{"title":"Distributed ledger technologies for authentication and access control in networking applications: A comprehensive survey","authors":"Fariba Ghaffari , Emmanuel Bertin , Noel Crespi , Julien Hatin","doi":"10.1016/j.cosrev.2023.100590","DOIUrl":null,"url":null,"abstract":"<div><p><span>The accelerated growth of networking technologies highlights the importance of Authentication and Access Control (AAC) as protection against associated attacks. Controlling access to resources, facilitating resource sharing, and managing user mobility are some of the notable capabilities provided by AAC methods. Centralized methods are the most common </span>deployment architectures, that can be threatened by several attacks at their central points. Emerging Distributed Ledger Technology (DLT) has attracted significant interest in the AAA community. The distributed nature of DLT and its immutability can bring unprecedented opportunities to resolve many of the challenges of conventional systems. We survey the state-of-the-art in deploying authentication and access control approaches via DLT for several networking use cases. More precisely, we explore DLT applications in (1) Authentication; (2) Access Control; and (3) Comprehensive AAC solutions. First, we present the challenges of centralized solutions and discuss the capability of DLT for their resolution. Then, we propose a taxonomy to categorize the existing methods. Analysis, comparison, and discussion on the advantages and disadvantages of these methods have been provided regarding different parameters such as DLT types, AAC approaches, security, reliability, scalability, etc. While DLT provides various benefits, several challenges remain for the migration to DLT-based AAC. In light of these general limitations, we propose some future directions, targeting the current lacunae and future needs.</p></div>","PeriodicalId":48633,"journal":{"name":"Computer Science Review","volume":"50 ","pages":"Article 100590"},"PeriodicalIF":13.3000,"publicationDate":"2023-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Science Review","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1574013723000576","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
The accelerated growth of networking technologies highlights the importance of Authentication and Access Control (AAC) as protection against associated attacks. Controlling access to resources, facilitating resource sharing, and managing user mobility are some of the notable capabilities provided by AAC methods. Centralized methods are the most common deployment architectures, that can be threatened by several attacks at their central points. Emerging Distributed Ledger Technology (DLT) has attracted significant interest in the AAA community. The distributed nature of DLT and its immutability can bring unprecedented opportunities to resolve many of the challenges of conventional systems. We survey the state-of-the-art in deploying authentication and access control approaches via DLT for several networking use cases. More precisely, we explore DLT applications in (1) Authentication; (2) Access Control; and (3) Comprehensive AAC solutions. First, we present the challenges of centralized solutions and discuss the capability of DLT for their resolution. Then, we propose a taxonomy to categorize the existing methods. Analysis, comparison, and discussion on the advantages and disadvantages of these methods have been provided regarding different parameters such as DLT types, AAC approaches, security, reliability, scalability, etc. While DLT provides various benefits, several challenges remain for the migration to DLT-based AAC. In light of these general limitations, we propose some future directions, targeting the current lacunae and future needs.
期刊介绍:
Computer Science Review, a publication dedicated to research surveys and expository overviews of open problems in computer science, targets a broad audience within the field seeking comprehensive insights into the latest developments. The journal welcomes articles from various fields as long as their content impacts the advancement of computer science. In particular, articles that review the application of well-known Computer Science methods to other areas are in scope only if these articles advance the fundamental understanding of those methods.