| With the development of new computing models such as cloud computing,the Internet of Things,data has the characteristics of massive,dynamic,and distributed.At present,the traditional "centralized" access control mechanism shows that the implementation of access control policies is opaque,the inflexibility of dynamic data management and the poor autonomy of resource owners are insufficient to meet the needs of inter-domain interaction and sharing in new computing environments.In view of the above problems,an inter-domain access control model based on the ABAC model and the blockchain as an interactive method was proposed.Here are the main work of paper and the innovations:(1)Aiming at the "centralization" of interdomain access control,a decentralized access control model based on blockchain is proposed.Use the blockchain to store the access control policies of each security domain,and use smart contracts to implement the access control business logic.Compared with the traditional inter-domain access control,it effectively solves the policy decision opacity,single point of failure,low interaction sharing efficiency,and resource ownership.The problem of insufficient party autonomy ensures that the access control process and results are open,transparent,and verifiable,protects the policy from being maliciously tampered with,improves inter-domain interaction efficiency,and develops and maintains access control policies in a distributed manner across security domains.Domain autonomy;(2)Aiming at the problem that traditional access control mechanisms cannot meet the mass,dynamic,and distributed characteristics,the access control mechanisms of different domains are different,and in particular the description of similar resources in the same industry is different,which is not convenient for inter-domain interaction and sharing.Using a unified standard ABAC-based access control mechanism in the model,compared with traditional access control technologies,it can manage massive and dynamic data in a timely and effective manner.At the same time,each domain uses a unified attribute standard to customize policies according to its own security needs,taking into account uniformity.And diversity,each domain does not need to construct completely different access requests according to the policies of different resource domains,which further improves the efficiency of interaction and sharing between domains;(3)Aiming at the problem of low model blockchain transaction data retrieval efficiency,a method of blockchain transaction data retrieval based on Bloom Filter is proposed.Blockchain data cannot be changed or deleted.The blockchain will become larger and larger as the data grows,and the efficiency of data search will decrease as the chain grows.By implementing the Bloom Filter method in smart contracts and filtering block data with specific information as keywords,you can quickly determine whether the information is in this block and improve the efficiency of block transaction data retrieval;Finally,the key parts of the model are tested and analyzed based on the Hyperledger Fabric platform,and the feasibility and effectiveness of the model are verified. |
PDF Full Text Request