Popis: |
The blockchain-based access control mechanism (BACM) is gradually becoming an essential paradigm for solving dynamic and trusted access control problems in the open network environment. However, since the current open network environment has such features as dynamic variability and the uncertainty of user identity, most of the existing BACM cannot solve the access control problems in the current open network environment in a dynamic, flexible, proactive, efficient, and fine-grained approach. In this paper, we propose a novel BACM scheme to address such problems. Specifically, we first design a new, proactive, and fine-grained access control model, by utilizing the dynamicity and fine-grain of the attribute-based access control model, flexibility shown by the trust evaluation mechanism in evaluating the trust level of users, and proactivity shown by the game evaluation mechanism in curbing malicious users who suddenly launch malicious access requests. Second, based on the above access control model, we propose a dynamic, flexible, and proactive BACM for the current open network environment, exploiting the trustworthiness and transparency that the smart contract and the transaction mechanism in blockchain technology show during program execution. Further, a double sliding storage window is built, guaranteeing accurate data acquisition by BACM while efficiently allowing it to acquire time-sensitive data during the permission management process. Meanwhile, a pre-authorization concept is introduced to improve the efficiency and flexibility of BACM in processing access control problems. Security analysis demonstrates that our proposed BACM scheme satisfies the simple security issue and the simple availability issue. Experiments on a real user trust record dataset demonstrate the high effectiveness of the proposed BACM scheme in evaluating and deciding on access requests and the superiorities over most existing schemes in dynamicity, fine granularity, flexibility, and proactivity. |