Towards accountable and privacy-preserving blockchain-based access control for data sharing

• Published in: Journal of information security and applications Vol. 85; p. 103866
• Main Authors: Hu, Qiwei, Huang, Chenyu, Zhang, Guoqiang, Cai, Lingyi, Jiang, Tao
• Format: Journal Article
• Language: English
• Published: Elsevier Ltd 01.09.2024
• Subjects: Accountability; Anonymity; Attribute-based access control; Blockchain; Erasure coding; Zero knowledge proof; Anonymity; Attribute-based access control; Zero knowledge proof; Erasure coding; Accountability; Blockchain
• ISSN: 2214-2126
• DOI: 10.1016/j.jisa.2024.103866

The integration of blockchain technology with Access Control (AC) systems presents novel opportunities for enhancing data security within decentralized architectures, which is drawing increasing attention in Data Sharing (DS) applications. However, existing works reveal a gap in achieving accountability for anonymous access in the absence of a centralized trusted authority. To address this issue, this paper introduces InvisiReveal, a novel Blockchain-Based AC (BBAC) framework that achieves permission invisibility, access anonymity, and accountability without extra trust assumptions. Users in InvisiReveal generate anonymous credentials to authenticate their requests using Zero Knowledge Proof. To enable accountability, a novel blockchain-oriented verifiable commitment (BC-VC) protocol is designed that allows a user to commit a confidential traceable tag to the blockchain. The system could unveil a malicious requester’s identity by opening the tag commitment under collaboration with the victim user and blockchain. We implement a prototype of InvisiReveal to evaluate its practicality, where an access request is verified within 5 ms.