【Author】
Liu, Danyang; Dong, Anming; Yan, Biwei; Yu, Jiguo
【Source】2020 INTERNATIONAL CONFERENCE ON IDENTIFICATION, INFORMATION AND KNOWLEDGE IN THE INTERNET OF THINGS (IIKI2020)
【Abstract】Access control is a technology that can guarantee the security of information in network transmission, in which role-based access control is to separate the subject from the permission, and to assign the permission by distributing the corresponding role of the user. However, the traditional role-based access control scheme is generally centralized, the allocation of user's role lacks fine granularity, and there is static in the allocation of the role and permission, which is not consistent with the distributed and dynamic network architecture nowadays. Hence, we propose a dynamic and fine-grained role-based access control model DF-RBAC, which can realize the flexible assignment of roles by resource owners and security verification of assigned roles. Further, we take advantage of blockchain technology and cryptography technology to combine with the DF-RBAC framework to achieve access to the activity log security audit function, which can ensure the security of the overall architecture. By safety and experimental analysis, our framework has proved to be feasible. (C) 2021 The Authors. Published by Elsevier B.V. This is an open access article under the CC BY-NC-ND license (https://creativecommons.org/licenses/by-nc-nd/4.0) Peer-review under responsibility of the scientific committee of the International Conference on Identification, Information and Knowledge in the internet of Things, 2020.
【Keywords】Smart Contract; Blockchain; Fine-grained Authorization; Access Control; RBAC
评论