WO2018039722A1 - Dynamic access control on blockchain - Google Patents
Dynamic access control on blockchain Download PDFInfo
- Publication number
- WO2018039722A1 WO2018039722A1 PCT/AU2017/050928 AU2017050928W WO2018039722A1 WO 2018039722 A1 WO2018039722 A1 WO 2018039722A1 AU 2017050928 W AU2017050928 W AU 2017050928W WO 2018039722 A1 WO2018039722 A1 WO 2018039722A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- capability
- sender
- blockchain
- target
- access control
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3265—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate chains, trees or paths; Hierarchical trust model
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2145—Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy
Definitions
- Access control is an important feature of security in distributed systems, such as controlled information sharing across different departments in an enterprise and different companies in an industry. Different departments in a company often have different policies, different implementations of access control and legacy systems will frequently create issues with interoperability.
- a computer implemented method for dynamic access control by creating a capability where a capability is a secure reference to an object, where the capability is stored on a blockchain system comprising:
- the Confused Deputy Problem happens when a program which has access rights given to it for one purpose applies those access rights for some other purpose that is contrary to the original intent of the access rights, and therefore allows something that it should not allow.
- a classic example of this problem involves a program that is allowed to write into a directory, which contains a log file and billing information file. The program takes a parameter of a file to which it will write debugging information. A user can then supply the billing information file into the program and thus overwriting the billing information. This may not have been intended during system design, but if the program has the necessary access rights, it may perform this action, perhaps under malicious or erroneous user control.
- the invention is advantageous as it helps overcome this issue.
- one or more smart contract instances executing on the blockchain to: (a) receive a request from a sender to create a capability for the object;
- (d) store the capability for the object for the sender, wherein the capability can be used to dynamically determine access control for the object.
- one or more smart contract instances executing on the blockchain to:
- (d) store the capability for the object for the target, wherein the capability can be used to dynamically determine access control for the object.
- a computer implemented method for dynamic access control by revoking a capability where a capability is a secure reference to an object, where the capability is stored on a blockchain system comprises:
- one or more smart contract instances executing on the blockchain to:
- Fig. 2 illustrates a computer-implemented method for creating a capability.
- Fig. 3 illustrates a computer-implemented method for granting a capability.
- Fig. 4 illustrates a computer-implemented method for deleting a capability.
- Fig. 5 illustrates a computer-implemented method for revoking a capability.
- Fig. 6 illustrates a computer-implemented method for invoking a capability.
- Fig. 7 illustrates an example sender. Description of Embodiments
- the present invention generally relates to methods software and system for implementing dynamic access control on a blockchain system.
- the integrity of smart contracts ensures secure processing of the access control logic and management.
- Smart contracts form part of the computational infrastructure of many blockchain systems which can be used to perform, as well as store the history of, capability operations.
- transactions are aggregated into blocks.
- Each block contains a mathematical function calculation, called a hash, of the previous block.
- This mathematical function calculation is easy to calculate given a specific transaction but difficult to reverse given a specific hash. This represents a means to determine whether content in the transaction has been modified in any way.
- This creates a chain where any changes made to a block will change that block's hash, which must be recomputed and stored in the next block. This changes the hash of the next block, which must also be recomputed and so on until the end of the chain.
- each block is also linked to the previous block (the 'parent' block) by containing a reference the previous block.
- Each block is guaranteed to come after the previous block chronologically because the previous block's hash would otherwise not be known.
- Each block is also computationally impractical to modify once it has been in the chain for a while (typically in Bitcoin this is around 60 minutes or 6 blocks on average) because every block after it would also have to be regenerated.
- Smart contracts in a blockchain system are intended to replicate the legal concept of contracts. That is, where contracts are mutual agreements that impose obligations on the parties to the contract, a smart contract is a way of automatically imposing obligations or conditions on the transaction.
- Bitcoin and Ethereum (and most other blockchain systems) utilise scripts for the purpose of verifying transactions. It is possible that a smart contract can be implemented as a script and it would operate the same as the way a normal transaction would be verified.
- the term 'smart contract' is used interchangeably to refer to both the code that is used to execute a smart contract and the actual executing or executed smart contract.
- the term 'process instance' refers to the execution, and services provided by the smart contract.
- the term 'script' refers to the smart contract code that can be executed as a process instance.
- the current disclosure uses the term 'blockchain' to refer to actual blockchain itself (that is, the public shared ledger with blocks added sequentially).
- the current disclosure also uses the term blockchain in relation to a blockchain system and a blockchain network.
- the term 'blockchain system' is intended to refer to all the components that make the blockchain operate. This includes the wallet, code, transactions, the blockchain network, as well as the blockchain itself. Examples of blockchain systems used in the disclosure include Bitcoin and Ethereum. Where the term blockchain network is used (for example the Ethereum blockchain network), this is intended to refer to the computers running the blockchain code that are able to communicate with each other via a communications network such as the Internet.
