Collective access management

Distributed access control for co-owned resources

Master thesis (2021)

Authors

Ásta Magnúsdóttir Electrical Engineering, Mathematics and Computer Science

Contributors

Z. Erkin Cyber Security - (mentor)

Faculty

Electrical Engineering, Mathematics and Computer Science, Electrical Engineering, Mathematics and Computer Science

Blockchain Access control Collaborative ownership Supply chain management

To reference this document use:

http://resolver.tudelft.nl/uuid:db411f6b-dad0-4311-b98e-0d9f0167e2f9

More Info

expand_more

Published Date

29-10-2021

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Faculty

Electrical Engineering, Mathematics and Computer Science

Abstract

Swiss watches are known around the world as a luxury product. Due to the fact that the product is considered a status symbol of wealth the market for counterfeit watches is a continuing concern of the industry. Historically the watches have primarily been manufactured in Switzerland. In recent years, however, manufacturing is done all over the world due to the shortage of trained labour in Switzerland. The need for managing the flow of partial products and authenticity has therefore increased. Collaboration in supply chain management allows participants to obtain the benefits of cooperation using each other's expertise to develop a product. The benefits include the sharing of knowledge or resources to create products more economically than individually. Collaboration encounters challenges such as vast geological distances between participants and large amounts of shared information. In a supply chain, many participants contribute information about a resource. In our research scenario, the resource information is co-owned by all contributing participants and includes a range of relevant information such as transportation documents and product patents. Some of this information is private and should only be shared on a need-to-know basis. In our research, we aim to design a protocol that supports the privacy of each owner's partial access decision while maintaining verifiability in a distributed system. We achieve our goal by using an owner-controlled blockchain to create a shared platform for data control and access management. A part of the platform is a network of trusted operators to evaluate the access decision for each owner. Participants on the blockchain can make requests to the operators to access information. During an access request an operator requests the relevant access policy for the request, evaluates it and sends the result to the owner. The owner validates the results by signing the partial decision if they agree with the operator. The operators collect partial decisions of the owners before reaching a final decision using a consensus mechanism. All final access decisions are stored on a blockchain for verification.

Based on a comparative evaluation of the related work, we found that, to the best of our knowledge, this is the first protocol that designs and evaluates a blockchain-based access control system with the focus on verifiable access decisions of co-owned resources. In our evaluation, we found that the protocol performed efficiently regarding time and communication complexity but had a large memory overhead. We believe that the proposed problem and protocol has relevance in the real world in scenarios where many entities contribute and need access to information regarding a shared resource.

Files

Collective_access_management_m... (.pdf)

(.pdf | 5.84 Mb)