A Distributed Access Control System for Cloud Federations

Alansari, Shorouq; Paci, Federica; Sassone, Vladimiro

doi:10.1109/icdcs.2017.241

Cited by 57 publications

(35 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…For the single point of failure, Jemel et al used the blockchain for user legitimacy checks in CP-ABE access control [10]; Outchakoucht et al used the blockchain for operations such as granting, using, and circulating access permissions in SmartOrBAC [11]. To address security and trust issues among multiple organizations, Cruz et al used blockchain as a trusted third party to solve the cross-organizational access control problem in Role-Based Access Control(RBAC) [12]; Alansari et al used blockchain to prevent user identity attributes and access control policies in Attributes Based Access Control(ABAC) from being modified by malicious users [13]; Maesa et al publicly store policies and permission exchanges on the blockchain to prevent one party from fraudulently rejecting the rights granted by the policies [14].…”

Section: Related Workmentioning

confidence: 99%

A Mechanism to Resolve the Unauthorized Access Vulnerability Caused by Permission Delegation in Blockchain-Based Access Control

Shi

Hou

2020

IEEE Access

View full text Add to dashboard Cite

Permission delegation in access control provides the subject with a second method to obtain object permissions in addition to permission granting. It is especially applicable when the owner and manager of the object are inconsistent. With the development of the Internet of Things, there are more and more scenes where object owners and managers are inconsistent, but the research on permission delegation in access control based on blockchain is not perfect. Therefore, once implemented in these blockchainbased access control algorithms, the permission delegation tends to have an unauthorized access. Based on the analysis of the causes for the unauthorized access vulnerability, this paper proposes a token-constrained permission delegation algorithm (TCPDA), which converts the access control policy corresponding to permissions into constraints for permission use, embeds the constraints in the permission token, and forms constraints on the transfer of tokens. Only subjects that meet the constraint conditions can receive tokens, thereby solving unauthorized access vulnerability caused by permission delegation. Since not all access control models can transform strategies into constraints and integrate them into blockchain tokens, this paper also proposes a permission delegation algorithm for decision-making entities to make desirable decisions. Finally, the security analysis shows that the two proposed schemes can overcome the unauthorized access vulnerability caused by permission delegation, and the algorithm performance is analyzed through experiments.

show abstract

Section: Related Workmentioning

confidence: 99%

A Mechanism to Resolve the Unauthorized Access Vulnerability Caused by Permission Delegation in Blockchain-Based Access Control

Shi

Hou

2020

IEEE Access

View full text Add to dashboard Cite

show abstract

“…In cloud federation also sharing data between multiple organization is a concern from users privacy perspective [2]. Keeping the arXiv:1908.08503v1 [cs.CR] 22 Aug 2019 personal data related to the users' identities private, while giving them access to the shared data, is the main concern.…”

Section: Traditional Access Control System Problems and Blockchain Kementioning

confidence: 99%

“…[60] Mobile applications. Alansari et al [1,2] Cloud federation Ouaddah et al [39], Pinno et al [41], Dukkipati [21], Ma et al [34] Personal data generated by IoT devices Dagher et al [14], Azaria et al [5], Xia et al [52] Healthcare patients data Le and Mutka [30] Pervasive environment…”

Section: Blockchain-based Access Control Systemmentioning

confidence: 99%

“…The Bystander is the one who is willing to pay a small fee in order to get access to the shared knowledge. Similarly, Alansari et al [2] present an identity and access control management framework for cloud federation while keeps the attributes related to the users' identity private by using the OCBE protocol [31]. Although the federation party, which owns the data, do not have access to the users' attributes, the user can access the requested data if the user has access to the data based on the system policy.…”

Section: Data Sharing Access Controlmentioning

confidence: 99%

“…[23,36] systems have focused on auditability characteristic and trusted logging provided by blockchain to design a reliable access control system. From the transactional perspective, [28,35,59] use only transactions to store access control attributes on blockchain, while [2,13,17,22,23,26,36,39,42,51,52] applied smart contracts to exploit its advantages such as flexibility and automatically enforcing access control policies. Also, the challenges and future directions have been discussed in this paper.…”

Section: Summary and Future Workmentioning

confidence: 99%

See 2 more Smart Citations

Blockchain based access control systems: State of the art and challenges

Rouhani

Deters

2019

IEEE/WIC/ACM International Conference on Web Intelligence

View full text Add to dashboard Cite

Access control is a mechanism in computer security that regulates access to the system resources. The current access control systems face many problems, such as the presence of the third-party, inefficiency, and lack of privacy. These problems can be addressed by blockchain, the technology that received major attention in recent years and has many potentials. In this study, we overview the problems of the current access control systems, and then, we explain how blockchain can help to solve them. We also present an overview of access control studies and proposed platforms in the different domains. This paper presents the state of the art and the challenges of blockchain-based access control systems.

show abstract