- This component connects the blockchain process execution to the outside world.
- the interface makes available an external Application Programmable Interface (API) functions for a sender to call.
- API Application Programmable Interface
- a sender is a user process that initiates a capabilities operation.
- Capability' 158 and 'Invoke Capability' 159 may be process instances on the blockchain. These process instances handle much of the process logic of the creating, granting, deleting and revoking capabilities and may store the process state on the blockchain as well.
- a sender is the user process that initiates a capabilities operation.
- a capability is communicable, in the sense that it can be sent or communicated from one party to another party (such as a sender to a target or a user process to any other user process).
- the capability may be communicated as data much like any other communication. This allows for a user process to determine where the source of the capability came from.
- a capability is secure in that the system provides protection such that the object reference is not easy to copy or computationally infeasible to forge.
- the protection is enabled by the use of a blockchain system.
- the capabilities as protected object references can be created only, in one embodiment, through the use of privileged instructions in a smart contract which may be executed on the blockchain to give effect to the capability on the blockchain system.
- Fig.4 is an example method for a delete capability operation.
- the Dynamic Access Control Interface 150 receives 410 a request from a sender to delete a capability for an object.
- the Dynamic Access Control Interface 150 then calls the delete capability 156 process instance.
- the delete capability 156 process instance first determines 420 existence and ownership of the capability for the object for the sender. That is, the delete capability process instance ascertains what access rights the sender has for the object, and in particular it determines whether the sender is the owner.
- the delete capability process instance determines whether the access rights allow for the capability for the object to be deleted. That is, the delete capability process instance determines 430 whether the sender's access rights enable the sender to delete a capability for the object 140.
- the revoke capability process instance determines 530 whether the access rights for the sender for the object allow for the capability for the object for the target to be revoked. That is, the revoke capability process instance determines whether the sender' access rights enable the sender to revoke a capability for the object 140 for the target. Typically, if the sender is determined to be the owner of the object 140 then the sender would be able to revoke the capability for the object. Subsequently, the storage manager may remove 540 the capability. This is the step that removes the capability from the database.
- Bob 112 may wish to perform an activity on an object 140.
- the service resource owner will check that Bob is allowed to perform the activity by calling an invoke capability operation.
- the sender would be able to invoke the capability for the object.
- a smart contract has to be deployed before it can be executed.
- the compiled code of the script and the Application Binary Interface are required.
- the ABI defines how to interact with the Dynamic Access Control Interface 170.
- an API defines an interface for source code to be utilised
- an ABI defines the low-level binary interface between two or more pieces of software on a particular architecture.
- the ABI defines how the process instance will interact with itself, how the process instance interacts with the Ethereum network 150, and how the process instance 170 interacts with any code libraries.
- a compiler will typically produce both the compiled code and the ABI. Both the sender 120 and target 140 may have access to the ABI for the
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Automation & Control Theory (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims
Priority Applications (6)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2019531494A JP7019697B2 (en) | 2016-08-30 | 2017-08-30 | Dynamic access control on the blockchain |
AU2017320341A AU2017320341B2 (en) | 2016-08-30 | 2017-08-30 | Dynamic access control on blockchain |
CN201780053286.1A CN109691015B (en) | 2016-08-30 | 2017-08-30 | Dynamic access control method and system on block chain |
