Capability and Blockchain-Based Fine-Grained and Flexible Access Control Model

Abstract

Currently, integrating blockchain into access control systems has become a new research trend. However, existing access control systems still have problems such as easy confusion of capability authorisation subjects, inflexible capability granting and revocation, insufficient granularity of capability, insecure capability transfer and lack of capability verification. To solve these problems, this work proposes Capability- & Blockchainbased Fine-grained and Flexible Access Control (CB2FAC), defines new capability authorisation rules, and designs an authorisation tree with capability revocation list to meet the needs of flexibility and timeliness of capability revocation. Finally, simulation experiments show that CB2FAC is flexible and secure in granting, revoking, granularity control and verification of capability, and significantly outperforms the existing schemes in terms of performance.