skip to main content
10.1145/3041021.3053897acmotherconferencesArticle/Chapter ViewAbstractPublication PagesthewebconfConference Proceedingsconference-collections
research-article

DL-BAC: Distributed Ledger Based Access Control for Web Applications

Published: 03 April 2017 Publication History

Abstract

Since Internet based applications have become the norm for most users, security has become a bigger concern than ever before, especially for applications like social networking and cloud based storage. Access control is one of the key techniques that can mitigate security concerns for web based applications. However, most existing access control mechanisms require a trusted party, which are vulnerable to many threats including malicious insiders and single point failure. In response to these challenges, we propose DL-BAC, a novel access control system based on the distributed ledger. DL-BAC robustly enforces access control policies without depending on a single trusted party. We also provide an extension of DL-BAC that is privacy respecting and evaluate the performance of DL-BAC to show its practicability.

References

[1]
FIPS PUB 197: Advanced Encryption Standard, November 2001.
[2]
Carlisle Adams and Steve Lloyd. Understanding PKI: Concepts, Standards, and Deployment Considerations. Addison-Wesley Professional, 2003.
[3]
Abdulrahman Almutairi, Muhammad Sarfraz, Saleh Basalamah, Walid Aref, and Arif Ghafoor. A distributed access control architecture for cloud computing. IEEE software, 29(2):36, 2012.
[4]
Elisa Bertino, Claudio Bettini, Elena Ferrari, and Pierangela Samarati. A temporal access control mechanism for database systems. IEEE Transactions on knowledge and data engineering, 8(1):67--80, 1996.
[5]
Elisa Bertino, Sushil Jajodia, and Pierangela Samarati. Supporting multiple access control policies in database systems. In Security and Privacy, 1996. Proceedings., 1996 IEEE Symposium on, pages 94--107. IEEE, 1996.
[6]
Ian F. Blake, V. Kumar Murty, and Guangwu Xu. Refinements of Miller's algorithm for computing the weil/tate pairing. Journal of Algorithms, 58:134--149, February 2006.
[7]
Manuel Blum, Paul Feldman, and Silvio Micali. Non-interactive zero-knowledge and its applications. In Proceedings of the twentieth annual ACM symposium on Theory of computing, pages 103--112. ACM, 1988.
[8]
Vitalik Buterin. What proof of stake is and why it matters. Bitcoin Magazine, August, 26, 2013.
[9]
Jan Camenisch, Rafik Chaabouni, et al. Efficient protocols for set membership and range proofs. In International Conference on the Theory and Application of Cryptology and Information Security, pages 234--252. Springer, 2008.
[10]
Nicolas T Courtois, Pinar Emirdag, and Daniel A Nagy. Could bitcoin transactions be 100x faster? In Security and Cryptography (SECRYPT), 2014 11th International Conference on, pages 1--6. IEEE, 2014.
[11]
Ittay Eyal, Adem Efe Gencer, Emin Gün Sirer, and Robbert Van Renesse. Bitcoin-ng: A scalable blockchain protocol. In 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI 16), pages 45--59, 2016.
[12]
Eric Freudenthal, Tracy Pesin, Lawrence Port, Edward Keenan, and Vijay Karamcheti. dRBAC: distributed role-based access control for dynamic coalition environments. In Distributed Computing Systems, 2002. Proceedings. 22nd International Conference on, pages 411--420. IEEE, 2002.
[13]
Juan Garay, Aggelos Kiayias, and Nikos Leonardos. The Bitcoin backbone protocol: Analysis and applications. In Annual International Conference on the Theory and Applications of Cryptographic Techniques, pages 281--310. Springer, 2015.
[14]
Oded Goldreich, Silvio Micali, and Avi Wigderson. Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems. Journal of the ACM (JACM), 38(3):690--728, 1991.
[15]
Nozomi Hayase. The Blockchain and the Rise of Networked Trust. http://www.coindesk.com/blockchain-rise-networked-trust/, 2014.
[16]
Vincent C Hu, D Richard Kuhn, and David F Ferraiolo. Attribute-based access control. Computer, (2):85--88, 2015.
[17]
James BD Joshi, Walid G Aref, Arif Ghafoor, and Eugene H Spafford. Security models for web-based applications. Communications of the ACM, 44(2):38--44, 2001.
