|
Content Assessment: Considering Access Control Policy Models? Blockchain for Access Control Systems (NIST)
Information - 92%
Insight - 93%
Relevance - 90%
Objectivity - 91%
Authority - 94%
92%
Excellent
A short percentage-based assessment of the qualitative benefit of the recently published report by NIST on blockchain and it potential use in network access control systems.
Background Note: The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the Nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analyses to advance the development and productive use of information technology. ITL’s responsibilities include the development of management, administrative, technical, and physical standards and guidelines for the cost-effective security and privacy of other than national security-related information in federal information systems. This document from NIST presents general information for blockchain access control systems from the views of blockchain system properties, components, functions, and supports for access control policy models.
NIST Interagency or Internal Report*
Blockchain for Access Control Systems
By Vincent, C Hu
Abstract
The rapid development and wide application of distributed network systems have made network security – especially access control and data privacy – ever more important. Blockchain technology offers features such as decentralization, high confidence, and tamper-resistance, which are advantages to solving auditability, resource consumption, scalability, central authority, and trust issues – all of which are challenges for network access control by traditional mechanisms. This document presents general information for blockchain access control systems from the views of blockchain system properties, components, functions, and supports for access control policy models. Considerations for implementing blockchain access control systems are also included.
Executive Summary
Access control is concerned with determining the allowed activities of legitimate users and mediating every attempt by a user to access a resource in the system. The objectives of an access control system are often described in terms of protecting system resources against inappropriate or undesired user access. From a business perspective, this objective could just as well be described in terms of the optimal sharing of information. As current information systems and network architectures evolve to be more lightweight, pervasive, and interactive – such as the cloud and Internet of Things (IoT) – there is need for an access control mechanism to support the requirements of decentralization, scalability, and trust for accessing objects, all of which are challenging for traditional mechanisms.
Blockchains are tamper-evident and tamper-resistant cryptographically linked blocks of data (which create digital ledgers) implemented in a distributed fashion (i.e., without a central repository) and usually without a central authority (i.e., a bank, company, or government). It uses replicated, shared, and synchronized digital blocks between the users of a private or public distributed computer network located in different sites or organizations. Blockchain can be utilized for access control systems as a trustable alternative for a single entity/organization or a member of a large-scale system to enforce access control policies. The robust, distributed nature of blockchain technology can overcome the limitations of traditional access control systems in a decentralized and efficient way. It is supported by the following infrastructural properties that are not included in traditional access control mechanisms unless specifically implemented:
-
Tamper-evident and tamper-resistant design prevents the alteration of access control data (i.e., attributes, policy rules, environment conditions, and access requests) and access control logs (i.e., request permissions and previous access control data) and reduces the probability of frauds.
-
The control of authorization processing is decentralized, and the storage of access control data/logs has no single point of failure, thus providing more system tolerance and availability.
-
The traceability of blocks allows access control data/logs and system states to be seen and tracked.
-
The execution of arbitrary programs in smart contracts allows for controls on distributed access control data and authorization processes.
-
Consensus mechanisms and protocols jointly regulate the participating access control entities/organizations in determining policy rules through blocks or smart contracts.
Read the original announcement.
Complete NIST Publication: Blockchain for Access Control Systems (PDF) – Mouseover to Scroll
NIST.IR.8403. - Blockchain for Access Control SystemsRead the original publication.
Additional Reading
- Beyond the Hypothetical? Artificial Intelligence as Evidence
- Cybersecurity Challenges for Artificial Intelligence: Considering the AI Lifecycle
Source: ComplexDiscovery