Browse > Article
http://dx.doi.org/10.13089/JKIISC.2021.31.3.341

User-Centric Access Control Service for Blockchain-Based Private Information Management  

Kim, Seung-Hyun (Korea National University of Education)
Kim, Soohyung (Electronics and Telecommunication Research Institute)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.31, no.3, 2021 , pp. 341-351 More about this Journal
Abstract
Recently, user-driven privacy control technology, such as distributed ID management, has been gaining attention. However, the existing blockchain-based access control studies have not provided a sufficient level of privacy control method to users. This paper proposes a method that combines permissioned blockchain technology and a recent privacy control standard. To allow users to participate in privacy control, a token-based user access control service that conforms to the UMA2 standard was applied to the blockchain dApp. By combining the blockchain and UMA2, the proposed method provides a user-centered privacy control function that the existing blockchain could not provide. In addition, we solved the problem of privacy, security, and availability of entities, which are the disadvantages of UMA2.
Keywords
Blockchain; Access Control; UMA; Hyperledger Fabric; privacy;
Citations & Related Records
연도 인용수 순위
  • Reference
1 N. Kaaniche and M. Laurent, "A Blockchain-Based Data Usage Auditing Architecture with Enhanced Privacy and Availability," IEEE 16th International Symposium on Network Computing and Applications (NCA), pp. 1-5, Oct. 2017.
2 Amazon, "Amazon Managed Blockchain now supports Hyperledger Fabric v1.4", Retrieved May. 2021, from https://aws.amazon.com/about-aws/whats-new/2020/09/amazon-managed-blockchain-now-supports-hyperledger-fabric-v1-4/.
3 IBM, "IBM Blockchain Platform," Retrie ved May. 2021, from https://marketplace.visualstudio.com/items?itemName=IBMBlockchain.ibm-blockchain-platform.
4 Seung-Hyun Kim and Soohyung Kim, "Analysis of Blockchain-based Access Control Technology," Electronics and Telecommunications Trends, Vol. 34 No. 4, pp. 117-128, Aug. 2019.
5 Voigt, P., and Von dem Bussche, A., "The EU General Data Protection Regulation (GDPR)," A Practical Guide, 1st Ed., Cham: Springer International Publishing, pp. 1-392, Aug. 2017.
6 Pew Research, "Privacy and Information Sharing," Retrieved May, 2021, from https://www.pewresearch.org/internet/2016/01/14/privacy-and-information-sharing/.
7 Maler, E., M. Machulak, and J. Richer., "User-Managed Access (UMA) 2.0.," Kantara Initiative, Kantara Published Specification, Jan. 2017.
8 Ouaddah, A., Abou Elkalam, A., and Ait Ouahman, A., "FairAccess: A New Blockchain-Based Access Control Framework for the Internet of Things," Security Communications. Network, vol. 9, no. 18, pp. 5943-5964, Feb. 2017.
9 Zhang, N., Li, J., Lou, W., and Hou, Y. T., "PrivacyGuard: Enforcing Private Data Usage with Blockchain and Attested Execution," Data Privacy Management, Cryptocurrencies and Blockchain Technology, Springer, pp. 345-353, Sep. 2018.
10 Zyskind, G., and Nathan, O., "Decentralizing Privacy: Using Blockchain to Protect Personal Data," IEEE Security Privacy Workshops, pp. 180-184, May. 2015.
11 Androulaki, E., Barger, A., Bortnikov, V., Cachin, C., Christidis, K., De Caro, A., and Muralidharan, S., "Hyperledger fabric: a distributed operating system for permissioned blockchains," Proceedings of the thirteenth EuroSys conference, pp. 1-15, Apr. 2018.
12 Thakkar, P., Nathan, S., and Viswanathan, B., "Performance benchmarking and optimizing hyperledger fabric blockchain platform," IEEE International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems (MASCOTS). pp. 264-276, Sep. 2018.
13 Hyperledger, "What's new in Hyperledger fabric v2.3", Retrieved May. 2021, from https://hyperledger-fabric.readthedocs.io/en/latest/whatsnew.html#what-s-new-inhyperledger-fabric-v2-3.