AuthPrivacyChain: A Blockchain-Based Access Control Framework With Privacy Protection in Cloud

Cloud is a computing model that provides sharing and supports ubiquitous on-demand access computing, providing new data processing and services for many industries, significantly reducing user computing and storage costs, and improving ease of use. With the development of cloud-scale and intensification, cloud security has become an essential issue in the field of cloud computing. Access control is one of the critical security technologies for protecting sensitive data stored in the cloud by enterprises and individuals. Since the centralized access control mechanism is adopted in the cloud, the sensitive data in the cloud are easy to be tampered with or leaked by hackers or cloud internal managers. To address this issue, we propose a blockchain-based access control framework with privacy protection called AuthPrivacyChain. Firstly, we use the account address of the node in blockchain as the identity, and at the same time, redefine the access control permission of data for the cloud, which is encrypted and stored in blockchain. After that, we design processes of access control, authorization, and authorization revocation in AuthPrivacyChain. Finally, we implement AuthPrivacyChain based on enterprise operation system (EOS), and the results show that AuthPrivacyChain can not only prevent hackers and administrators from illegally accessing resources, but also protect authorized privacy.

[1]  Mianxiong Dong,et al.  FCSS: Fog-Computing-based Content-Aware Filtering for Security Services in Information-Centric Social Networks , 2019, IEEE Transactions on Emerging Topics in Computing.

[2]  Hong Zhong,et al.  Multi-authority based weighted attribute encryption scheme in cloud computing , 2014, 2014 10th International Conference on Natural Computation (ICNC).

[3]  Shin-Jer Yang,et al.  Design Role-Based Multi-tenancy Access Control Scheme for Cloud Services , 2013, 2013 International Symposium on Biometrics and Security Technologies.

[4]  Long Chen,et al.  Block-secure: Blockchain based scheme for secure P2P cloud storage , 2018, Inf. Sci..

[5]  Sachin Shetty,et al.  ProvChain: A Blockchain-Based Data Provenance Architecture in Cloud Environment with Enhanced Privacy and Availability , 2017, 2017 17th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGRID).

[6]  Mehdi Shajari,et al.  A Usage Control Based Architecture for Cloud Environments , 2012, 2012 IEEE 26th International Parallel and Distributed Processing Symposium Workshops & PhD Forum.

[7]  Mohsen Guizani,et al.  MeDShare: Trust-Less Medical Data Sharing Among Cloud Service Providers via Blockchain , 2017, IEEE Access.

[8]  Jun Wu,et al.  Making Knowledge Tradable in Edge-AI Enabled IoT: A Consortium Blockchain-Based Efficient and Incentive Approach , 2019, IEEE Transactions on Industrial Informatics.

[9]  Pinki Roy,et al.  Secure and efficient data access control in cloud computing environment: A survey , 2016, Multiagent Grid Syst..

[10]  Sushmita Ruj,et al.  Privacy Preserving Access Control with Authentication for Securing Data in Clouds , 2012, 2012 12th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (ccgrid 2012).

[11]  Minlan Yu,et al.  CloudPolice: taking access control out of the network , 2010, Hotnets-IX.

[12]  David M. Nicol,et al.  A framework integrating attribute-based policies into role-based access control , 2012, SACMAT '12.

[13]  Xun Yi,et al.  Using Blockchain to Control Access to Cloud Data , 2018, Inscrypt.

[14]  Bo Jin,et al.  A blockchain-based process provenance for cloud forensics , 2017, 2017 3rd IEEE International Conference on Computer and Communications (ICCC).

[15]  Xiaohua Jia,et al.  Attributed-Based Access Control for Multi-authority Systems in Cloud Storage , 2012, 2012 IEEE 32nd International Conference on Distributed Computing Systems.

[16]  Giovanni Russello,et al.  Towards Blockchain-Based Scalable and Trustworthy File Sharing , 2018, 2018 27th International Conference on Computer Communication and Networks (ICCCN).

