An Access Control Scheme Supporting Privacy Protection Based on Blockchain and Attribute

Abstract

With the large-scale application of cloud storage systems, lots of attribute-based access control (ABAC) schemes have been introduced to protect data and user security in this insecure environment. ABAC can make data owners control their own data and protect data security and privacy. However, there are two serious privacy leakage problems, namely user attribute privacy and policy privacy, should be solved in the process of constructing ABAC schemes. In this paper, an ABAC scheme supporting privacy protection is constructed, which can solve privacy leakage problems of user attribute privacy and policy privacy in large universe attribute system. Furthermore, a framework is proposed. The framework combines our ABAC scheme, the Ethereum blockchain and blockchain-based storage system. In this framework, the security characteristics of blockchain technology are used to realize decentralization, tamper-resistant and avoiding single point of failure. Besides, the problems of attribute revocation and policy updating are solved by smart contract on the Ethereum blockchain. Finally, we established an initial implementation on Linux and Rinkeby test network, and the experimental results show that our scheme is feasible.