Skip to main content

Advertisement

Springer Nature Link
Log in

Dynamic fine-grained access control for smart contracts based on improved attribute-based signature

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Access control for smart contracts is the primary security mechanism for protecting users’ digital assets. However, existing solutions have defects in control granularity and flexibility, and a large number of resource-constrained blockchain nodes impose stringent and lightweight requirements on access control mechanisms. Therefore, achieving secure, efficient, and flexible access control for smart contracts has become a key issue that blockchain applications need to address. Based on the attribute-based access control model, this paper utilizes attribute-based signature (ABS) to achieve flexible and efficient access control for smart contracts. First, to solve the problem that existing ABS schemes are not suitable for resource-constrained blockchain nodes because they are mainly based on expensive bilinear pairing, a lightweight no-pairing attribute-based signature scheme called LABS is designed to make the signature size independent of the user’s attribute set and decouple the signature from the verification policy. Then, based on the LABS scheme, a smart contract-oriented access control mechanism (DSCABS) is proposed to ensure that only legitimate users whose attributes satisfy the access policy can be authorized to invoke smart contracts. Also, DSCABS supports dynamic updates of user rights and contract access policies without modifying or redeploying the smart contract. Finally, the effectiveness of the proposed scheme is verified by simulation experiments.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Algorithm 1
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

References

  1. Tanwar S, Gupta N, Kumar P, Hu Y-C (2023) Implementation of blockchain-based e-voting system. Multimedia Tools Appl

    Google Scholar 

  2. Chen Y, Bellavitis C (2020) Blockchain disruption and decentralized finance: the rise of decentralized business models. J Bus Ventur Insights 13:00151

    Article  Google Scholar 

  3. Chang V, Baudier P, Zhang H, Xu Q, Zhang J, Arami M (2020) How Blockchain can impact financial services—the overview, challenges and recommendations from expert interviewees. Forecast Soc Change 158:120166

    Article  Google Scholar 

  4. Zhang P, White J, Schmidt DC, Lenz G, Rosenbloom ST (2018) FHIRChain: applying blockchain to securely and scalably share clinical data. Comput Struct Biotechnol J 16:267–278

    Article  Google Scholar 

  5. Zou Y, Peng T, Wang G, Luo E, Xiong J (2023) Blockchain-assisted multi-keyword fuzzy search encryption for secure data sharing. J Syst Arch, p 102984

  6. Feist J, Grieco G, Groce A (2019) Slither: a static analysis framework for smart contracts. In: 2019 IEEE/ACM 2nd International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB), pp 8–15. IEEE, Montreal, QC, Canada

  7. Tsankov P, Dan A, Drachsler-Cohen D, Gervais A, Bünzli F, Vechev M (2018) Securify: practical security analysis of smart contracts. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp 67–82. ACM, Toronto Canada

  8. Wu X, Du X, Yang Q, Liu A, Wang N, Wang W (2023) TaintGuard: preventing implicit privilege leakage in smart contract based on taint tracking at abstract syntax tree level. J Syst Arch 141:102925

    Article  Google Scholar 

  9. Xue Y, Ma M, Lin Y, Sui Y, Ye J, Peng T (2020) Cross-contract static analysis for detecting practical reentrancy vulnerabilities in smart contracts. In: Proceedings of the 35th IEEE/ACM International Conference on Automated Software Engineering, pp 1029–1040. ACM, Virtual Event Australia

  10. Tikhomirov S, Voskresenskaya E, Ivanitskiy I, Takhaviev R, Marchenko E, Alexandrov Y (2018) SmartCheck: static analysis of ethereum smart contracts. In: Proceedings of the 1st International Workshop on Emerging Trends in Software Engineering for Blockchain, pp 9–16. ACM, Gothenburg Sweden

  11. Ghaleb A, Rubin J, Pattabiraman K (2023) AChecker: statically detecting smart contract access control vulnerabilities. In: 2023 IEEE/ACM 45th International Conference on Software Engineering (ICSE), pp 945–956. IEEE, Melbourne, Australia

  12. Liu B, Sun S, Szalachowski P (2020) Smacs: smart contract access control service. In: 2020 50th annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp 221–232

  13. Jannes K, Reniers V, Lenaerts W, Lagaisse B, Joosen W (2023) DEDACS: Decentralized and dynamic access control for smart contracts in a policy-based manner. In: Proceedings of the 38th ACM/SIGAPP Symposium on Applied Computing, pp 222–230. ACM, Tallinn Estonia

  14. Chatterjee A, Pitroda Y, Parmar M (2020) Dynamic Role-Based Access Control for Decentralized Applications. In: Chen Z, Cui L, Palanisamy B, Zhang L-J (eds) Blockchain—ICBC 2020 vol 12404, pp 185–197. Springer, Cham. Series Title: Lecture Notes in Computer Science

  15. Maji H, Prabhakaran M, Rosulek M (2008) Attribute-based signatures: achieving attribute-privacy and collusion-resistance. Cryptol ePrint Arch 2008:328

    Google Scholar 

  16. Goyal V, Pandey O, Sahai A, Waters B (2006) Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp 89–98. ACM, Alexandria Virginia USA

  17. Shanqing G, Yingpei Z (2008) Attribute-based Signature Scheme. In: 2008 International Conference on Information Security and Assurance (isa 2008), pp 509–511

