Distributed Attribute-Based Access Control System Using a Permissioned Blockchain

Auditing provides an essential security control in computer systems, by keeping track of all access attempts, including both legitimate and illegal access attempts. This phase can be useful to the context of audits, where eventual misbehaving parties can be held accountable. Blockchain technology can provide trusted auditability required for access control systems. In this paper, we propose a distributed \ac{ABAC} system based on blockchain to provide trusted auditing of access attempts. Besides auditability, our system presents a level of transparency that both access requestors and resource owners can benefit from it. We present a system architecture with an implementation based on Hyperledger Fabric, achieving high efficiency and low computational overhead. The proposed solution is validated through a use case of independent digital libraries. Detailed performance analysis of our implementation is presented, taking into account different consensus mechanisms and databases. The experimental evaluation shows that our presented system can process 5,000 access control requests with the send rate of 200 per second and a latency of 0.3 seconds.