An Access Control System Based On Blockchain For Decentralized Storage

The refined social division of labor and the rapid development of information technology have put forward urgent requirements for cross-enterprise information exchange and sharing.However,the lack of a unified organizational structure makes cross-enterprise sharing of data stored and managed in a decentralized manner face great security risks and efficiency issues.First,cross-enterprise data sharing requires the approval of administrators of each organization,which is a long process and low efficiency;Secondly,a trusted thirdparty access control system is needed to manage permissions,and third-party systems often have problems such as high cost and easy performance bottlenecks.The rise of blockchain technology with high reliability,high consistency,high reliability,traceability and decentralization provides a new way to solve the above problems.Based on a typical decentralized storage system and open source blockchain,a decentralized data access control system is designed and implemented to solve the security and efficiency problems caused by cross-enterprise data sharing.The specific work is as follows: 1)Based on the smart contract running on the blockchain,the trusted data access authorization and efficient access rights verification for the distributed storage system are designed and implemented,and the heavy rights management work is allocated to the file uploader.At the same time,it also avoids the centralized authority management system from becoming a system performance bottleneck.2)The role-based access control scheme is adopted,and the access control is divided into role assignment and file permission grant.By decoupling the access control process,the number of blockchain transactions that may be caused by data,permissions and user changes is reduced.In this way,the scalability defect of the blockchain can be avoided to become a system performance bottleneck.3)Combined with the traceability feature of blockchain,a data sharing flow diagram is constructed through smart contracts,data flow is recorded,and the size of the diagram is effectively reduced by the method of "recording during verification".The prototype system is implemented,and test cases are designed to verify the correctness of the main functions of the system,such as file upload,file acquisition,permission grant,role assignment,and file flow query.Based on the prototype system,the performance of the main functions of the system,such as file access and rights management,is tested.The experimental results show that the access delay brought by access control is acceptable.For example,when reading 2GB of data,the additional latency caused by access control does not exceed 1.12% of the data access latency.