[17]  Fang Liu,et al.  NIST Cloud Computing Reference Architecture , 2011, 2011 IEEE World Congress on Services.

[18]  Cheng-Chi Lee,et al.  A Survey on Attribute-based Encryption Schemes of Access Control in Cloud Environments , 2013, Int. J. Netw. Secur..

[19]  Roberto Baldoni,et al.  Blockchain-Based Database to Ensure Data Integrity in Cloud Computing Environments , 2017, ITASEC.

[20]  Sachin Shetty,et al.  Consensus protocols for blockchain-based data provenance: Challenges and opportunities , 2017, 2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON).

[21]  Erich Schikuta,et al.  Bazaar-Blockchain: A Blockchain for Bazaar-Based Cloud Markets , 2018, 2018 IEEE International Conference on Services Computing (SCC).

[22]  Yu Guo,et al.  Multi-Tenancy Based Access Control in Cloud , 2010, 2010 International Conference on Computational Intelligence and Software Engineering.

[23]  Sachin Shetty,et al.  CloudPoS: A Proof-of-Stake Consensus Design for Blockchain Integrated Cloud , 2018, 2018 IEEE 11th International Conference on Cloud Computing (CLOUD).

[24]  Tang Chunming,et al.  Blockchain-Based Verification Scheme for Deletion Operation in Cloud , 2018 .

[25]  Xin Qi,et al.  Design and Performance Evaluation of Content-Oriented Communication System for IoT Network: A Case Study of Named Node Networking for Real-Time Video Streaming System , 2019, IEEE Access.

[26]  Miaowen Wen,et al.  MBID: Micro-Blockchain-Based Geographical Dynamic Intrusion Detection for V2X , 2019, IEEE Communications Magazine.

[27]  Zahir Tari,et al.  Security and Privacy in Cloud Computing: Vision, Trends, and Challenges , 2015, IEEE Cloud Computing.

[28]  Robert H. Deng,et al.  Outsourcing Service Fair Payment Based on Blockchain and Its Applications in Cloud Computing , 2018, IEEE Transactions on Services Computing.

[29]  Chen Wei Access control security model based on behavior in cloud computing environment , 2012 .

[30]  Sergey Zapechnikov,et al.  A blockchain-based access control system for cloud storage , 2018, 2018 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus).

[31]  Dijiang Huang,et al.  How to use attribute-based encryption to implement role-based access control in the cloud , 2013, Cloud Computing '13.

[32]  Zheng Wen,et al.  A key management scheme for secure communications of information centric advanced metering infrastructure in Smart Grid , 2014, 2014 International Conference on Power System Technology.

[33]  M. Aramudhan,et al.  Survey on access control issues in cloud computing , 2016, 2016 International Conference on Emerging Trends in Engineering, Technology and Science (ICETETS).

[34]  Rosli Salleh,et al.  A Survey on Cloud Computing Security , 2012, ArXiv.

[35]  Qiaoyan Wen,et al.  SaaS Access Control Research Based on UCON , 2012, 2012 Fourth International Conference on Digital Home.

[36]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[37]  Takuro Sato,et al.  Information-Centric Networking: Research and Standardization Status , 2019, IEEE Access.

[38]  Ali Kashif Bashir,et al.  Collaborative Trust Blockchain Based Unbiased Control Transfer Mechanism for Industrial Automation , 2020, IEEE Transactions on Industry Applications.

[39]  Mianxiong Dong,et al.  Fog-Computing-Enabled Cognitive Network Function Virtualization for an Information-Centric Future Internet , 2019, IEEE Communications Magazine.

[40]  Randy H. Katz,et al.  A view of cloud computing , 2010, CACM.

[41]  Wee Keong Ng,et al.  Blockchain-Based System for Secure Data Storage with Private Keyword Search , 2017, 2017 IEEE World Congress on Services (SERVICES).

[42]  John C. Grundy,et al.  An Analysis of the Cloud Computing Security Problem , 2016, APSEC 2010.