The 8th International Conference on Innovation and New Trends in

Information Technology

BTAC:
A Blockchain Technology Based Model for Access
Control
Amine RAHMANI , Amine ABBAS , Houssam DIB
Department of mathematics and computer science, faculty of sciences, university of Algiers 1 – Benyoucef
Benkhedda –, Algeria
Access control
❖ Access control models
➢ Using several techniques:
✓ SQL queries, operating systems, XML language …etc.
➢ Common points:
✓ Use access control matrices or capacity lists (the most used in modern systems).

❖ Problem:
What happens if the capacity list had been altered accidentally or
intentionally?
1
Blockchain

2
Blockchain
❖ Important points:
➢ Everybody participates in the process => everybody knows
about the transaction

➢ No body knows the real information in the transaction

❖ question:
What if everybody can validate the transaction without knowing about
the details? 3
Proposed approach
❖ Distribute the capacity list
on a set of entities (nodes) in
order to ensure a secured
and efficient decision
making

❖ System components:
✓ Nodes, requests and blocks

4
Proposed approach
Variable size
❖ request:

Type of the The hashed Address or

request version of information
- AltBlock the actual about the
- VerifBlock
block sender of the
- EvalAccess
request 5
Proposed approach
❖ block: Variable size

Capacity list in The hashed The hashed version of

actual node version of the previous block
the actual (received from
capacity list previous node)
6
Proposed approach
❖ Embedded in an update
request allowing changing
the values of the blocks
across all the chain

✓ Changing a hash means

changing the block => changing
the hash of the block

7
Proposed approach
❖ Consists of a request for
evaluation of an access
request within a specific
capacity list

8
Proposed approach
❖ Represents the main
objective between access
control and blockchain

❖ Consists of confirming the

result of EvalAccess
procedure

❖ All the nodes participate in

this. 9
Proposed approach
Communication between nodes

❖ Using one of the known techniques:

✓ Proof of Work (PoW)
✓ Proof of Stake (PoS)
✓ Delegated Proof of Stake (DPoS) (not really recommended)
✓ Proof-of-Authority (PoA) (not really recommended)
✓ Practical Byzantine Fault Tolerance (PBFT) (highly recommended)
✓ Zero knowledge proof (ZKP)

10
Evaluation of the proposed approach

❖ Blocks construction:
✓ Variable sizes but limited to the number of objects
✓ The passage between blocks does not mean necessarily that the size keeps growing
✓ Can be hard in case of extremely large systems with less nodes

❖ Blocks verification:
✓ It is not complex => depends by used hashing algorithm
✓ Each block contains the address or information related to the correspondent node
=> impossibility of imitating blocks’ hashes without having the same address
✓ Its security depends entirely by the chosen hash algorithm (a weapon of double-edged
sword) 11
Evaluation of the proposed approach

❖ communication:
✓ Depends on the authentication algorithm and consensus algorithm
✓ Failure of authentication means failure of the whole system (case of fault alerts)

❖ flexibility:
✓ Our model accepts sudden updates in nodes by executing an AltBlock procedure
✓ Sudden updates can be hard and takes lot of time

12