Dynamic Role-Based Access Control for Decentralized Applications

by   Arnab Chatterjee, et al.

Access control management is an integral part of maintaining the security of an application. Although there has been significant work in the field of cloud access control mechanisms, however, with the advent of Distributed Ledger Technology (DLT), on-chain access control management frameworks hardly exist. Existing access control management mechanisms are tightly coupled with the business logic, resulting in governance issues, non-coherent with existing Identity Management Solutions, low security, and compromised usability. We propose a novel framework to implement dynamic role-based access control for decentralized applications (dApps). The framework allows for managing access control on a dApp, which is completely decoupled from the business application and integrates seamlessly with any dApps. The smart contract architecture allows for the independent management of business logic and execution of access control policies. It also facilitates secure, low cost, and a high degree of flexibility of access control management. The proposed framework promotes decentralized governance of access control policies and efficient smart contract upgrades. We also provide quantitative and qualitative metrics for the efficacy and efficiency of the framework. Any Turing complete smart contract programming language is an excellent fit to implement the framework. We expect this framework to benefit enterprise and non-enterprise dApps and provide greater access control flexibility and effective integration with traditional and state of the art identity management solutions.


Attribute-Based Access Control for Smart Cities: A Smart Contract-Driven Framework

Efficient and reliable access control in smart cities is critical for th...

SMACS: Smart Contract Access Control Service

Although blockchain-based smart contracts promise a “trustless” way of e...

Smart Contract-Based Access Control for the Internet of Things

This paper investigates a critical access control issue in the Internet ...

Scalable Role-based Access Control Using The EOS Blockchain

Role-based access control (RBAC) policies represent the rights of subjec...

Blade: A Blockchain-supported Architecture for Decentralized Services

Decentralized services and applications provide a multitude of advantage...

Semantic Access Control for Privacy Management of Personal Sensing in Smart Cities

Personal and home sensors generate valuable information that could be us...

Using Constraint Programming and Graph Representation Learning for Generating Interpretable Cloud Security Policies

Modern software systems rely on mining insights from business sensitive ...

Please sign up or login with your details

Forgot password? Click here to reset