IOTA Access, from the IOTA Foundation, is a distributed ledger technology-based open-source framework for granting or revoking conditional access to physical devices in a remote, permission-less and auditable manner. The Foundation is a non-profit focused on DLT and open-source development. it has launched IOTA Access as an open-source framework.
Currently, the IOTA Foundation is working with partners – including Jaguar Land Rover, STMicroelectronics, EDAG, RIDDLE&CODE, NTT DATA Romania, ETO GRUPPE and BiiLabs. The objective is to bring a secure, configurable and permission-less access control framework to smart devices around the globe.
“Controlling access under specified conditions requires trust that both users will meet their portion of the agreement,” said IOTA co-founder David Sønstebø. “With IOTA Access we can provide that layer of transparency to ensure that both parties are honoring the agreement and observing its conditions.”
Existing access systems require centralisation:
- permissions revolve around an internet connection
- servers, whether on-prem or in a cloud, store privileges and permissions
- the device granting access must maintain a connection to these systems and continually check for permissions.
This makes for a highly restrictive environment. In the automotive world, for example, this does not work well. Vehicles do not have stable and consistent connections at all times. Constantly checking-in with a centralised structure poses the same problem as other centralised systems – it:
- requires copious bandwidth
- provides a single point of failure.
IOTA Access and what it offers
IOTA Access decentralises access and permission structures. It enables the embedding of these in a vehicle, for example, directly to process these signals on an individual level rather than as part of a larger, centralised structure.
An example illustrates this. You own a car. You want to share that car with your neighbour. He can borrow the car at specific times, perhaps those when one is sleeping and the other working. In exchange, the neighbour agrees to:
- pay a fee for gasoline and maintenance
- maintain the insurance
- return with the vehicle by 7 am each day.
IOTA Access adds trust to transactions like these through a layer of transparency and flexible delegation of vehicle functions. If the neighbour is to use the vehicle, he must meet certain conditions to access it. IOTA Access provides electronic control of these conditions – granting or revoking permission to the car based on whether or not the neighbour satisfies the three conditions above. Access occurs, between 11 pm and 7 am, if there is a valid insurance policy and a transfer of some agreed sum of IOTAs each month.
“The challenge is in how to delegate access to our resources while ensuring that strict conditions are met,” said IOTA co-founder Dominik Schiener. “In business, managing these contracts often falls under the control of entire departments or legal teams. With IOTA Access, we manage the bulk of this work from embedded devices, platforms, or even a smartphone app.”
Extending IOTA Access relevance
With IOTA Access, using IOTA’s Tangle protocol, a user can grant access to any physical device or data stream in a remote, permission-less and auditable manner. All of this is controlled behind the scenes, built into products or platforms that manage transactional details and grant or revoke access without user input.
The IOTA Foundation believes this framework for access-controlled integration works with any IoT resource, whether a vehicle, smart lock or sensor embedded in another object. With IOTA Access, users or organisations can:
- grant and revoke access at any time
- add additional restrictions
- make on-the-fly changes to these agreements.
Using IOTA, participants (users) have access to the terms plus any extra entries made to the ledger. These can include details such as:
- past usage
- changes to agreements
- payments (both sent and received).
Furthermore, IOTA Access works for small tasks, like lending a laptop or limiting screen time for children — only allowing access after they meet specific conditions. It can also control entire buildings, granting access to employees or tenants based on time of day, employee ID, or clearance level.
It includes the following additional features:
- control of access to specific machine functions and only under specified conditions
- flexible policy management
- delegation of machine access rights to multiple tenants
- maintenance of transparency of controls through immutable audit trails
- integration into existing apps and platforms (via APIs).
Enterprise Times: what does this mean
The IOTA Foundation supports research and development into DLT. This includes the IOTA Tangle which sets out to solve the typical shortcomings of blockchain:
- environmental sustainability
To make it more appealing, IOTA is an open-source protocol. It seeks (in its own words) “to connect the human economy with the machine economy by facilitating novel Machine-to-Machine (M2M) interactions, including secure data transfer and feeless micropayments”. In this context, though IOTA Access is starting with the auto industry, the example above suggests that multiple other use cases are possible. To that end, IOTA says it plans to expand Access into multiple access and permission uses cases as it moves forward.