71,456 research outputs found
Dynamic Role-Based Access Control for Decentralized Applications
Access control management is an integral part of maintaining the security of
an application. Although there has been significant work in the field of cloud
access control mechanisms, however, with the advent of Distributed Ledger
Technology (DLT), on-chain access control management frameworks hardly exist.
Existing access control management mechanisms are tightly coupled with the
business logic, resulting in governance issues, non-coherent with existing
Identity Management Solutions, low security, and compromised usability. We
propose a novel framework to implement dynamic role-based access control for
decentralized applications (dApps). The framework allows for managing access
control on a dApp, which is completely decoupled from the business application
and integrates seamlessly with any dApps. The smart contract architecture
allows for the independent management of business logic and execution of access
control policies. It also facilitates secure, low cost, and a high degree of
flexibility of access control management. The proposed framework promotes
decentralized governance of access control policies and efficient smart
contract upgrades. We also provide quantitative and qualitative metrics for the
efficacy and efficiency of the framework. Any Turing complete smart contract
programming language is an excellent fit to implement the framework. We expect
this framework to benefit enterprise and non-enterprise dApps and provide
greater access control flexibility and effective integration with traditional
and state of the art identity management solutions.Comment: 6 pages, 3 figures, 1 tabl
Mandate-driven networking eco-system : a paradigm shift in end-to-end communications
The wireless industry is driven by key stakeholders that follow a holistic approach of "one-system-fits-all" that leads to moving network functionality of meeting stringent End-to-End (E2E) communication requirements towards the core and cloud infrastructures. This trend is limiting smaller and new players for bringing in new and novel solutions. For meeting these E2E requirements, tenants and end-users need to be active players for bringing their needs and innovations. Driving E2E communication not only in terms of quality of service (QoS) but also overall carbon footprint and spectrum efficiency from one specific community may lead to undesirable simplifications and a higher level of abstraction of other network segments may lead to sub-optimal operations. Based on this, the paper presents a paradigm shift that will enlarge the role of wireless innovation at academia, Small and Medium-sized Enterprises (SME)'s, industries and start-ups while taking into account decentralized mandate-driven intelligence in E2E communications
Proof-of-Concept Application - Annual Report Year 2
This document first gives an introduction to Application Layer Networks and subsequently presents the catallactic resource allocation model and its integration into the middleware architecture of the developed prototype. Furthermore use cases for employed service models in such scenarios are presented as general application scenarios as well as two very detailed cases: Query services and Data Mining services. This work concludes by describing the middleware implementation and evaluation as well as future work in this area. --Grid Computing
ViotSOC: Controlling Access to Dynamically Virtualized IoT Services using Service Object Capability
Virtualization of Internet of Things(IoT) is a concept of dynamically
building customized high-level IoT services which
rely on the real time data streams from low-level physical
IoT sensors. Security in IoT virtualization is challenging,
because with the growing number of available (building
block) services, the number of personalizable virtual
services grows exponentially. This paper proposes Service
Object Capability(SOC) ticket system, a decentralized access
control mechanism between servers and clients to effi-
ciently authenticate and authorize each other without using
public key cryptography. SOC supports decentralized
partial delegation of capabilities specified in each server/-
client ticket. Unlike PKI certificates, SOC’s authentication
time and handshake packet overhead stays constant regardless
of each capability’s delegation hop distance from the
root delegator. The paper compares SOC’s security bene-
fits with Kerberos and the experimental results show SOC’s
authentication incurs significantly less time packet overhead
compared against those from other mechanisms based on
RSA-PKI and ECC-PKI algorithms. SOC is as secure as,
and more efficient and suitable for IoT environments, than
existing PKIs and Kerberos
- …