Fabric Blockchain Access Control Mechanism Research And Security Middleware Development And Application

The blockchain uses a chain structure to store transaction data,and combined with cryptography technology can ensure that the data cannot be tampered with or forged,and has certain security.Fabric blockchain is a general-purpose blockchain platform with multiple institutions and multiple users.In order to improve the security of the Fabric blockchain and its applications,an access control mechanism needs to be introduced.This article analyzes the security requirements related to access control,designs and implements a set of access control solutions,mainly including the following modules:(1)CA user certificate management: Realize the management of Fabric users and certificates in middleware program,including user login,department management,user identity management and user certificate management.Extend user attributes on the basis of X509 and write the attributes into the certificate to further implement attribute-based access control.(2)Private data access control: Achieve the protection of private data between different organizations in the same channel.Expand the named private data collection according to the needs of different organizations,and realize the write control and read control of private data through the chaincode function and middleware program.(3)Chaincode function and key name key value access control: Design universal chain code and custom chaincode,the universal chaincode can meet the needs of most application,customize the chaincode for applications with special access control requirements.According to the user attribute,the user can be controlled to call different chaincode functions.Control user writing and reading of specific key name and key value based on user attributes,and further control multiple key value attributes.In order to protect user privacy,encrypt sensitive attributes in key values,analyze the problem of false protection in attribute encryption,and formulate corresponding solutions.Carry out safety function test on each module to verify the effectiveness and feasibility of the proposal.The test results show that the access control solution proposed in this paper can meet the access control requirements of practical applications and has certain versatility.