Blockchain Based Access Control Service

This paper presents a new design approach forAccess Control services leveraging smart contracts providedby blockchain technology. The key idea of our proposal is tocodify Access Control policies as executable smart contracts ona blockchain. This transforms the policy evaluation process intocompletely distributed smart contract executions. In our fullyblockchain based approach also the Attribute Managers requiredfor the evaluation of the Access Control policies are managed bythe blockchain, i.e., they are implemented as smart contracts aswell. To study the feasibility of our proposal we present a workingreference implementation using XACML policies and Soliditywritten smart contracts deployed on Ethereum. Finally weevaluate the advantages and drawbacks of the proposal, makingalso use of experimental results of our reference implementation.