# Multi-Authority Attribute-Based Access Control with Smart Contract

**Authors:** Hao Guo, Ehsan Meamari, Chien-Chung Shen

arXiv: 1903.07009 · 2019-09-18

## TL;DR

This paper introduces a decentralized multi-authority attribute-based access control system using Ethereum smart contracts, enabling secure validation of user attributes across multiple authorities for controlled data access.

## Contribution

It presents a novel scheme leveraging Ethereum smart contracts for multi-authority attribute validation, with a prototype implementation and performance evaluation.

## Key findings

- Prototype implemented in Solidity on Rinkeby Ethereum Testnet
- Effective validation of attributes from multiple authorities
- Performance metrics demonstrate feasibility for practical use

## Abstract

Attribute-based access control makes access control decisions based on the assigned attributes of subjects and the access policies to protect objects by mediating operations from the subjects. Authority, which validates attributes of subjects, is one key component to facilitate attribute-based access control. In an increasingly decentralized society, multiple attributes possessed by subjects may need to be validated by multiple different authorities. This paper proposes a multi-authority attribute-based access control scheme by using Ethereum's smart contracts. In the proposed scheme, Ethereum smart contracts are created to define the interactions between data owner, data user, and multiple attribute authorities. A data user presents its attributes to different attribute authorities, and after successful validation of attributes, obtains attribute tokens from respective attribute authorities. After collecting enough attribute tokens, a smart contract will be executed to issue secret key to the data user to access the requested object. The smart contracts for multi-authority attribute-based access control have been prototyped in Solidity, and their performance has been evaluated on the Rinkeby Ethereum Testnet.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1903.07009/full.md

## Figures

4 figures with captions in the complete paper: https://tomesphere.com/paper/1903.07009/full.md

## References

15 references — full list in the complete paper: https://tomesphere.com/paper/1903.07009/full.md

---
Source: https://tomesphere.com/paper/1903.07009