Smart Contract-Based Role Management on the Blockchain
Role-based access management is essential in today’s business applications. The need for such access control is indisputable, implementation in a centralized way, on the other hand, is not ideal. An improvement could be a decentralized, Smart-Contract-based approach. This paper examines whether corporate applications can use distributed ledger based authorization systems to benefit from the positive properties of blockchain technology, without losing the possibilities and strengths of existing central authorization techniques. The benefit of a prototype with a decentralized approach is to serve as a basis for future decentralized company developments. This paper deals with the implementation and validation of a blockchain-based access control solution for decentralized applications. The feasibility of this on-chain solution for role-based access control (RBAC) is verified through a proof-of-concept using a suitable distributed ledger platform.
The implementation of the authorization system aims to fulfill the evaluation requirements and does not claim to be used as a corporate service.
KeywordsBlockchain Distributed ledger technology Identity and access management
- 1.Colomb, R.: Deductive Databases and Their Application. Taylor & Francis, Bristol (2003)Google Scholar
- 2.Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008). http://www.bitcoin.org/bitcoin.pdf
- 3.Szabo, N.: Formalizing and securing relationships on public networks. J. First Monday (1997)Google Scholar
- 4.Civic Whitepaper. https://tokensale.civic.com/CivicTokenSaleWhitePaper.pdf. Accessed 4 Apr 2018
- 5.SelfKey Whitepaper. https://selfkey.org/wp-content/uploads/2017/11/selfkey-whitepaper-en.pdf. Accessed 4 Apr 2018
- 6.Hyperledger Indy Working Group Homepage. https://wiki.hyperledger.org/projects/indy. Accessed 4 Apr 2018
- 7.Hyperledger Indy Homepage. https://www.hyperledger.org/projects/hyperledger-indy. Accessed 4 Apr 2018
- 8.Incits: American National Standard for Information Technology - Role-Based Access Control Models. ANSI INCITS 359-2004 (2004)Google Scholar
- 9.Haustein, N.: Solving the long term archiving challenges with IBM Spectrum Protect for Data Retention Solutions (formerly SSAM) (2016)Google Scholar