When dealing with cloud services, there are important security requirements that are highly recommended to be achieved, notably, access control. Cloud services have provided several mechanisms based on traditional solutions for access management. All have ultimately failed as forgery-proof methods. Reality is a word replete with unauthorized access breaches. Therefore, the need for new grounds for robust access management in cloud services is still urgently needed. In this paper, we stand on the blockchain technology to introduce the BC-ABAC as a reliable, flexible, transparent, and fine-grained access control that preserves user identity privacy and ensures accountability. To show the feasibility of the solution, we developed a prototype on a permissioned blockchain and we conducted some experiments to measure the scalability of the solution. Finally, we give a threat model analysis.
展开▼