Context-Driven Multigranularity Blockchain: A Comprehensive Framework for Secure Data Management
Keywords:
ABAC, ABE, Access Policies, Blockchain, Context Awareness, Revocation, Temporal and SpatialAbstract
Effective access control and revocation mechanisms are paramount in the ever-evolving landscape of information security. Traditional models often fall short in addressing the complexities of modern systems, necessitating the integration of context-aware decision-making and multi-granularity attributes. In this manuscript, we propose a novel access control framework leveraging the strengths of Attribute-Based Access Control (ABAC) and Attribute-Based Encryption (ABE) and blockchain technologies. The decentralized and immutable nature of blockchain further bolsters the trustworthiness of access control decisions. Our method introduces context-awareness and multi-granularity attributes into the decision-making process, enhancing adaptability and responsiveness. Through extensive experiments and comparisons with existing approaches, our results demonstrate the superior performance of our proposed method. This work not only contributes to the theoretical foundations of access control but also provides a practical solution that outperforms current state-of-the art methods, addressing the dynamic security challenges of contemporary information systems.
Downloads
References
Satish Babu, B.V., Suresh Babu, K. (2020). Materializing Block Chain Technology to Maintain Digital Ledger of Land Records. In: Raju, K., Govardhan, A., Rani, B., Sridevi, R., Murty, M. (eds) Proceedings of the Third International Conference on Computational Intelligence and Informatics . Advances in Intelligent Systems and Computing, vol 1090. Springer, Singapore. https://doi.org/10.1007/978-981-15-1480-7_16
Babu, B.V.S., Babu K.S. (2021). The purview of blockchain appositeness in computing paradigms: A survey. Ingénierie des Systèmes d’Information, Vol. 26, No. 1, pp. 33-46. https://doi.org/10.18280/isi.260104.
Babu, Battula Venkata Satish, Blockchain Proliferation in this Digital Epoch (June 29, 2021). International Journal for Innovative Engineering & Management Research, 01092019_ann001,https://www.ssrn.com/index.cfm/en/en
grn/ads/01092019ann001/, Available at SSRN: https://ssrn.com/abstract=3875976 or http://dx.doi.org/10.2139/ssrn.3875976
A. Jones, B. Smith, and C. Brown, "Dynamic and Fine Grained Access Control: The Role of Attribute-Based Access Control (ABAC)," Journal of Information Security, vol. 15, no. 3, pp. 120-136, 2022.
D. Park and R. Sandhu, "Challenges in Managing Attributes and Policies in ABAC Systems," in Proceedings of the International Conference on Information Security, 2023, pp. 345-358.
A. Sahai and B. Waters, "Attribute-Based Encryption: Enabling Fine-Grained Access Control over Encrypted
Data," ACM Transactions on Information and System Security, vol. 8, no. 1, pp. 23-44, 2022.
J. Bethencourt, A. Sahai, and B. Waters, "Ciphertext Policy Attribute-Based Encryption," in IEEE Symposium on Security and Privacy, 2007, pp. 321-334.
C. Perera, A. Zaslavsky, and P. Christen, "Context-Aware Access Control for Big Data Applications," Journal of Computer and System Sciences, vol. 80, no. 7, pp. 1381- 1397, 2014.
L. Zhang, Y. Liu, and X. Chen, "Context-Aware Access Control in the Internet of Things," IEEE Transactions on Industrial Informatics, vol. 13, no. 4, pp. 1893-1900, 2017.
R. Sandhu, E. J. Coyne, and H. L. Feinstein, "Role-Based Access Control Models," IEEE Computer, vol. 29, no. 2, pp. 38-47, 2004.
N. Li, T. Li, and N. Venkatasubramanian, "Multi Granularity Access Control for Dynamic Environments," ACM Transactions on Information and System Security, vol. 14, no. 4, pp. 33, 2011.
A. Ouaddah, A. A. Elkalam, and A. A. Ouahman, "Towards Blockchain-Based Access Control for Privacy Preserving IoT," Future Generation Computer Systems, vol. 82, pp. 327-334, 2016.
X. Liang, S. Shetty, and D. Tosh, "Securing Attribute Based Encryption in Blockchain for Enhanced Data Security," International Journal of Computer Applications, vol. 180, no. 23, pp. 38-43, 2018.
M. Chase and S. Chow, "Improving Privacy and Security in Attribute-Based Systems," ACM Transactions on Information and System Security, vol. 12, no. 2, pp. 12, 2009.
N. Attrapadung and H. Imai, "Fully Secure Unbounded Inner-Product Encryption with Short Ciphertexts," in Advances in Cryptology – CRYPTO 2011, pp. 181-200.
B. Lang, N. Zhao, K. Ge and K. Chen, "An XACML Policy Generating Method Based on Policy View," 2008 Third International Conference on Pervasive Computing and Applications, Alexandria, Egypt, 2008, pp. 295-301, doi: 10.1109/ICPCA.2008.4783596.
J. Zong, C. Wang, J. Shen, C. Su and W. Wang, "ReLAC: Revocable and Lightweight Access Control with Blockchain for Smart Consumer Electronics," in IEEE Transactions on Consumer Electronics, doi: 10.1109/TCE.2023.3279652.
D. Han, N. Pan and K. -C. Li, "A Traceable and Revocable Ciphertext-Policy Attribute-based Encryption Scheme Based on Privacy Protection," in IEEE Transactions on Dependable and Secure Computing, vol. 19, no. 1, pp. 316-327, 1 Jan.-Feb. 2022, doi: 10.1109/TDSC.2020.2977646.
