Title: Blockchain-based decentralised access control scheme for dynamic hierarchies

Authors: Gaurav Pareek; B.R. Purushothama

Addresses: Department of Computer Science and Engineering, National Institute of Technology Goa, Farmagudi, Ponda, Goa, India ' Department of Computer Science and Engineering, National Institute of Technology Goa, Farmagudi, Ponda, Goa, India

Abstract: Cryptographic hierarchical access control is widely employed in systems that manage data or resources. To meet scalability and high availability requirements, it is desirable that an access control scheme is decentralised in nature. Proposing a blockchain-based cryptographically decentralised access control scheme for dynamic hierarchies that is consistent with the standard centralised hierarchical access control model is the main focus of this paper. We use blockchain transactions, consensus and validation mechanisms as tools to achieve cryptographic decentralisation of hierarchical access control. Important highlight of the paper is that the proposed decentralised scheme does not compromise on performance and storage requirements of the standard centralised hierarchical key assignment schemes. In particular, the proposed scheme requires symmetric decryption operations for key derivation, is secure under strong key indistinguishability and features efficient dynamic update operations without any trusted third-party. Proposed is the first hierarchical key assignment scheme that features all the aforementioned properties.

Keywords: blockchain; decentralisation; hierarchical access control; dynamic; strong key indistinguishability; SKI; public-key encryption; symmetric encryption; transactions; consensus; provable security; information security.

DOI: 10.1504/IJICS.2021.118956

International Journal of Information and Computer Security, 2021 Vol.16 No.3/4, pp.324 - 354

Received: 21 Nov 2018
Accepted: 11 Jan 2019

Published online: 15 Nov 2021 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article