IIT Home Page CNR Home Page

A blockchain based approach for the definition of auditable Access Control systems.

This work proposes to exploit blockchain technology to define Access Control Systems  that guarantee the auditability of access control policies evaluation. The key idea of our proposal is to codify attribute-based Access Control policies as smart contracts and deploy them on a blockchain, hence transforming the policy evaluation process into a completely distributed smart contract execution.  Not only the policies, but also the attributes required for their evaluation are managed by smart contracts deployed on the blockchain.The auditability property derives from the immutability and transparency properties of blockchain technology. This paper not only presents the proposed Access Control System in general, but also its application to the innovative reference scenario where the resources to be protected are themselves smart contracts. To prove the feasibility of our approach, we present a reference implementation exploiting XACML policies and Solidity written smart contracts deployed on the Ethereum blockchain.Finally, we evaluate the system performances through a set of experimental results, and we discuss the advantages and drawbacks of our proposal.


Computers & Security, 2019

Autori esterni: Laura Ricci (Dipartimento di Informatica, Università di Pisa)
Autori IIT:

Damiano Di Francesco Maesa

Foto di Damiano Di Francesco Maesa

Tipo: Contributo in rivista ISI
Area di disciplina: Information Technology and Communication Systems

File: camera_ready.pdf
Da pagina 93 a pagina 119

Attività: Sicurezza nel Cloud Computing