Decentralized User-Centric Access Control using PubSub over Blockchain
This addresses the need for secure and transparent data access control in decentralized systems, though it appears incremental as it builds on well-tested principles from distributed authorization and cryptocurrencies.
The paper tackles the problem of user-centric access control in decentralized environments by proposing a mechanism that empowers users to dictate access to their data collections, resulting in a practical, correct, auditable, transparent, distributed, and decentralized solution applicable to emerging domains like IoT and smart cities.
We present a mechanism that puts users in the center of control and empowers them to dictate the access to their collections of data. Revisiting the fundamental mechanisms in security for providing protection, our solution uses capabilities, access lists, and access rights following well-understood formal notions for reasoning about access. This contribution presents a practical, correct, auditable, transparent, distributed, and decentralized mechanism that is well-matched to the current emerging environments including Internet of Things, smart city, precision medicine, and autonomous cars. It is based on well-tested principles and practices used in a distributed authorization, cryptocurrencies, and scalable computing.