# Distributed Access Control with Blockchain

**Authors:** Jordi Paillisse, Jordi Subira, Albert Lopez, Alberto, Rodriguez-Natal, Vina Ermagan, Fabio Maino, Albert Cabellos

arXiv: 1901.03568 · 2019-01-14

## TL;DR

This paper proposes a blockchain-based extension to network access control policies, enabling secure, auditable, and decentralized management across multiple administrative domains, addressing scalability and granularity issues of traditional solutions.

## Contribution

It introduces a novel blockchain-enabled framework for multi-domain access control, integrating Hyperledger Fabric with network policy languages and control planes.

## Key findings

- Demonstrated scalable policy distribution via blockchain
- Achieved secure and auditable access control across organizations
- Evaluated system performance in terms of latency and scalability

## Abstract

The specification and enforcement of network-wide policies in a single administrative domain is common in today's networks and considered as already resolved. However, this is not the case for multi-administrative domains, e.g. among different enterprises. In such situation, new problems arise that challenge classical solutions such as PKIs, which suffer from scalability and granularity concerns. In this paper, we present an extension to Group-Based Policy -- a widely used network policy language -- for the aforementioned scenario. To do so, we take advantage of a permissioned blockchain implementation (Hyperledger Fabric) to distribute access control policies in a secure and auditable manner, preserving at the same time the independence of each organization. Network administrators specify polices that are rendered into blockchain transactions. A LISP control plane (RFC 6830) allows routers performing the access control to query the blockchain for authorizations. We have implemented an end-to-end experimental prototype and evaluated it in terms of scalability and network latency.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1901.03568/full.md

## Figures

9 figures with captions in the complete paper: https://tomesphere.com/paper/1901.03568/full.md

## References

18 references — full list in the complete paper: https://tomesphere.com/paper/1901.03568/full.md

---
Source: https://tomesphere.com/paper/1901.03568