Blockchain-based access control architecture for multi-domain environments

Abstract

Numerous users from diverse domains access information and perform various operations in multi-domain environments. These users have complex permissions that increase the risk of identity falsification, unauthorized access, and privacy breaches during cross-domain interactions. Consequently, implementing an access control architecture to prevent users from engaging in illicit activities is imperative. This paper proposes a novel blockchain-based access control architecture for multi-domain environments. By integrating the multi-domain environment within a federated chain, the architecture utilizes Decentralized Identifiers (DIDs) for user identification and relies on public/secret key pairs for operational execution. Verifiable credentials are used to authorize permissions and release resources, thereby ensuring authentication and preventing tampering and forgery. In addition, the architecture automates the authorization and access control processes through smart contracts, thereby eliminating human intervention. Finally, we performed a simulation evaluation of the architecture. The most time-consuming process had a runtime of 1074 ms, primarily attributed to interactions with the blockchain. Concurrent testing revealed that with a concurrency level of 2000 demonstrated that the response times for read and write operations were maintained within 1000 ms and 4600 ms, respectively. In terms of storage efficiency, except for user registration, which incurred two gas charges, all the other processes required only one charge.