The paper entitled “Combining ID’s, Attributes, and Policies in Hyperledger Fabric” has been accepted for presentation at the 2nd EAI International Conference on Blockchain Technology and Emerging Applications (EAI BlockTEA 2022), that will be held in October 20-21, 2022 in Copenhagen, Denmark. In this work, UBITECH’s Dr Thanassis Giannetsos (Head, Digital Security & Trusted Computing Research Group) and his co-authors from Delft University of Technology proposes a more secure access control in Hyperledger Fabric blockchain by combining multiple ID’s, attributes, and policies with the components that regulate access control.
In particular, the access control system currently used by Hyperledger Fabric is first completely analyzed. Next, a new implementation is proposed that builds upon the existing solution but provides users and developers with easier ways to make access control decisions based on combinations of multiple ID’s, attributes, and policies. The proposed implementation encapsulates the Fabric CA client to facilitate attribute addition and simplify the process of registering and enrolling a newly created certificate (corresponding to a new user). This research, concludes that it is possible to combine multiple ID’s, attributes, and policies with the help of Hyperledger Fabric’s smart contract technology. Furthermore, it could be seen that the performance impact for real-world applications is negligible compared to the insecure case of always providing access to a resource without performing access control.
