Decentralized access control using hyperledger fabric

Abstract

In traditional access control systems, all the access control mechanisms are centrally managed which is seriously vulnerable. It is susceptible to a single point of failure due to its centralized architecture. As the system security breaks down due to the compromised central authority, it will be a huge risk, opening the door for data breaches, illegal access, and exploitation of private data. This research mitigates these risks by suggesting the decentralized control of access control systems using Extensible Access Control Markup Language (XACML). It is appropriate to use XACML for this task because XACML is flexible, open source, and works well in compliance with many access control models. This research focuses on decentralizing the four components of XACML: Policy Enforcement Point, Policy Decision Point, Policy Administration Point and Policy Information Point via the incorporation of Hyperledger Fabric (HF), a permissioned blockchain system. In the proposed architecture, the access control is distributed by smart contracts or chaincodes in multiple nodes of the network eliminating the single point of failure. To evaluate the feasibility of implementation, the development of the system following the proposed architecture is also done using chaincode. The results from the test evaluation show that decentralized implementation of the four XACML components with the Hyperledger Fabric eliminates single point of failure, scalability issues, and data integrity in distributed systems. The decentralization of the XACML components will help to create a secure and decentralized access control architecture. This research lays the foundation for future investigation of strategic blockchain-based decentralized access control systems.