Sie befinden Sich nicht im Netzwerk der Universität Paderborn. Der Zugriff auf elektronische Ressourcen ist gegebenenfalls nur via VPN oder Shibboleth (DFN-AAI) möglich. mehr Informationen...
Bloccess: Enabling Fine-Grained Access Control Based on Blockchain
Ist Teil von
Journal of network and systems management, 2023-03, Vol.31 (1), p.6, Article 6
Ort / Verlag
New York: Springer US
Erscheinungsjahr
2023
Link zum Volltext
Quelle
SpringerLink
Beschreibungen/Notizen
Access control is a fundamental security aspect and has been adopted in diverse systems. Particularly, fine-grained access control models present good flexibility and scalability to adapt to complicated systems. However, building a trustworthy fine-grained access control mechanism in untrustworthy distributed environments such as Internet of Things (IoT) environments is challenging. Conventional access control mechanisms encounter security and privacy issues caused by centralized entities, such as single point of failure and data tampering. To address these issues, we have proposed Bloccess, a fine-grained access control framework based on the consortium blockchain, in our previous work. By leveraging blockchain technology, we formulate a set of protocols to enforce a tamper-proof access control mechanism in untrustworthy distributed environments. In this paper, we refine our previous work and present the extended version of Bloccess. We optimize our protocols and extend them to support a hybrid blockchain structure. We also formulate complete identification protocols for the administration mechanism in Bloccess. Besides, we show Bloccess in practice with a Bloccess-enabled IoT system. Furthermore, we conduct a semi-formal analysis to prove the security properties of Bloccess and evaluate its security through a security model and a threat model.