US16/328,159 US11153092B2 (en) | 2016-08-30 | 2017-08-30 | Dynamic access control on blockchain |
KR1020197004184A KR102480035B1 (en) | 2016-08-30 | 2017-08-30 | Dynamic Access Control on Blockchain |
EP17844684.5A EP3479519B1 (en) | 2016-08-30 | 2017-08-30 | Dynamic access control on blockchain |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU2016903450A AU2016903450A0 (en) | 2016-08-30 | Dynamic Access Rights on Blockchain | |
AU2016903450 | 2016-08-30 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2018039722A1 true WO2018039722A1 (en) | 2018-03-08 |
Family
ID=61299529
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/AU2017/050928 WO2018039722A1 (en) | 2016-08-30 | 2017-08-30 | Dynamic access control on blockchain |
Country Status (7)
Country | Link |
---|---|
US (1) | US11153092B2 (en) |
EP (1) | EP3479519B1 (en) |
JP (1) | JP7019697B2 (en) |
KR (1) | KR102480035B1 (en) |
CN (1) | CN109691015B (en) |
AU (1) | AU2017320341B2 (en) |
WO (1) | WO2018039722A1 (en) |
Cited By (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109190409A (en) * | 2018-09-14 | 2019-01-11 | 北京京东金融科技控股有限公司 | Record method, apparatus, equipment and the readable storage medium storing program for executing of information propagation path |
CN109828847A (en) * | 2019-01-25 | 2019-05-31 | 平安科技(深圳)有限公司 | Lock processing method, device, computer equipment and storage medium based on block chain |
WO2019185343A1 (en) * | 2018-03-25 | 2019-10-03 | British Telecommunications Public Limited Company | Access control |
EP3557496A1 (en) * | 2018-04-18 | 2019-10-23 | Chain IP Holdings, Inc. | Multiple layer smart-contract |
WO2019213100A1 (en) * | 2018-04-30 | 2019-11-07 | Liion Industries, Inc. | Power infrastructure security system |
US20190340013A1 (en) * | 2018-05-06 | 2019-11-07 | Strong Force TX Portfolio 2018, LLC | Transaction-enabled systems and methods for providing provable access to executable algorithmic logic in a distributed ledger |
JP2019200556A (en) * | 2018-05-16 | 2019-11-21 | 株式会社日立製作所 | Usage management method, usage management system, and node |
CN110622149A (en) * | 2018-11-30 | 2019-12-27 | 阿里巴巴集团控股有限公司 | Block chain data relation structure scheme based on binary log replication |
CN110807189A (en) * | 2019-11-15 | 2020-02-18 | 内蒙古大学 | Authority segmentation method in block chain access control |
EP3637342A1 (en) * | 2018-10-08 | 2020-04-15 | CTF Markets GmbH | Method and system for auditable and incentive compatible prevention of front-running |
US10824419B2 (en) | 2018-11-27 | 2020-11-03 | Alibaba Group Holding Limited | Function-as-a-service (FaaS) platform in blockchain networks |
EP3761588A4 (en) * | 2018-03-19 | 2021-01-13 | Huawei Technologies Co., Ltd. | Data access rights control method and device |
US10958421B2 (en) | 2018-11-20 | 2021-03-23 | International Business Machines Corporation | User access control in blockchain |
US11201726B2 (en) | 2019-05-02 | 2021-12-14 | International Business Machines Corporation | Multi-layered image encoding for data block |
US11250125B2 (en) | 2018-12-03 | 2022-02-15 | Ebay Inc. | Highly scalable permissioned block chains |
US11605127B2 (en) | 2018-05-06 | 2023-03-14 | Strong Force TX Portfolio 2018, LLC | Systems and methods for automatic consideration of jurisdiction in loan related actions |
US11888966B2 (en) | 2018-12-03 | 2024-01-30 | Ebay Inc. | Adaptive security for smart contracts using high granularity metrics |
US11899783B2 (en) | 2018-12-03 | 2024-02-13 | Ebay, Inc. | System level function based access control for smart contract execution on a blockchain |
US11982993B2 (en) | 2020-02-03 | 2024-05-14 | Strong Force TX Portfolio 2018, LLC | AI solution selection for an automated robotic process |
US12033092B2 (en) | 2019-11-22 | 2024-07-09 | Strong Force TX Portfolio 2018, LLC | Systems and methods for arbitrage based machine resource acquisition |
Families Citing this family (33)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10936721B1 (en) * | 2018-03-01 | 2021-03-02 | Amdocs Development Limited | System, method, and computer program for splitting and distributing a privileged software component into dependent components in order to deliver better security |
CN109074579B (en) | 2016-02-23 | 2022-10-11 | 区块链控股有限公司 | Method and system for protecting computer software using distributed hash table and blockchain |
EP3420669B1 (en) | 2016-02-23 | 2021-03-24 | Nchain Holdings Limited | Cryptographic method and system for secure extraction of data from a blockchain |
