Blockchain Empowered and Self-sovereign Access Control System

Lack of trustworthiness, access policy flexibility, and user privacy preservation in centralized access control systems raise numerous security issues and reduce the collaboration maturity of global data sharing systems. In this paper, we propose a Self-Sovereign Identity-based, Decentralized, and Dynamic (SSIDD) access control system. SSIDD utilizes blockchain technologies to build trust for untrusted data sharing networks and ensures user privacy. Our access control provides high access policy flexibility and security for global inter-enterprise collaborations from a diverse industrial environment. SSIDD authenticates its users based on their Decentralized Identifiers (DID), which are under control of users and can be resolved into a DID document stored on the blockchain. Our data management technology keeps the data sharing systems safe against issues such as data breaches, identity thefts, and privacy violations. Besides, the authorization process of SSIDD is dynamic by adopting several smart contracts. The transparency of rules and agreements in smart contracts and the traceability of records on blockchain ledger provide a high level of security and trust. For proof of concept, we have developed and evaluated a prototype of SSIDD. Our evaluations show that the throughput and latency of our method are within an acceptable range.