Abstract
In distributed environment, a digital transaction or operation requires transparency and trust among multiple stakeholders. Several approches address such issues however, among these blockchain provides a viable solution which has received wide acceptance in the recent past. Permissioned blockchain solutions adopt more efficient consensus algorithms and smart contracts. There are many smart-contract solutions exists (such as, etherium, IBM blockchain, hyperledger fabric), however, much of them mainly follow traditional access control models. A role-based access control model provides controlled access of resources to members. This research work presents an extended usage control model known as DistU (Distributed Usage Control). DistU is proposed to capture all possible access control models required by a business for permissioned blockchain frameworks. DistU can monitor a resource continuously during the operation and update the attributes accordingly, performing different actions, such as denying or revoking permissions. We believe that the proposed DistU usage control model can provide a fine-grained control for blockchain resource management. The paper also contributes to provide a protoype implementation of fine-grained permission model on Hyperledger Fabric. The reason of selecting Fabric for this research is that, it is the first execute-order achitecture blockchain that provides a platform to develop general business applciations. Secondly, it is an opensource operating system of permissioned blockchain with huge industry support.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Nakamoto, S. (2008). Bitcoin: A peer-to-peer electronic cash system. Retrieved from https://bitcoin.org/bitcoin.pdf.
Fabric, H. (2018). Key concepts: Identitty. 2018. https://hyperledger-fabric.readthedocs.io/en/latest/identity/identity.html. Visited on 10/06/2018. Cit. on p. 25.
Vukolić, M. (2016). The quest for scalable blockchain fabric: Proof-of-work vs. BFT replication. In Lecture Notes in Computer Science (LNCS) (Vol. 9591, pp. 112–125). Berlin: Springer.
Androulaki, E., Barger, A., Bortnikov, V., Cachin, C., Christidis, K., & De Caro, A. (2018). Hyperledger fabric: A distributed operating system for permissioned blockchains. In EuroSys ‘18 proceedings of the thirteenth eurosys conference. Porto, Portugal: ACM.
Dhillon, V., Metcalf, D., & Hooper, M. (2017). The hyperledger project. In Blockchain enabled applications (pp. 139–149). Berlin: Springer.
Ali, T. (2018). Z notation formalization of blockchain healthcare document sharing based on CRBAC. Journal of Information Communication Technologies and Robotics Applications (JICTRA), 9, 16–29. Retrieved from http://nicerjcs.com/index.php/cs/article/view/179
Xu, R., Chen, Y., Blasch, E., & Chen, G. (2018). BlendCAC: A blockchain-enabled decentralized capability-based access control for IoTs. Computers, 7(3), 39. https://doi.org/10.3390/computers7030039.
Xu, R., Chen, Y., Blasch, E., & Chen, G. (n.d.). A federated capability-based access control mechanism for internet of things (IoTs). Paper presented at SPIE defense and commercial sensing 2018 (DCS) conference, Florida, USA.
Cruz, J. P. (2018). RBAC-SC: Role-based access control using smart contract. IEEE Access, 6, 12240–12251. https://doi.org/10.1109/ACCESS.2018.2812844.
Outchakoucht, A., Hamza, E.-S., & Leroy, J. P. (2017). Dynamic access control policy based on blockchain and machine learning for the internet of things. International Journal of Advanced Computer Science and Applications, 8(7), 417–424. https://doi.org/10.14569/issn.2156-5570.
Lindqvist, H. (2006). Mandatory access control. (Unpublished master’s dissertation). Umea University, Department of Computing Science. Sweden.
Fabric, H. (2018). Hyperledger fabric ledgers. 2018. https://hyperledger-fabric.readthedocs.io/en/latest/ledger/ledger.html?highlight=LEDGER. Visited on 10/06/2018. Cit. on pp. 31–33, 48.
Fabric, H. (2018). Key concepts: Membership. 2018. https://hyperledger-fabric.readthedocs.io/en/latest/membership/membership.html. Visited on 10/06/2018. cit. on pp. 25–27, 30.
Ali, J., Ali, T., Musa, S., & Zahrani, A. (2018). Towards secure IoT communication with smart contracts in a blockchain infrastructure. International Journal of Advanced Computer Science and Applications (IJACSA). https://doi.org/10.14569/IJACSA.2018.091070.
Park, J., & Sandhu, R. (2004). The UCON ABC usage control model. ACM Transactions on Information and System Security (TISSEC), 7(1), 128–174.
Zhang, X., Parisi-Presicce, F., Sandhu, R., & Park, J. (2005). Formal model and policy specification of usage control. ACM Transactions on Information System Security, 8(4), 351–387.
Funding
This research work is a collaboration of Universiti of Kuala Lumpur (UniKL/CoRI/str15101) and Islamic University of Madinah. Special thanks to Deanship of research of its support in every aspect.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Khan, M.Y., Zuhairi, M.F., Ali, T. et al. An extended access control model for permissioned blockchain frameworks. Wireless Netw 26, 4943–4954 (2020). https://doi.org/10.1007/s11276-019-01968-x
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11276-019-01968-x