KR20180115293A (en) | 2016-02-23 | 2018-10-22 | 엔체인 홀딩스 리미티드 | Method and system for secure transmission of objects on a block chain |
CN108885741B (en) | 2016-02-23 | 2023-05-16 | 区块链控股有限公司 | Tokenization method and system for realizing exchange on block chain |
WO2017145004A1 (en) | 2016-02-23 | 2017-08-31 | nChain Holdings Limited | Universal tokenisation system for blockchain-based cryptocurrencies |
AU2017223138B2 (en) | 2016-02-23 | 2022-02-10 | nChain Holdings Limited | Method and system for efficient transfer of cryptocurrency associated with a payroll on a blockchain that leads to an automated payroll method and system based on smart contracts |
BR112018016821A2 (en) | 2016-02-23 | 2018-12-26 | Nchain Holdings Ltd | computer-implemented system and methods |
DK3257191T3 (en) | 2016-02-23 | 2018-07-23 | Nchain Holdings Ltd | REGISTER AND AUTOMATIC PROCEDURE FOR MANAGING BLOCKCHAIN FORCED SMART CONTRACTS |
SG11201806702XA (en) | 2016-02-23 | 2018-09-27 | Nchain Holdings Ltd | Personal device security using elliptic curve cryptography for secret sharing |
CN115549887A (en) | 2016-02-23 | 2022-12-30 | 恩链控股有限公司 | Determination of a common secret and hierarchical deterministic keys for the secure exchange of information |
SG11201806704TA (en) | 2016-02-23 | 2018-09-27 | Nchain Holdings Ltd | Blockchain-based exchange with tokenisation |
EP3862956B1 (en) | 2016-02-23 | 2024-01-03 | nChain Licensing AG | Secure multiparty loss resistant storage and transfer of cryptographic keys for blockchain based systems in conjunction with a wallet management system |
EP3754901A1 (en) | 2016-02-23 | 2020-12-23 | Nchain Holdings Limited | Blockchain implemented counting system and method for use in secure voting and distribution |
BR112018016782A2 (en) | 2016-02-23 | 2018-12-26 | Nchain Holdings Ltd | computer-implemented system and method configured to control a blockchain transfer |
EP3683707A4 (en) * | 2017-09-14 | 2020-10-14 | Sony Corporation | Information processing device, information processing method, and program |
SG11202003737XA (en) * | 2017-10-24 | 2020-05-28 | Tzero Group Inc | Federated personally identifiable information (pii) service |
TWI677213B (en) * | 2017-11-23 | 2019-11-11 | 財團法人資訊工業策進會 | Monitor apparatus, method, and computer program product thereof |
CN108492180B (en) * | 2018-02-14 | 2020-11-24 | 创新先进技术有限公司 | Asset management method and device and electronic equipment |
WO2019194267A1 (en) * | 2018-04-06 | 2019-10-10 | 日本電信電話株式会社 | Blockchain system, registration terminal, approval terminal, smart contract registration method, and smart contract registration program |
CN110249307B (en) | 2018-12-29 | 2022-05-31 | 创新先进技术有限公司 | System and method for executing native contracts on blockchains |
US10733152B2 (en) * | 2018-12-29 | 2020-08-04 | Alibaba Group Holding Limited | System and method for implementing native contract on blockchain |
CN118193137A (en) | 2019-03-26 | 2024-06-14 | 创新先进技术有限公司 | System and method for implementing different types of blockchain contracts |
CN110598454B (en) * | 2019-09-20 | 2021-07-06 | 腾讯科技(深圳)有限公司 | Data processing method and device in block chain, storage medium and computer equipment |
KR20210059547A (en) | 2019-11-15 | 2021-05-25 | 서강대학교산학협력단 | Blockchain network being capable of encryption based on a smart contract |
CN111291420B (en) * | 2020-01-21 | 2022-11-11 | 国家市场监督管理总局信息中心 | Distributed off-link data storage method based on block chain |
CN111327618B (en) * | 2020-02-25 | 2023-04-18 | 上海链民信息科技有限公司 | Precise access control method, device and system based on block chain |
CN111444524B (en) * | 2020-03-26 | 2023-11-10 | 广州智慧城市发展研究院 | Dynamic double-access control mechanism based on alliance chain |
CN114024700B (en) * | 2020-07-17 | 2024-03-26 | 中国电信股份有限公司 | Block chain-based data file access control method, medium and device |
CN114117507B (en) * | 2020-08-28 | 2024-01-30 | 中国电信股份有限公司 | Object storage system, access control method and device thereof, and storage medium |
GB202018919D0 (en) * | 2020-12-01 | 2021-01-13 | Smarter Contracts Ltd | Consent Management |
US11271716B1 (en) * | 2021-01-28 | 2022-03-08 | Emtruth, Inc. | Blockchain-based data management of distributed binary objects |
KR102549385B1 (en) * | 2022-11-03 | 2023-06-29 | 주식회사 커먼컴퓨터 | Method and system for providing data access control |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150127940A1 (en) * | 2013-11-05 | 2015-05-07 | Cellco Partnership D/B/A Verizon Wireless | Secure distributed information and password management |
