Search details

Chaincode-based Access Control System for Multi-Administrative domains

Abstract

Access Control Services are recently have become increasingly popular as independent service providers according to the Software as a Service (SaaS) model. The more popularity they gain the more inclined they become for threats and attacks. On the other hand, the blockhain technology affected a great wonder with its security techniques. Being motivated of these technologies, we moved our new approach idea forward to combine and leverage the advantage techniques of both technologies. In our research, we conducted a new approach for carrying out the privacy protection in Attribute-based Access Control Services. So as to perform the proposed idea we use a permissioned blockchain platform namely, Hyperledger Fabric since it supports both the private and public data collections. In our fully Hyperledger Fabric based Access Control Service the attributes and policies are stored using ledger’s both public and private data storages. Meantime, almost all components we write as chaincodes (smart contracts) using which we add and delete users, store attributes and policies and make decisions either giving or denying the request. As we rely on the access control system which based on the attributes, we utilize the benefits of the XACML specifications provided by the OASIS community to set access management policies according to our particular use scenario. A very convenient tool is used to write our own policy and policy is parsed into Java language for the sake of simplifying to code smart contracts for the ABAC components.

more

Table of contents

1. Introduction 1
2. Background 3
2.1 XACML standard 3
2.2 Blockchain 5
2.3 Hyperledger Fabric 6
2.4 Related works 8
3. Architecture for the Access Control service based on Hyperledger Fabric 9
3.1. Policy creation 12
3.2 Storing Attributes 15
3.3 Access request time 16
4. System implementation 17
5. System evaluation 22
6. Conclusion 24
7. References 25

more
Export Meta View List