DEDACS: Decentralized and dynamic access control for smart contracts in a policy-based manner

IF 0.4 Q4 COMPUTER SCIENCE, INFORMATION SYSTEMS
Kristof Jannes, Vincent Reniers, Wouter Lenaerts, B. Lagaisse, W. Joosen
{"title":"DEDACS: Decentralized and dynamic access control for smart contracts in a policy-based manner","authors":"Kristof Jannes, Vincent Reniers, Wouter Lenaerts, B. Lagaisse, W. Joosen","doi":"10.1145/3555776.3577676","DOIUrl":null,"url":null,"abstract":"Distributed Ledger Technology (DLTs) or blockchains have been steadily emerging and providing innovation in the past decade for several use cases, ranging from financial networks, to notarization, or trustworthy execution via smart contracts. DLTs are enticing due to their properties of decentralization, non-repudiation, and auditability (transparency). These properties are of high potential to access control systems that can be implemented on-chain, and are executed without infringement and full transparency. While it remains uncertain which use cases will truly turn out to be viable, many use cases such as financial transactions can benefit from integrating certain restrictions via access control on the blockchain. In addition, smart contracts may in the future present security risks that are currently yet unknown. As a solution, access control policies can provide flexibility in the execution flow when adopted by smart contracts. In this paper, we present our DEDACS architecture which provides decentralized and dynamic access control for smart contracts in a policy-based manner. Our access control is expressive as it features policies, and dynamic as the environment or users can be changed, or alternative policies can be assigned to smart contracts. DEDACS ensures that our access control preserves the desired properties of decentralization and transparency, while aiming to keep the costs involved as minimal as possible. We have evaluated DEDACS in the context of a Uniswap token-exchange platform, in which we evaluated the costs related to (i) the introduced overhead at deployment time and (ii) the operational overhead cost. DEDACS introduces a relative overhead of on average 52% at deployment time, and an operational overhead between 52% and 80% depending on the chosen policy and its complexity.","PeriodicalId":42971,"journal":{"name":"Applied Computing Review","volume":null,"pages":null},"PeriodicalIF":0.4000,"publicationDate":"2023-03-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Applied Computing Review","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3555776.3577676","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 1

Abstract

Distributed Ledger Technology (DLTs) or blockchains have been steadily emerging and providing innovation in the past decade for several use cases, ranging from financial networks, to notarization, or trustworthy execution via smart contracts. DLTs are enticing due to their properties of decentralization, non-repudiation, and auditability (transparency). These properties are of high potential to access control systems that can be implemented on-chain, and are executed without infringement and full transparency. While it remains uncertain which use cases will truly turn out to be viable, many use cases such as financial transactions can benefit from integrating certain restrictions via access control on the blockchain. In addition, smart contracts may in the future present security risks that are currently yet unknown. As a solution, access control policies can provide flexibility in the execution flow when adopted by smart contracts. In this paper, we present our DEDACS architecture which provides decentralized and dynamic access control for smart contracts in a policy-based manner. Our access control is expressive as it features policies, and dynamic as the environment or users can be changed, or alternative policies can be assigned to smart contracts. DEDACS ensures that our access control preserves the desired properties of decentralization and transparency, while aiming to keep the costs involved as minimal as possible. We have evaluated DEDACS in the context of a Uniswap token-exchange platform, in which we evaluated the costs related to (i) the introduced overhead at deployment time and (ii) the operational overhead cost. DEDACS introduces a relative overhead of on average 52% at deployment time, and an operational overhead between 52% and 80% depending on the chosen policy and its complexity.
dedecs:基于策略的智能合约去中心化动态访问控制
分布式账本技术(dlt)或区块链在过去十年中稳步出现,并为几个用例提供了创新,从金融网络到公证,或通过智能合约进行可信执行。分布式账本技术由于其去中心化、不可否认性和可审计性(透明度)的特性而具有吸引力。这些属性对于可以在链上实现的访问控制系统具有很高的潜力,并且执行时不会侵权且完全透明。虽然仍不确定哪些用例将真正可行,但许多用例(如金融事务)可以通过在区块链上的访问控制集成某些限制而受益。此外,智能合约未来可能会出现目前未知的安全风险。作为一种解决方案,当智能合约采用访问控制策略时,可以在执行流中提供灵活性。在本文中,我们提出了我们的dedecs架构,它以一种基于策略的方式为智能合约提供去中心化和动态的访问控制。我们的访问控制具有表现力,因为它具有策略,并且是动态的,因为环境或用户可以更改,或者可以将替代策略分配给智能合约。dedecs确保我们的访问控制保留了去中心化和透明度的期望属性,同时旨在尽可能降低所涉及的成本。我们在Uniswap令牌交换平台的背景下评估了DEDACS,其中我们评估了与(i)部署时引入的开销和(ii)运营开销相关的成本。DEDACS在部署时的相对开销平均为52%,根据所选择的策略及其复杂性,操作开销在52%到80%之间。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
Applied Computing Review
Applied Computing Review COMPUTER SCIENCE, INFORMATION SYSTEMS-
自引率
40.00%
发文量
8
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信