US20160028552A1 (en) * | 2014-07-25 | 2016-01-28 | Blockchain Technologies Corporation | System and method for creating a multi-branched blockchain with configurable protocol rules |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5263157A (en) | 1990-02-15 | 1993-11-16 | International Business Machines Corporation | Method and system for providing user access control within a distributed data processing system by the exchange of access control profiles |
US8639625B1 (en) * | 1995-02-13 | 2014-01-28 | Intertrust Technologies Corporation | Systems and methods for secure transaction management and electronic rights protection |
JP3765191B2 (en) | 1998-09-21 | 2006-04-12 | 富士ゼロックス株式会社 | Object access control method |
US7685123B1 (en) | 2006-08-30 | 2010-03-23 | Network Appliance, Inc. | Method and system for controlling access to dynamically specified resources |
US8285990B2 (en) | 2007-05-14 | 2012-10-09 | Future Wei Technologies, Inc. | Method and system for authentication confirmation using extensible authentication protocol |
US20190005268A1 (en) | 2015-05-27 | 2019-01-03 | Vishal Gupta | Universal original document validation platform |
CN105488431B (en) * | 2015-11-30 | 2019-12-13 | 布比(北京)网络技术有限公司 | Block chain system authority management method and device |
CN105809062B (en) * | 2016-03-01 | 2019-01-25 | 布比(北京)网络技术有限公司 | A kind of building of contract executes method and device |
-
2017
- 2017-08-30 WO PCT/AU2017/050928 patent/WO2018039722A1/en unknown
- 2017-08-30 AU AU2017320341A patent/AU2017320341B2/en active Active
- 2017-08-30 US US16/328,159 patent/US11153092B2/en active Active
- 2017-08-30 CN CN201780053286.1A patent/CN109691015B/en active Active
- 2017-08-30 JP JP2019531494A patent/JP7019697B2/en active Active
- 2017-08-30 KR KR1020197004184A patent/KR102480035B1/en active IP Right Grant
- 2017-08-30 EP EP17844684.5A patent/EP3479519B1/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20150127940A1 (en) * | 2013-11-05 | 2015-05-07 | Cellco Partnership D/B/A Verizon Wireless | Secure distributed information and password management |
US20160028552A1 (en) * | 2014-07-25 | 2016-01-28 | Blockchain Technologies Corporation | System and method for creating a multi-branched blockchain with configurable protocol rules |
Non-Patent Citations (8)
Title |
---|
1 January 1984, ISBN: 97809323762210, article LEVY, H.M.: "Capability-Based Computer Systems", pages: 1 - 225, XP055155420 * |
ANONYMOUS: "Object-capability model", 2 January 2014 (2014-01-02), XP055592431, Retrieved from the Internet <URL:https://web.archive.org/web/2014010210561 0/https://en.wikipedia.org/wiki/Object- capability_model> * |
DENNIS, J.B. ET AL.: "Programming Semantics for Multiprogrammed Computations", vol. 9, 3 March 1966 (1966-03-03), Cambridge, Massachusetts, pages 143 - 155, XP058102728, Retrieved from the Internet <URL:https://www. princeton .edu/~rblee/ELE572Papers/Fal104Readings/ProgramSemantics_D ennisvanHorn. pdf> [retrieved on 20170922] * |
MILLER, M.S. ET AL.: "Paradigm Regained: Abstraction Mechanisms for Access Control ', SRL Technical Report SRL2003-03, Department of Computer Science", SUBMITTED TO THE EIGHTH ASIAN COMPUTING SCIENCE CONFERENCE (ASIAN'03, 10 December 2003 (2003-12-10), Mumbai India, XP055472575, Retrieved from the Internet <URL:http://srl.cs.jhu.edu/pubs/SRL2003-03 . pdf> [retrieved on 20170922] * |
SAYED HADI HASHEMI ET AL.: "World of Empowered IoT Users", 2016 IEEE FIRST INTERNATIONAL CONFERENCE ON INTERNET-OF-THINGS DESIGN AND IMPLEMENTATION (IOTDI, 1 April 2016 (2016-04-01), pages 13 - 24 |
See also references of EP3479519A4 |
ZYSKIND, G. ET AL., ENIGMA: DECENTRALIZED COMPUTATION PLATFORM WITH GUARANTEED PRIVACY, 10 June 2015 (2015-06-10), pages 1 - 14, XP055432153, Retrieved from the Internet <URL:https://arxiv.org/abs/1506.03471> [retrieved on 20170323] * |
ZYSKIND, G. ET AL.: "Decentralizing Privacy: Using Blockchain to Protect Personal Data", 2015 IEEE CS SECURITY AND PRIVACY WORKSHOPS, 21 May 2015 (2015-05-21), pages 180 - 184, XP055359413 * |
Cited By (64)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP3761588A4 (en) * | 2018-03-19 | 2021-01-13 | Huawei Technologies Co., Ltd. | Data access rights control method and device |
US11563569B2 (en) | 2018-03-19 | 2023-01-24 | Huawei Technologies Co., Ltd. | Method and apparatus for controlling data access right to data stored on a blockchain |
WO2019185343A1 (en) * | 2018-03-25 | 2019-10-03 | British Telecommunications Public Limited Company | Access control |