  18. Su J, Cao D, Zhao B, Wang X, You I (2014) ePASS: an expressive attribute-based signature scheme with privacy and an unforgeability guarantee for the Internet of Things. Future Generat Comput Syst 33:11–18

    Article  Google Scholar 

  19. Gu K, Wang K, Yang L (2019) Traceable attribute-based signature. J Inf Security Appl 49:102400

    Google Scholar 

  20. Kang Z, Li J, Shen J, Han J, Zuo Y, Zhang Y (2023) TFS-ABS: traceable and forward-secure attribute-based signature scheme with constant-size. IEEE Trans Knowl Data Eng 35(9):9514–9530

    Article  Google Scholar 

  21. Zhang Z, Huang W, Cai S, Yang L, Liao Y, Zhou S (2022) An efficient reusable attribute-based signature scheme for mobile services with multi access policies in fog computing. Comput Commun 196:9–22

    Article  Google Scholar 

  22. Su Q, Zhang R, Xue R, Sun Y, Gao S (2023) Distributed attribute-based signature with attribute dynamic update for smart grid. IEEE Trans Ind Informat 19:9424–9435

    Article  Google Scholar 

  23. Hong H, Sun Z (2016) An efficient and secure attribute based signcryption scheme with LSSS access structure. SpringerPlus 5(1):644

    Article  Google Scholar 

  24. Hong H, Hu B, Sun Z (2021) An efficient and secure attribute-based online/offline signature scheme for mobile crowdsensing. Human-centric Comput Inf Sci 11:26

    Google Scholar 

  25. Di Francesco Maesa D, Mori P, Ricci L (2017) Blockchain Based Access Control. In: Chen LY, Reiser HP (eds) Distributed applications and interoperable systems, vol 10320. Springer, Cham, pp 206–220

    Chapter  Google Scholar 

  26. Di Francesco Maesa D, Mori P, Ricci L (2018) Blockchain Based Access Control Services. In: 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 1379–1386

  27. Di Francesco Maesa D, Mori P, Ricci L (2019) A blockchain based approach for the definition of auditable Access Control systems. Comput Security 84:93–119

    Article  Google Scholar 

  28. Di Francesco Maesa D, Lisi A, Mori P, Ricci L, Boschi G (2023) Self sovereign and blockchain based access control: supporting attributes privacy with zero knowledge. J Netw Comput Appl 212:103577

    Article  Google Scholar 

  29. Schiffl J, Weigl A, Beckert B (2023) Static capability-based security for smart contracts. In: 2023 IEEE International Conference on Decentralized Applications and Infrastructures (DAPPS), pp 110–117

  30. Töberg J-P, Schiffl J, Reiche F, Beckert B, Heinrich R, Reussner R (2022) Modeling and enforcing access control policies for smart contracts. In: 2022 IEEE International Conference on Decentralized Applications and Infrastructures (DAPPS), pp 38–47

  31. Access Control—OpenZeppelin Docs (2023). https://docs.openzeppelin.com/contracts/4.x/access-control Accessed 2023-09-17

  32. Ali IM, Lasla N, Abdallah MM, Erbad A (2023) SRP: an efficient runtime protection framework for blockchain-based smart contracts. J Netw Comput Appl 216:103658

    Article  Google Scholar 

  33. Bellare M, Neven G (2006) Multi-signatures in the plain public-Key model and a general forking lemma. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, pp 390–399. ACM, Alexandria Virginia USA

  34. Bellare M, Neven G (2017) New multi-signature schemes and a general forking lemma. https://api.semanticscholar.org/CorpusID:46807574

  35. Goswami S, Misra S, Mukesh M (2014) A replay attack resilient system for PKI based authentication in challenge-response mode for online application. In: 2014 3rd International Conference on Eco-friendly Computing and Communication Systems, pp 144–148. IEEE, Mangalore, India

Download references

Acknowledgements

This work was supported by the National Natural Science Foundation of China (Grant No. 62102449); the “Research on Inter-Domain Trust Management and Blockchain-based Service Technology,” a project of Henan Province’s leading science and technology innovation talents; the Key Research and Development and Promotion Program of Henan Province (Grant No. 222102210069).

Author information

Author notes

  1. Yang Qiantao, Liu Aodi, and Wang Wenjuan have contributed equally to this work.

Authors and Affiliations

  1. Henan Province Key Laboratory of Information Security, Information Engineering University, No.62, Science Avenue, Zhengzhou, 450001, Henan, China

    Wu Xiangyu, Du Xuehui, Yang Qiantao, Liu Aodi & Wang Wenjuan

  2. School of Cyber Science and Engineering, ZhengZhou University, No.100, Science Avenue, Zhengzhou, 450001, Henan, China

    Yang Qiantao

Authors
  1. Wu Xiangyu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Du Xuehui
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yang Qiantao
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Liu Aodi
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Wang Wenjuan
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

XW and XD wrote the main manuscript. XW and QY and AL conducted the experiment. WW conducted theoretical analysis and derivation. All authors reviewed the manuscript.

Corresponding author

Correspondence to Du Xuehui.

Ethics declarations

Conflict of interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Xiangyu, W., Xuehui, D., Qiantao, Y. et al. Dynamic fine-grained access control for smart contracts based on improved attribute-based signature. J Supercomput 81, 44 (2025). https://doi.org/10.1007/s11227-024-06570-3

Download citation

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11227-024-06570-3

Keywords