Distributed Attribute-Based Access Control System Using a Permissioned Blockchain

TL;DR

This paper introduces a distributed attribute-based access control system leveraging blockchain technology, specifically Hyperledger Fabric, to enable trusted auditing, transparency, and efficient processing of access requests in digital library environments.

Contribution

The paper presents a novel blockchain-based ABAC system with a detailed architecture, implementation, and performance analysis demonstrating high efficiency and low latency.

Findings

System can process 5,000 requests with 200 requests/sec throughput.

Achieves low latency of 0.3 seconds per request.

Supports various consensus mechanisms and database configurations.

Abstract

Auditing provides an essential security control in computer systems, by keeping track of all access attempts, including both legitimate and illegal access attempts. This phase can be useful to the context of audits, where eventual misbehaving parties can be held accountable. Blockchain technology can provide trusted auditability required for access control systems. In this paper, we propose a distributed \ac{ABAC} system based on blockchain to provide trusted auditing of access attempts. Besides auditability, our system presents a level of transparency that both access requestors and resource owners can benefit from it. We present a system architecture with an implementation based on Hyperledger Fabric, achieving high efficiency and low computational overhead. The proposed solution is validated through a use case of independent digital libraries. Detailed performance analysis of our implementation is presented, taking into account different consensus mechanisms and databases. The experimental evaluation shows that our presented system can process 5,000 access control requests with the send rate of 200 per second and a latency of 0.3 seconds.