TY - JOUR
T1 - A Blockchain-Based Access Control Scheme for Zero Trust Cross-Organizational Data Sharing
AU - Gai, Keke
AU - She, Yufeng
AU - Zhu, Liehuang
AU - Choo, Kim Kwang Raymond
AU - Wan, Zhiguo
N1 - Publisher Copyright:
© 2023 Copyright held by the owner/author(s). Publication rights licensed to ACM.
PY - 2023/8/21
Y1 - 2023/8/21
N2 - Multi-organization data sharing is becoming increasingly prevalent due to the interconnectivity of systems and the need for collaboration across organizations (e.g., exchange of data in a supply chain involving multiple upstream and downstream vendors). There are, however, data security concerns due to lack of trust between organizations that may be located in jurisdictions with varying security and privacy legislation and culture (also referred to as a zero trust environment). Hence, in such a zero trust setting, one should introduce strengthened, yet efficient, access control mechanisms to facilitate cross-organizational data access and exchange requests. Contemporary access control schemes generally focus on protecting a single objective rather than multiple parties, due to higher security costs. In this article, we propose a blockchain-based access control scheme, designed to facilitate lightweight data sharing among different organizations. Specifically, our approach utilizes the consortium blockchain to establish a trustworthy environment, in which a Role-Based Access Control (RBAC) model is then deployed using our proposed multi-signature protocol and smart contract methods. Evaluation of our proposed approach is performed on the HyperLedger Fabric consortium blockchain platform using both Caliper and BFT-SMaRT benchmarks, and the findings demonstrate the utility of our approach.
AB - Multi-organization data sharing is becoming increasingly prevalent due to the interconnectivity of systems and the need for collaboration across organizations (e.g., exchange of data in a supply chain involving multiple upstream and downstream vendors). There are, however, data security concerns due to lack of trust between organizations that may be located in jurisdictions with varying security and privacy legislation and culture (also referred to as a zero trust environment). Hence, in such a zero trust setting, one should introduce strengthened, yet efficient, access control mechanisms to facilitate cross-organizational data access and exchange requests. Contemporary access control schemes generally focus on protecting a single objective rather than multiple parties, due to higher security costs. In this article, we propose a blockchain-based access control scheme, designed to facilitate lightweight data sharing among different organizations. Specifically, our approach utilizes the consortium blockchain to establish a trustworthy environment, in which a Role-Based Access Control (RBAC) model is then deployed using our proposed multi-signature protocol and smart contract methods. Evaluation of our proposed approach is performed on the HyperLedger Fabric consortium blockchain platform using both Caliper and BFT-SMaRT benchmarks, and the findings demonstrate the utility of our approach.
KW - Additional Key Words and PhrasesConsortium blockchain
KW - access control
KW - multi-organizational data sharing
KW - multi-signature
KW - zero trust
UR - http://www.scopus.com/inward/record.url?scp=85170571502&partnerID=8YFLogxK
U2 - 10.1145/3511899
DO - 10.1145/3511899
M3 - Article
AN - SCOPUS:85170571502
SN - 1533-5399
VL - 23
JO - ACM Transactions on Internet Technology
JF - ACM Transactions on Internet Technology
IS - 3
M1 - 38
ER -