of Things: The road ahead,” Computer Networks, vol. 76, pp. 146–164, 2015.
3. M. Abomhara and G. M. Køien, “Security and privacy in the Internet of Things: Current status and open issues,” in Proc. IEEE Int. Conf. Privacy and Security in Mobile Systems, 2014.
4. H. Ning and H. Liu, “Cyber-physical-social based security architecture for future Internet of Things,” Advances in Internet of Things, vol. 2, no. 1, pp. 1–7, 2012.
5. K. Christidis and M. Devetsikiotis, “Blockchains and smart contracts for the Internet of Things,” IEEE Access, vol. 4, pp. 2292–2303, 2016.
6. S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” 2008.
7. Z. Zhang, Q. Qi, and F. Chen, “Blockchain-based access control for IoT systems,” IEEE Internet of Things Journal, vol. 7, no. 5, pp. 4378–4390, 2020.
8. H. Liu, D. Han, and D. Li, “Fabric-IoT: A Blockchain-based access control system in IoT,” IEEE Access, vol. 8, pp. 182–191, 2020.
9. A. Ouaddah, H. Mousannif, A. Ait Ouahman, and M. Elkalam, “FairAccess: A new Blockchain-based access control framework for the Internet of Things,” Security and Communication Networks, 2016.
10. K. Salah, M. H. U. Rehman, N. Nizamuddin, and A. Al-Fuqaha, “Blockchain for AI: Review and open research challenges,” IEEE Access, vol. 7, pp. 10127–10149, 2019.
11. M. M. Merlec and H. P. In, “SC-CAAC: A smart-contract-based context-aware access control scheme,” IEEE Internet of Things Journal, 2024.
12. S. Ding, J. Cao, C. Li, K. Fan, and H. Li, “A novel attribute-based access control scheme using Blockchain for IoT,” IEEE Access, 2019.
13. T. Sultana et al., “Data sharing system integrating access control mechanism using Blockchain-based smart contracts for IoT devices,” Applied Sciences, 2020.
14. W. Jiang et al., “IoT access control model based on Blockchain and trusted execution environment,” Processes, 2023.
15. A. Z. Ourad, B. Belgacem, and K. Salah, “Using Blockchain for IoT access control and authentication management,” in Proc. ICIOT, 2018.