Bloccess: Enabling Fine-Grained Access Control Based on Blockchain

作     者：Ding, Yepeng Sato, Hiroyuki 

作者机构：Univ Tokyo Dept Elect Engn & Informat Syst Tokyo 1138654 Japan 

出 版 物：《JOURNAL OF NETWORK AND SYSTEMS MANAGEMENT》 (网络与系统管理杂志)

年 卷 期：2023年第31卷第1期

页      面：6-6页

核心收录：

学科分类：0810[工学-信息与通信工程] 08[工学] 0812[工学-计算机科学与技术（可授工学、理学学位）] 

基　　金：KAKENHI [19K11958  21J21087] 

主　　题：Access control Blockchain Security and privacy Formal methods Internet of things Distributed computing Software Engineering 

摘      要：Access control is a fundamental security aspect and has been adopted in diverse systems. Particularly, fine-grained access control models present good flexibility and scalability to adapt to complicated systems. However, building a trustworthy fine-grained access control mechanism in untrustworthy distributed environments such as Internet of Things (IoT) environments is challenging. Conventional access control mechanisms encounter security and privacy issues caused by centralized entities, such as single point of failure and data tampering. To address these issues, we have proposed Bloccess, a fine-grained access control framework based on the consortium blockchain, in our previous work. By leveraging blockchain technology, we formulate a set of protocols to enforce a tamper-proof access control mechanism in untrustworthy distributed environments. In this paper, we refine our previous work and present the extended version of Bloccess. We optimize our protocols and extend them to support a hybrid blockchain structure. We also formulate complete identification protocols for the administration mechanism in Bloccess. Besides, we show Bloccess in practice with a Bloccess-enabled IoT system. Furthermore, we conduct a semi-formal analysis to prove the security properties of Bloccess and evaluate its security through a security model and a threat model.