[18]
Sunny King. Primecoin: Cryptocurrency with prime number proof-of-work. 2013.
[19]
Peter L. Montgomery Kirsten EisentrĠger, Kristin Lauter. Fast elliptic curve arithmetic and improved Weil pairing evaluation. In Topics in Cryptology - CT-RSA 2003, volume 2612 of LNCS, 2003.
[20]
Andrew Yehuda Lindell. Anonymous authentication. Journal of Privacy and Confidentiality, 2(2):4, 2007.
[21]
Loi Luu, Viswesh Narayanan, Kunal Baweja, Chaodong Zheng, Seth Gilbert, and Prateek Saxena. SCP: a computationally-scalable byzantine consensus protocol for blockchains. Technical report, Cryptology ePrint Archive, Report 2015/1168, 2015.
[22]
Ian Miers, Christina Garman, Matthew Green, and Aviel D Rubin. Zerocoin: Anonymous distributed e-cash from bitcoin. In Security and Privacy (SP), 2013 IEEE Symposium on, pages 397--411. IEEE, 2013.
[23]
Victor S. Miller. The Weil pairing, and its efficient calculation. Journal of Cryptology, 17(4):235--261, September 2004.
[24]
Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system, 2008.
[25]
Lan Nguyen and Rei Safavi-Naini. Dynamic k-times anonymous authentication. In John Ioannidis, Angelos Keromytis, and Moti Yung, editors, Applied Cryptography and Network Security - ACNS 2005, volume 3531 of LNCS, pages 318--333. Springer, 2005.
[26]
Marc Pilkington. Blockchain technology: principles and applications. Research Handbook on Digital Transformations, edited by F. Xavier Olleros and Majlinda Zhegu. Edward Elgar, 2016.
[27]
Sushmita Ruj, Amiya Nayak, and Ivan Stojmenovic. DACC: Distributed access control in clouds. In 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications, pages 91--98. IEEE, 2011.
[28]
Sushmita Ruj, Milos Stojmenovic, and Amiya Nayak. Privacy preserving access control with authentication for securing data in clouds. In Cluster, Cloud and Grid Computing (CCGrid), 2012 12th IEEE/ACM International Symposium on, pages 556--563. IEEE, 2012.
[29]
Pierangela Samarati and Sabrina Capitani de Vimercati. Access control: Policies, models, and mechanisms. In International School on Foundations of Security Analysis and Design, pages 137--196. Springer, 2000.
[30]
Ravi S Sandhu, Edward J Coyne, Hal L Feinstein, and Charles E Youman. Role-based access control models. Computer, 29(2):38--47, 1996.
[31]
Ravi S Sandhu and Pierangela Samarati. Access control: principle and practice. Communications Magazine, IEEE, 32(9):40--48, 1994.
[32]
Eli Ben Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza. Zerocash: Decentralized anonymous payments from bitcoin. In 2014 IEEE Symposium on Security and Privacy, pages 459--474. IEEE, 2014.
[33]
Stuart Schechter, Todd Parnell, and Alexander Hartemink. Anonymous authentication of membership in dynamic groups. In International Conference on Financial Cryptography, pages 184--195. Springer, 1999.
[34]
Adi Shamir. How to share a secret. Communications of the ACM, 22:612--613, 1979.
[35]
Melanie Swan. Blockchain: Blueprint for a new economy. " O'Reilly Media, Inc.", 2015.
[36]
Tim Thomas. A mandatory access control mechanism for the unix file system. In Aerospace Computer Security Applications Conference, 1988., Fourth, pages 173--177. IEEE, 1988.
[37]
Sarah Underwood. Blockchain beyond bitcoin. Communications of the ACM, 59(11):15--17, 2016.
[38]
Marko Vukolić. The quest for scalable blockchain fabric: Proof-of-work vs. BFT replication. In International Workshop on Open Problems in Network Security, pages 112--125. Springer, 2015.
[39]
Lei Xu and Dongdai Lin. Refinement of Miller's algorithm over Edwards curves. In Josef Pieprzyk, editor, Topics in Cryptology - CT-RSA 2010, volume 5985 of LNCS, pages 106--118. Springer, 2010.
[40]
Shucheng Yu, Cong Wang, Kui Ren, and Wenjing Lou. Achieving secure, scalable, and fine-grained data access control in cloud computing. In Proceedings of the 29th conference on Information communications - INFOCOM 2010, pages 534--542. IEEE Press, 2010.
[41]
Guy Zyskind, Oz Nathan, et al. Decentralizing privacy: Using blockchain to protect personal data. In Security and Privacy Workshops (SPW), 2015 IEEE, pages 180--184. IEEE, 2015.

