Bloccess: Enabling Fine-Grained Access Control Based on Blockchain

Access control is a fundamental security aspect and has been adopted in diverse systems. Particularly, fine-grained access control models present good flexibility and scalability to adapt to complicated systems. However, building a trustworthy fine-grained access control mechanism in untrustworthy distributed environments such as Internet of Things (IoT) environments is challenging. Conventional access control mechanisms encounter security and privacy issues caused by centralized entities, such as single point of failure and data tampering. To address these issues, we have proposed Bloccess, a fine-grained access control framework based on the consortium blockchain, in our previous work. By leveraging blockchain technology, we formulate a set of protocols to enforce a tamper-proof access control mechanism in untrustworthy distributed environments. In this paper, we refine our previous work and present the extended version of Bloccess. We optimize our protocols and extend them to support a hybrid blockchain structure. We also formulate complete identification protocols for the administration mechanism in Bloccess. Besides, we show Bloccess in practice with a Bloccess-enabled IoT system. Furthermore, we conduct a semi-formal analysis to prove the security properties of Bloccess and evaluate its security through a security model and a threat model.