EP3557496A1 (en) * | 2018-04-18 | 2019-10-23 | Chain IP Holdings, Inc. | Multiple layer smart-contract |
WO2019213100A1 (en) * | 2018-04-30 | 2019-11-07 | Liion Industries, Inc. | Power infrastructure security system |
US11727504B2 (en) | 2018-05-06 | 2023-08-15 | Strong Force TX Portfolio 2018, LLC | System and method for automated blockchain custody service for managing a set of custodial assets with block chain authenticity verification |
US11715164B2 (en) | 2018-05-06 | 2023-08-01 | Strong Force TX Portfolio 2018, LLC | Robotic process automation system for negotiation |
US11928747B2 (en) | 2018-05-06 | 2024-03-12 | Strong Force TX Portfolio 2018, LLC | System and method of an automated agent to automatically implement loan activities based on loan status |
US11829907B2 (en) | 2018-05-06 | 2023-11-28 | Strong Force TX Portfolio 2018, LLC | Systems and methods for aggregating transactions and optimization data related to energy and energy credits |
US11829906B2 (en) | 2018-05-06 | 2023-11-28 | Strong Force TX Portfolio 2018, LLC | System and method for adjusting a facility configuration based on detected conditions |
US11823098B2 (en) | 2018-05-06 | 2023-11-21 | Strong Force TX Portfolio 2018, LLC | Transaction-enabled systems and methods to utilize a transaction location in implementing a transaction request |
US11727319B2 (en) | 2018-05-06 | 2023-08-15 | Strong Force TX Portfolio 2018, LLC | Systems and methods for improving resource utilization for a fleet of machines |
US20190340013A1 (en) * | 2018-05-06 | 2019-11-07 | Strong Force TX Portfolio 2018, LLC | Transaction-enabled systems and methods for providing provable access to executable algorithmic logic in a distributed ledger |
US11816604B2 (en) | 2018-05-06 | 2023-11-14 | Strong Force TX Portfolio 2018, LLC | Systems and methods for forward market price prediction and sale of energy storage capacity |
US11810027B2 (en) | 2018-05-06 | 2023-11-07 | Strong Force TX Portfolio 2018, LLC | Systems and methods for enabling machine resource transactions |
US11790286B2 (en) | 2018-05-06 | 2023-10-17 | Strong Force TX Portfolio 2018, LLC | Systems and methods for fleet forward energy and energy credits purchase |
US11790288B2 (en) | 2018-05-06 | 2023-10-17 | Strong Force TX Portfolio 2018, LLC | Systems and methods for machine forward energy transactions optimization |
US11605127B2 (en) | 2018-05-06 | 2023-03-14 | Strong Force TX Portfolio 2018, LLC | Systems and methods for automatic consideration of jurisdiction in loan related actions |
US11605125B2 (en) | 2018-05-06 | 2023-03-14 | Strong Force TX Portfolio 2018, LLC | System and method of varied terms and conditions of a subsidized loan |
US11610261B2 (en) | 2018-05-06 | 2023-03-21 | Strong Force TX Portfolio 2018, LLC | System that varies the terms and conditions of a subsidized loan |
US11625792B2 (en) | 2018-05-06 | 2023-04-11 | Strong Force TX Portfolio 2018, LLC | System and method for automated blockchain custody service for managing a set of custodial assets |
US11645724B2 (en) | 2018-05-06 | 2023-05-09 | Strong Force TX Portfolio 2018, LLC | Systems and methods for crowdsourcing information on loan collateral |
US11657339B2 (en) | 2018-05-06 | 2023-05-23 | Strong Force TX Portfolio 2018, LLC | Transaction-enabled methods for providing provable access to a distributed ledger with a tokenized instruction set for a semiconductor fabrication process |
US11657340B2 (en) | 2018-05-06 | 2023-05-23 | Strong Force TX Portfolio 2018, LLC | Transaction-enabled methods for providing provable access to a distributed ledger with a tokenized instruction set for a biological production process |
US11657461B2 (en) | 2018-05-06 | 2023-05-23 | Strong Force TX Portfolio 2018, LLC | System and method of initiating a collateral action based on a smart lending contract |
US11681958B2 (en) | 2018-05-06 | 2023-06-20 | Strong Force TX Portfolio 2018, LLC | Forward market renewable energy credit prediction from human behavioral data |
US11688023B2 (en) | 2018-05-06 | 2023-06-27 | Strong Force TX Portfolio 2018, LLC | System and method of event processing with machine learning |
US11790287B2 (en) | 2018-05-06 | 2023-10-17 | Strong Force TX Portfolio 2018, LLC | Systems and methods for machine forward energy and energy storage transactions |
US11710084B2 (en) | 2018-05-06 | 2023-07-25 | Strong Force TX Portfolio 2018, LLC | Transaction-enabled systems and methods for resource acquisition for a fleet of machines |
