Naučno-tehničeskij Vestnik Informacionnyh Tehnologij, Mehaniki i Optiki (Oct 2024)
Enhancing attribute-based access control with Ethereum and ZK-SNARK technologies
Abstract
Attribute Based Access Control (ABAC) is one the most efficient, scalable, and well used access control. It’s based on attributes not on users, but even when the users want to get access to some resource, they must submit their attributes for the verification process which may reveal the privacy of the users. Many research papers suggest blockchain-based ABAC which provides an immutable and transparent access control system. However, the privacy of the system may be compromised depending on the nature of the attributes. A Zero-Knowledge Proof, Ethereum-Based Access Control (ZK‑ABAC) is proposed in this paper to simplify the management of access to the devices/objects and provide an efficient and immutable platform that keeps track of all actions and access management and preserve the privacy of the attributes. Our ZK-ABAC model utilizes smart contracts to facilitate access control management, Zero-Knowledge Succinct Non- Interactive Argument of Knowledge (ZK-SNARK) protocol to add privacy to attributes, InterPlanetary File System (IPFS) network to provide distributed storage system, and Chainlink to manage communications and data between on/ off-chain systems. Comprehensive experiments and tests were conducted to evaluate the performance of our model, including the implementation of ZK-SNARK on the Ethereum blockchain. The results demonstrated the scalability challenges in the setup and proving phases, as well as the efficiency gains in the verification phase, particularly when scaled to higher numbers of users. These findings underscore the practical viability of our ZK-ABAC model for secure and privacy-preserving access control in decentralized environments.
Keywords