Cited By

View all
  • (2024)Blockchain-Based Reputation and Trust Management for Smart Grids, Healthcare, and Transportation: A ReviewIEEE Access10.1109/ACCESS.2024.352142812(196887-196913)Online publication date: 2024
  • (2023)A Distributed and Secure Self-Sovereign-Based Framework for Systems of SystemsSensors10.3390/s2317761723:17(7617)Online publication date: 2-Sep-2023
  • (2023)Harmonizing Access Control: A Unified Framework for Multi-Application Permission System Integration2023 5th International Academic Exchange Conference on Science and Technology Innovation (IAECST)10.1109/IAECST60924.2023.10502892(348-351)Online publication date: 8-Dec-2023
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
WWW '17 Companion: Proceedings of the 26th International Conference on World Wide Web Companion
April 2017
1738 pages
ISBN:9781450349147

Sponsors

  • IW3C2: International World Wide Web Conference Committee

In-Cooperation

Publisher

International World Wide Web Conferences Steering Committee

Republic and Canton of Geneva, Switzerland

Publication History

Published: 03 April 2017

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. distributed ledger
  2. security
  3. web application

Qualifiers

  • Research-article

Conference

WWW '17
Sponsor:
  • IW3C2

Acceptance Rates

WWW '17 Companion Paper Acceptance Rate 164 of 966 submissions, 17%;
Overall Acceptance Rate 1,899 of 8,196 submissions, 23%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)5
  • Downloads (Last 6 weeks)0
Reflects downloads up to 19 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Blockchain-Based Reputation and Trust Management for Smart Grids, Healthcare, and Transportation: A ReviewIEEE Access10.1109/ACCESS.2024.352142812(196887-196913)Online publication date: 2024
  • (2023)A Distributed and Secure Self-Sovereign-Based Framework for Systems of SystemsSensors10.3390/s2317761723:17(7617)Online publication date: 2-Sep-2023
  • (2023)Harmonizing Access Control: A Unified Framework for Multi-Application Permission System Integration2023 5th International Academic Exchange Conference on Science and Technology Innovation (IAECST)10.1109/IAECST60924.2023.10502892(348-351)Online publication date: 8-Dec-2023
  • (2022)Access Control using Blockchain: A Taxonomy and ReviewProceedings of the 6th International Conference on Information System and Data Mining10.1145/3546157.3546165(46-54)Online publication date: 27-May-2022
  • (2022)Distributed Self-Sovereign-Based Access Control SystemIEEE Security and Privacy10.1109/MSEC.2022.314890620:6(35-42)Online publication date: 1-Nov-2022
  • (2021)The impacts of artificial intelligence techniques in augmentation of cybersecurity: a comprehensive reviewComplex & Intelligent Systems10.1007/s40747-021-00494-88:2(1763-1780)Online publication date: 24-Aug-2021
  • (2020)Token-Based Access ControlIEEE Access10.1109/ACCESS.2020.29797468(54189-54199)Online publication date: 2020
  • (2019)Cyberbiosecurity Challenges of Pathogen Genome DatabasesFrontiers in Bioengineering and Biotechnology10.3389/fbioe.2019.001067Online publication date: 15-May-2019
  • (2019)EPICS: A Framework for Enforcing Security Policies in Composite Web ServicesIEEE Transactions on Services Computing10.1109/TSC.2018.279727712:3(415-428)Online publication date: 1-May-2019
  • (2019)The Game Among Bribers in a Smart Contract SystemFinancial Cryptography and Data Security10.1007/978-3-662-58820-8_20(294-307)Online publication date: 10-Feb-2019
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media