Academic Journal
Distributed Access Control with Blockchain
| Title: | Distributed Access Control with Blockchain |
|---|---|
| Authors: | Paillissé Vilanova, Jordi, Subirà Nieto, Jordi, López Brescó, Albert, Rodríguez Natal, Alberto, Ermagan, Vina, Maino, Fabio, Cabellos Aparicio, Alberto |
| Source: | UPCommons. Portal del coneixement obert de la UPC Universitat Politècnica de Catalunya (UPC) |
| Publication Status: | Preprint |
| Publisher Information: | IEEE, 2019. |
| Publication Year: | 2019 |
| Subject Terms: | Networking and Internet Architecture (cs.NI), FOS: Computer and information sciences, Distributed databases, Authorisation, Computer Science - Cryptography and Security, Informàtica::Sistemes d'informació::Bases de dades [Àrees temàtiques de la UPC], Seguretat informàtica, 02 engineering and technology, 16. Peace & justice, Àrees temàtiques de la UPC::Informàtica::Seguretat informàtica, Cadena de blocs (Bases de dades), Computer Science - Networking and Internet Architecture, Blockchains (Databases), Informàtica::Seguretat informàtica [Àrees temàtiques de la UPC], Computer security, Àrees temàtiques de la UPC::Informàtica::Sistemes d'informació::Bases de dades, 0202 electrical engineering, electronic engineering, information engineering, Public key cryptography, Cryptography and Security (cs.CR) |
| Description: | The specification and enforcement of network-wide policies in a single administrative domain is common in today's networks and considered as already resolved. However, this is not the case for multi-administrative domains, e.g. among different enterprises. In such situation, new problems arise that challenge classical solutions such as PKIs, which suffer from scalability and granularity concerns. In this paper, we present an extension to Group-Based Policy -- a widely used network policy language -- for the aforementioned scenario. To do so, we take advantage of a permissioned blockchain implementation (Hyperledger Fabric) to distribute access control policies in a secure and auditable manner, preserving at the same time the independence of each organization. Network administrators specify polices that are rendered into blockchain transactions. A LISP control plane (RFC 6830) allows routers performing the access control to query the blockchain for authorizations. We have implemented an end-to-end experimental prototype and evaluated it in terms of scalability and network latency. 7 pages, 9 figures, 2 tables |
| Document Type: | Article Conference object |
| File Description: | application/pdf |
| DOI: | 10.1109/icc.2019.8761995 |
| DOI: | 10.48550/arxiv.1901.03568 |
| DOI: | 10.13039/501100011033 |
| Access URL: | https://arxiv.org/pdf/1901.03568 http://arxiv.org/abs/1901.03568 http://dblp.uni-trier.de/db/journals/corr/corr1901.html#abs-1901-03568 https://upcommons.upc.edu/handle/2117/329906 https://dblp.uni-trier.de/db/journals/corr/corr1901.html#abs-1901-03568 https://arxiv.org/abs/1901.03568 https://arxiv.org/pdf/1901.03568.pdf https://ieeexplore.ieee.org/document/8761995 |
| Rights: | IEEE Copyright arXiv Non-Exclusive Distribution |
| Accession Number: | edsair.doi.dedup.....ec9b94a8d09d4f466a0e7c4446b18052 |
| Database: | OpenAIRE |
Be the first to leave a comment!