Research On Cloud Data Access Control Technology Based On Smart Contract

Cloud service is an Internet-based computing service that provides information technology resources to end-users according to their requirements.One of the biggest hurdles in cloud service environments is data security,and uncontrolled access to data by users poses many important data security risks to end users.There are three delivery models for cloud services,IaaS(Infrastructure as a Service),PaaS(Platform as a Service),and SaaS(Software as a Service).We conduct a study on access control for cloud services under PaaS model,which mainly addresses the access control problem for enterprises deploying their business at cloud service providers.Specifically,the application of blockchain in traditional cloud services is studied in response to the problem of untrustworthy cloud service providers and users' urgent desire for transparency and controllability of their business.Blockchain is a new and popular technology with features such as transparency,decentralization,traceability,security,invariance,and automation,which have great potential for cloud system functionality enhancement and privacy security improvement.In this paper,we study the access control model of cloud services under blockchain based on smart contracts of blockchain,combine existing security privacy security technologies,design a new access control model of blockchain cloud services,and improve the new security and performance problems brought by the introduction of blockchain to cloud services.First,the limitations of traditional cloud service access control are analyzed from the perspective of existing centralized model of cloud services.The advantages of combining blockchain for cloud service access control are introduced.The access control model of cloud services in decentralized blockchain environment and the current research status of blockchain cloud services at home and abroad are introduced.Second,it addresses the problems of insufficient user control and single point of failure in data sharing in cloud services.This model takes Electronic Health Record(EHR)sharing as an example to show how to establish a credit assessment mechanism under the blockchain cloud service model to provide a trusted EHR sharing environment for patients,and how to use smart contracts to provide dynamic access control policy interface for patients.Third,the Trusted Cloud Service Access Control Model(TCS-ACM)is proposed to address the privacy and security of on-chain smart contracts.The model demonstrates the combination of Trusted Execution Environment(TEE)and blockchain technology to achieve secure,private,and efficient off-chain smart contract access control.That is,how to use TEE to ensure the privacy and efficient processing of smart contract access control,and how to combine on-chain smart contracts to help enterprises achieve business transparency and auditability.Fourth,it addresses data integrity issues such as data loss,tampering,and leakage of enterprise access control data at cloud service providers.We propose BT-ACS(Blockchain Token Cloud Service Access Control Model),which shows how to use TEE technology and Interplanetary File System(IPFS)to provide accidental recovery and problem traceability for enterprise's access control data at cloud service providers.The model shows how to use TEE technology and the Interplanetary File System(IPFS)to provide unexpected data recovery and problem tracing capabilities for enterprise access control data at cloud providers.