US11715163B2 (en) | 2018-05-06 | 2023-08-01 | Strong Force TX Portfolio 2018, LLC | Systems and methods for using social network data to validate a loan guarantee |
US11727505B2 (en) | 2018-05-06 | 2023-08-15 | Strong Force TX Portfolio 2018, LLC | Systems, methods, and apparatus for consolidating a set of loans |
US11727320B2 (en) | 2018-05-06 | 2023-08-15 | Strong Force TX Portfolio 2018, LLC | Transaction-enabled methods for providing provable access to a distributed ledger with a tokenized instruction set |
US11776069B2 (en) | 2018-05-06 | 2023-10-03 | Strong Force TX Portfolio 2018, LLC | Systems and methods using IoT input to validate a loan guarantee |
US11720978B2 (en) | 2018-05-06 | 2023-08-08 | Strong Force TX Portfolio 2018, LLC | Systems and methods for crowdsourcing a condition of collateral |
US11769217B2 (en) | 2018-05-06 | 2023-09-26 | Strong Force TX Portfolio 2018, LLC | Systems, methods and apparatus for automatic entity classification based on social media data |
US11763213B2 (en) | 2018-05-06 | 2023-09-19 | Strong Force TX Portfolio 2018, LLC | Systems and methods for forward market price prediction and sale of energy credits |
US11727506B2 (en) | 2018-05-06 | 2023-08-15 | Strong Force TX Portfolio 2018, LLC | Systems and methods for automated loan management based on crowdsourced entity information |
US11734774B2 (en) | 2018-05-06 | 2023-08-22 | Strong Force TX Portfolio 2018, LLC | Systems and methods for crowdsourcing data collection for condition classification of bond entities |
US11734619B2 (en) | 2018-05-06 | 2023-08-22 | Strong Force TX Portfolio 2018, LLC | Transaction-enabled systems and methods for predicting a forward market price utilizing external data sources and resource utilization requirements |
US11741402B2 (en) | 2018-05-06 | 2023-08-29 | Strong Force TX Portfolio 2018, LLC | Systems and methods for forward market purchase of machine resources |
US11741553B2 (en) | 2018-05-06 | 2023-08-29 | Strong Force TX Portfolio 2018, LLC | Systems and methods for automatic classification of loan refinancing interactions and outcomes |
US11741401B2 (en) | 2018-05-06 | 2023-08-29 | Strong Force TX Portfolio 2018, LLC | Systems and methods for enabling machine resource transactions for a fleet of machines |
US11741552B2 (en) | 2018-05-06 | 2023-08-29 | Strong Force TX Portfolio 2018, LLC | Systems and methods for automatic classification of loan collection actions |
US11763214B2 (en) | 2018-05-06 | 2023-09-19 | Strong Force TX Portfolio 2018, LLC | Systems and methods for machine forward energy and energy credit purchase |
US11748822B2 (en) | 2018-05-06 | 2023-09-05 | Strong Force TX Portfolio 2018, LLC | Systems and methods for automatically restructuring debt |
US11748673B2 (en) | 2018-05-06 | 2023-09-05 | Strong Force TX Portfolio 2018, LLC | Facility level transaction-enabling systems and methods for provisioning and resource allocation |
JP2019200556A (en) * | 2018-05-16 | 2019-11-21 | 株式会社日立製作所 | Usage management method, usage management system, and node |
CN109190409B (en) * | 2018-09-14 | 2020-09-01 | 京东数字科技控股有限公司 | Method, device, equipment and readable storage medium for recording information propagation path |
CN109190409A (en) * | 2018-09-14 | 2019-01-11 | 北京京东金融科技控股有限公司 | Record method, apparatus, equipment and the readable storage medium storing program for executing of information propagation path |
EP3637342A1 (en) * | 2018-10-08 | 2020-04-15 | CTF Markets GmbH | Method and system for auditable and incentive compatible prevention of front-running |
US10958421B2 (en) | 2018-11-20 | 2021-03-23 | International Business Machines Corporation | User access control in blockchain |
US10824419B2 (en) | 2018-11-27 | 2020-11-03 | Alibaba Group Holding Limited | Function-as-a-service (FaaS) platform in blockchain networks |
CN110622149A (en) * | 2018-11-30 | 2019-12-27 | 阿里巴巴集团控股有限公司 | Block chain data relation structure scheme based on binary log replication |
US11250125B2 (en) | 2018-12-03 | 2022-02-15 | Ebay Inc. | Highly scalable permissioned block chains |
US11809551B2 (en) | 2018-12-03 | 2023-11-07 | Ebay Inc. | Highly scalable permissioned block chains |
US11899783B2 (en) | 2018-12-03 | 2024-02-13 | Ebay, Inc. | System level function based access control for smart contract execution on a blockchain |
US11888966B2 (en) | 2018-12-03 | 2024-01-30 | Ebay Inc. | Adaptive security for smart contracts using high granularity metrics |
CN109828847A (en) * | 2019-01-25 | 2019-05-31 | 平安科技(深圳)有限公司 | Lock processing method, device, computer equipment and storage medium based on block chain |
