Blockchain Based Auditable Access Control for Distributed Business Processes

机译：基于区块链接的商业流程的可审计访问控制

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

The use of blockchain technology has been proposed to provide auditable access control for individual resources. However, when all resources are owned by a single organization, such expensive solutions may not be needed. In this work we focus on distributed applications such as business processes and distributed workflows. These applications are often composed of multiple resources/services that are subject to the security and access control policies of different organizational domains. Here, blockchains can provide an attractive decentralized solution to provide auditability. However, the underlying access control policies may be overlapping in terms of the component conditions/rules, and simply using existing solutions would result in repeated evaluation of user’s authorization separately for each resource, leading to significant overhead in terms of cost and computation time over the blockchain. To address this challenge, we propose an approach that formulates a constraint optimization problem to generate an optimal composite access control policy. This policy is in compliance with all the local access control policies and minimizes the policy evaluation cost over the blockchain. The developed smart contract(s) can then be deployed to the blockchain, and used for access control enforcement. We also discuss how the access control enforcement can be audited using a game-theoretic approach to minimize cost. We have implemented the initial prototype of our approach using Ethereum as the underlying blockchain and experimentally validated the effectiveness and efficiency of our approach.

机译：已经提出了使用区块链技术为个别资源提供可审计访问控制。但是，当所有资源都由单个组织拥有时，可能不需要这种昂贵的解决方案。在这项工作中，我们专注于分布式应用程序，如业务流程和分布式工作流程。这些应用程序通常由多个资源/服务组成，这些资源/服务受到不同组织域的安全性和访问控制策略。在这里，Blockchains可以提供有吸引力的分散解决方案来提供令人互动性。然而，基础访问控制策略可能在组件条件/规则方面重叠，并且简单地使用现有解决方案将导致对每个资源分别对用户授权进行重复评估，从而在成本和计算时间方面具有重要的开销区块形。为了解决这一挑战，我们提出了一种方法，其制定了一个约束优化问题，以产生最佳的复合访问控制策略。此策略符合所有本地访问控制策略，并最大限度地减少区块链中的策略评估成本。然后可以将开发的智能合同部署到区块链，并用于访问控制执行。我们还讨论如何使用游戏理论方法进行审核，以最小化成本。我们已经实施了我们的方法的初始原型，以外地为潜在的区块链，通过实验验证了我们方法的效力和效率。

著录项

来源
《IEEE International Conference on Distributed Computing Systems》|2020年|12-22|共11页
会议地点
作者
Ahmed Akhtar; Basit Shafiq; Jaideep Vaidya; Ayesha Afzal; Shafay Shamail; Omer Rana;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Access control; Constraint optimization; Process control; Prototypes; Blockchain; Organizations; Distributed computing;

机译：访问控制;约束优化;过程控制;原型;区块链;组织;分布式计算;

相似文献

外文文献
中文文献
专利

1. A blockchain based approach for the definition of auditable Access Control systems [J] . Maesa Damiano Di Francesco, Mori Paolo, Ricci Laura Computers & Security . 2019,第JULa期

机译：用于定义可审计访问控制系统的基于区块链的方法
2. A blockchain based approach for the definition of auditable Access Control systems [J] . Maesa Damiano Di Francesco, Mori Paolo, Ricci Laura Computers & Security . 2019,第Jula期

机译：基于区块链接的审计访问控制系统的方法
3. Efficient logging and querying for blockchain-based cross-site genomic dataset access audit [J] . Shuaicheng Ma, Yang Cao, Li Xiong BMC Medical Genomics . 2020,第7期

机译：基于区块链的跨站点基因组数据集访问审核的高效日志记录和查询
4. Distributed Audit System of SDN Controller Based on Blockchain [C] . Zhenyu Guan, Hanzheng Lyu, Haibin Zheng, International conference on smart blockchain . 2019

机译：基于区块链的SDN控制器分布式审计系统
5. Blockchain-Inspired Architectures for Attribute-Based Access Control and Zero Knowledge Proof-Based Data Privacy [D] . Guo, Hao. 2020

机译：基于属性的访问控制和零知识证明的数据隐私的区块链接灵感架构
6. Blockchain Tree as Solution for Distributed Storage of Personal ID Data and Document Access Control [O] . Sergii Kushch, Yurii Baryshev, Silvio Ranise 2020

机译：BlockChain树作为个人ID数据和文档访问控制的分布式存储的解决方案
7. A blockchain based approach for the definition of auditable Access Control systems [O] . Damiano Di Francesco Maesa, Paolo Mori, Laura Ricci 2019

机译：基于区块链接的审计访问控制系统的方法

Blockchain Based Auditable Access Control for Distributed Business Processes

摘要

著录项

相似文献

相关主题

期刊订阅