CN109828847B (en) * | 2019-01-25 | 2023-09-01 | 平安科技(深圳)有限公司 | Block chain-based lock processing method, device, computer equipment and storage medium |
US11201726B2 (en) | 2019-05-02 | 2021-12-14 | International Business Machines Corporation | Multi-layered image encoding for data block |
CN110807189A (en) * | 2019-11-15 | 2020-02-18 | 内蒙古大学 | Authority segmentation method in block chain access control |
CN110807189B (en) * | 2019-11-15 | 2023-07-07 | 内蒙古大学 | Authority segmentation method in block chain access control |
US12033092B2 (en) | 2019-11-22 | 2024-07-09 | Strong Force TX Portfolio 2018, LLC | Systems and methods for arbitrage based machine resource acquisition |
US11982993B2 (en) | 2020-02-03 | 2024-05-14 | Strong Force TX Portfolio 2018, LLC | AI solution selection for an automated robotic process |
Also Published As
Publication number | Publication date |
---|---|
AU2017320341A1 (en) | 2019-02-14 |
US20190199531A1 (en) | 2019-06-27 |
KR102480035B1 (en) | 2022-12-21 |
AU2017320341B2 (en) | 2022-04-28 |
EP3479519A1 (en) | 2019-05-08 |
EP3479519A4 (en) | 2020-02-19 |
CN109691015B (en) | 2022-02-01 |
EP3479519B1 (en) | 2022-11-02 |
JP2019530109A (en) | 2019-10-17 |
CN109691015A (en) | 2019-04-26 |
US11153092B2 (en) | 2021-10-19 |
JP7019697B2 (en) | 2022-02-15 |
KR20190042567A (en) | 2019-04-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
AU2017320341B2 (en) | Dynamic access control on blockchain | |
JP7381625B2 (en) | Method and system for controlling contract execution using distributed hash table and peer-to-peer distributed ledger | |
JP7236992B2 (en) | Methods and systems implemented by blockchain | |
JP6877448B2 (en) | Methods and systems for guaranteeing computer software using distributed hash tables and blockchain | |
CN109074433B (en) | Method and system for verifying digital asset integrity using a distributed hash table and a peer-to-peer distributed ledger | |
Herbert et al. | A novel method for decentralised peer-to-peer software license validation using cryptocurrency blockchain technology | |
WO2021209052A1 (en) | Blockchain-based data processing | |
CN113255005B (en) | Block chain-based data asset circulation method, device and equipment | |
Ouaddah et al. | Harnessing the power of blockchain technology to solve IoT security & privacy issues. | |
CN110580413A (en) | Private data query method and device based on down-link authorization | |
CN111523110A (en) | Permission query configuration method and device based on chain codes | |
CN111814172A (en) | Method, device and equipment for acquiring data authorization information | |
Al-Bassam et al. | Airtnt: Fair exchange payment for outsourced secure enclave computations | |
EP4165573A1 (en) | Method, apparatus, and computer-readable medium for confederated rights and hierarchical key management | |
Hu et al. | Blockchain for access control systems | |
Baskaran et al. | A survey on privacy concerns in blockchain applications and current blockchain solutions to preserve data privacy | |
Chenli et al. | Provnet: Networked blockchain for decentralized secure provenance | |
CN115048672A (en) | Data auditing method and device based on block chain, processor and electronic equipment | |
Mahar et al. | TTECCDU: a blockchain-based approach for expressive authorization management | |
Mounnan et al. | Efficient distributed access control using blockchain for big data in clouds | |
Jahan et al. | Utilizing Hyperledger-Based Private Blockchain to Secure E-Passport Management | |
Tapas et al. | Toward Trustless Internet of Things: a Blockchain-based approach | |
McKay et al. | Cybersecurity Considerations in Blockchain-Based Solutions | |
Al Barakati | An Ownership-based IoT Security Model Using Blockchain. | |
CN114239056A (en) | Control method, device, medium and equipment of data access interface |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 17844684 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2017844684 Country of ref document: EP Effective date: 20190201 |
|
ENP | Entry into the national phase |
Ref document number: 20197004184 Country of ref document: KR Kind code of ref document: A |
|
ENP | Entry into the national phase |
Ref document number: 2017320341 Country of ref document: AU Date of ref document: 20170830 Kind code of ref document: A |
|
ENP | Entry into the national phase |
Ref document number: 2019531494 Country of ref document: JP Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |