SlideShare a Scribd company logo
Australia’s National Science Agency
Modeling Multi-Layer
Access Control Policies of a
Hyperledger-Fabric-Based
Agriculture Supply Chain
rmat it correctly: Use the styles within this template
H.M.N. Dilum Bandara, Shiping Chen, Mark
Staples, and Yilin Sai
Data61, CSIRO
Sydney, Australia
Dilum.Bandara@csiro.au
• Blockchains’ transparency & immutability  Enhance traceability & trust in agriculture
supply chains
• Users worry about business confidentiality  Prefer to keep data off-chain
• Better clarity on “who can see what data”  Encourage active data contribution
• While blockchains are proposed for access control in other systems, no detailed study on
blockchain platforms’ access control
• Propose a process to model & verify such complex policies
• A case study of an agriculture traceability platform based on Hyperledger Fabric
• Model its 5 layers of multi-layered & multi-model access control policies
• Model & validate safeness of those policies using NIST’s access control rule logic circuit simulator
• Conduct a reflective privacy assessment to answer “which other participants can see my data?”
• Enhance supply chain participants’ confidence in storing data on-chain
Research Contribution
2 |
Q. Lu et al. (2021)
• Many use cases
• Provenance & traceability for food safety & biosecurity
• Supporting farmer cooperatives, agriculture finance, & precision agriculture
• Needs to ensure business confidentiality of data
• Direct competitors – Farmers
• Indirect competitors – Farmer & Distributor
• Permissioned blockchains can partly address such concerns
• Use multiple access control models spanning multiple layers
• However, it’s nontrivial to determine “who can see what data”
• Consequently, most data are kept off-chain
• Limits automation, efficiency, & real-time compliance enforcement
Blockchain in Agriculture
3 |
Q. Lu et al., “Integrated model‐driven engineering of blockchain applications for business processes and asset management,” Software: Practice and
Experience, 51(5), 2021, 1059-1079.
Supply Chain Scenario
• Derived from a real blockchain-
based traceability platform for an
agriculture supply chain
• Client
• A keystone company in the ecosystem
• Had the greatest exposure to regulatory
compliance risks
• Did the integration
• A consortium governs the platform
• Subset of parties hosted a blockchain node
• Others connected via API
• Build on-top of Hyperledger Fabric
using cloud-native technologies
4 |
Hyper Ledger Fabric
• A modular, permissioned, & open-source
blockchain framework
• Emphasizes data privacy & performance
• Logical partitioning of the ledger
1. Channels – Hides transactions from
non-members
2. Private Data Collections (PDCs) –
Hides data on a transaction
• Policy-driven access control
• Process 100s to 1,000 TPS under varying
conditions
• Applied in multiple horizontally &
vertically integrated supply chains
5 |
ABAC - Attribute-Based Access Control
ACL – Access Control List
PBAC - Policy-Based Access Control
RBAC - Role-Based Access Control
RBAC-A - RBAC, attribute centric
Gain supply chain participants’ confidence to contribute data &
actively engage in blockchain governance by answering:
1. How to model multi-model, multi-layer, & dynamic access control policies in
the traceability platform?
2. Are those policies free of conflicts & effective in ensuring data safeness?
3. Which other parties can see my data?
Goal
6 |
Modeling Access Control Policies
7 |
• Entities in a Fabric network have unique identities
• X.509 certificate
• An identity belongs to an organization & has a set of
attributes
• Organizational Unit (OU)
– Node OU – special OU used to confer a role on an identity
• Role
1. client – Invoke smart contracts
2. admin – Network management, Invoke smart contracts
3. peer – Maintain ledger, Endorse transactions by
executing & signing their results
4. orderer – Order transactions into blocks
• Union of identity & its attributes is called a principal
• Farmer.client
Subjects
8 |
Source: https://hyperledger-fabric.readthedocs.io
• Users issue transactions that invoke chaincodes
• Can also subscribe to blockchain events streams
• These endpoints are resources requiring access
control
• Fabric lists 19 resources in configtx.yaml
• Specified using component/resource format, e.g.,
• _lifecycle/CommitChaincodeDefinition
• event/Block
• Other resources that need protection
• Data in a smart contract
• Smart contract functions
• API endpoints
Objects
9 |
• Describe how an identity or role (aka., subject) may
access a resource (aka., object)
• Fabric defines 6 high-level actions
1. Readers – Read data
2. Writers – Write data
3. Admins – Administrative actions
4. Endorsement – Execute transactions & sign their results
5. LifecycleEndorsement – Endorsement related to lifecycle
management actions of a chaincode
6. BlockValidation – Packaging transactions into a block &
signing it
• Only read & write actions are distinguished at chaincode
& API layers
Actions
10 |
• A set of rules that defines how
decisions are made & specific
outcomes are reached
• Reflect business needs
• Fabric evaluates signatures attached to
a transaction & validates that they
fulfill access control needs
• 2 types of policies
1. Signature – Requires a transaction to
include explicit sign-off from principals
2. ImplicitMeta – Aggregates result of
policies deeper in a configuration tree
Policies
11 |
/Channel/Application/Endorsement:
Type: Signature
Rule: AND(Farmer.peer,
Processor.peer)
/Channel/Application/Admins:
Type: ImplicitMeta
Rule: MAJORITY Admins
…/Farmer/Admins …/Processor/Admins …/Client/Admins
(Any 2 organizations out of 3 can satisfy MAJORITY)
/Channel/Application/Farmer/Admins:
Type: Signature
Rule: OR(Farmer.admin)
Access Control Verification
12 |
• Focus on safety properties
• Fundamental security requirements on whether a policy leaks access permission to
unauthorized or unintended subjects
• 3 types of safety property violations (aka., faults)
1. Privilege leakage – A subject can access objects prohibited by security requirements
2. Privilege blocking – A subject’s legitimate access to an object is blocked
3. Privilege conflict – Multiple access control rules result in conflicting decisions
• Many tools to validate access control policies against safety properties
• Li et al. [18] compared 8 tools under 11 metrics
• We chose NIST’s Access Control Rule Logic Circuit Simulation (ACRLCS) technique
• Models policies as a hierarchically-designed digital logic circuit
• Supports static, dynamic, & historical access control models; separation of duty
• Real-time detection of privilege leakage, blocking, & conflicts
Verification Tool Section
13 | A. Li et al., “Evaluating the capability and performance of access control policy verification tools,” in 2015 IEEE Military Communications Conf.
(MILCOM), 2015, pp. 366–371.
• Channel & PDC membership as Boolean functions
• Compliance Manager (CM), Framer (FR), Processor (PR),
Transporter (TR), & Primary Consumer (PC) are in Post
Harvest PDC
• PDCPostHarvest = CM + FA + PR + TR + PC
• Default set of action-related policies in Fabric for
Compliance Manager organization
• Readers = CM.client + CM.admin + CM.peer
• Writers = CM.client + CM.admin
• Admins = CM.admin
• Endorsement = CM.peer
Representing Policies with ACRLCS
14 |
Representing Policies with ACRLCS (Cont.)
15 |
/Channel/Admins = MAJORITY Admins
/Channel/Application/Admins =
MAJORITY Admins
/Channel/Orderer/Admins =
MAJORITY Admins
CM BR AC DR FA PR CO
Admins = CM.admin
Similarly, AND gate can be used to link
hierarchical & multi-layer policies
• To detect faults, ACRLCS requires Grant & Deny circuits
• There’s a conflict if both Grant & Deny circuits result in logical 1
• Grant – admin role can change channel configuration
• Deny – client, peer, & orderer roles can’t change channel configuration
• When it’s difficult to specify security
properties either in a grant or deny circuit
• To detect privilege leakage, look for outputs
that result in 1 but should have been 0
• To detect privilege blocking, look for outputs
that result in 0 but should have been 1
Access Control Evaluation
16 |
_lifecycle/CommitChaincodeDefinition: /Channel/Application/Writers
Writers = CM.admin + CM.client
Grant
Deny
Even clients can
install chaincode
• Which other participants can see my
data?
• Assume the position of a potential
data accessor for the sake of
assessing the privacy implications of
access control policies
• A farmer (FA) may want to know how
the distributor (DR) sees their data
• Distributor can only see farmers inputs not
outputs
Reflective Privacy Assessment
17 |
PDCPreHarvest
PDCPostHarvest
Channel
• Enterprise blockchain-based applications adopt multi-layered & multi-model
access control policies
• Proposed a process to model & verify such policies to determine “who has access
to what data?”
• Demonstrated it using an agriculture tractability platform built on Hyperledger Fabric
• Used NIST’s ACRLCS technique to verify polices
• Identified 2 access control faults in Fabric’s default policies
• Used ACRLCS circuits simulation for reflective privacy assessment
• ACRLCS can capture a broader set of models  Our process could be applied to
other blockchain-based applications & frameworks
• Future work
• Model workflow access control as many business processes are enforced using smart
contracts
• Develop a test oracle to generate transactions to validate access control implementation of an
entire blockchain-based application
Summary
18 |
Australia’s National Science Agency
Dilum.Bandara@csiro.au
linkedin.com/in/dilumb/

More Related Content

What's hot

Blockchain testing strategy
Blockchain testing strategyBlockchain testing strategy
Blockchain testing strategy
rajni singh
 
Introduction to blockchains
Introduction to blockchainsIntroduction to blockchains
Introduction to blockchains
Adri Jovin
 
Attribute-Based Encryption for Cloud Security
Attribute-Based Encryption for Cloud SecurityAttribute-Based Encryption for Cloud Security
Attribute-Based Encryption for Cloud Security
Mphasis
 
Identity based proxy-oriented data uploading and remote data integrity checki...
Identity based proxy-oriented data uploading and remote data integrity checki...Identity based proxy-oriented data uploading and remote data integrity checki...
Identity based proxy-oriented data uploading and remote data integrity checki...
Finalyearprojects Toall
 
Kaleido Platform Overview and Full-stack Blockchain Services
Kaleido Platform Overview and Full-stack Blockchain ServicesKaleido Platform Overview and Full-stack Blockchain Services
Kaleido Platform Overview and Full-stack Blockchain Services
Peter Broadhurst
 
PPT FOR IDBSDDS SCHEMES
PPT FOR IDBSDDS SCHEMESPPT FOR IDBSDDS SCHEMES
PPT FOR IDBSDDS SCHEMES
Sahithi Naraparaju
 
Hyperledger Fabric
Hyperledger FabricHyperledger Fabric
Hyperledger Fabric
Murughan Palaniachari
 
Attribute based encryption with verifiable outsourced decryption
Attribute based encryption with verifiable outsourced decryptionAttribute based encryption with verifiable outsourced decryption
Attribute based encryption with verifiable outsourced decryption
IEEEFINALYEARPROJECTS
 
Multi-tenant Framework for SDN Virtualization
Multi-tenant Framework for SDN VirtualizationMulti-tenant Framework for SDN Virtualization
Multi-tenant Framework for SDN Virtualization
Hao Jiang
 
Attributes based encryption with verifiable outsourced decryption
Attributes based encryption with verifiable outsourced decryptionAttributes based encryption with verifiable outsourced decryption
Attributes based encryption with verifiable outsourced decryption
KaashivInfoTech Company
 
Blockchain Hyper Ledger Fabric : Bangkok Conference
Blockchain Hyper Ledger Fabric : Bangkok ConferenceBlockchain Hyper Ledger Fabric : Bangkok Conference
Blockchain Hyper Ledger Fabric : Bangkok Conference
Araf Karsh Hamid
 
Ibm blockchain - Hyperledger 15.02.18
Ibm blockchain - Hyperledger 15.02.18Ibm blockchain - Hyperledger 15.02.18
Ibm blockchain - Hyperledger 15.02.18
TelecomValley
 
Privacy preserving public auditing for regenerating-code-based cloud storage
Privacy preserving public auditing for regenerating-code-based cloud storagePrivacy preserving public auditing for regenerating-code-based cloud storage
Privacy preserving public auditing for regenerating-code-based cloud storage
parry prabhu
 
Advanced Cryptography for Cloud Security
Advanced Cryptography for Cloud SecurityAdvanced Cryptography for Cloud Security
Advanced Cryptography for Cloud Security
Neel Chakraborty
 
Privacy Preserving Public Auditing for Data Storage Security in Cloud
Privacy Preserving Public Auditing for Data Storage Security in Cloud Privacy Preserving Public Auditing for Data Storage Security in Cloud
Privacy Preserving Public Auditing for Data Storage Security in Cloud
Girish Chandra
 
Understanding blockchains
Understanding blockchainsUnderstanding blockchains
Understanding blockchains
Len Bass
 
IDC - Blockchain Threat Model
IDC - Blockchain Threat ModelIDC - Blockchain Threat Model
IDC - Blockchain Threat Model
PeteLind
 
Identity based distributed provable data possession in multicloud storage
Identity based distributed provable data possession in multicloud storageIdentity based distributed provable data possession in multicloud storage
Identity based distributed provable data possession in multicloud storage
ieeepondy
 
Blockchin architecture & use cases -part-2
Blockchin architecture & use cases -part-2Blockchin architecture & use cases -part-2
Blockchin architecture & use cases -part-2
Mohammad Asif
 
Privacy preserving public auditing for regenerating-code-based cloud storage
Privacy preserving public auditing for regenerating-code-based cloud storagePrivacy preserving public auditing for regenerating-code-based cloud storage
Privacy preserving public auditing for regenerating-code-based cloud storage
LeMeniz Infotech
 

What's hot (20)

Blockchain testing strategy
Blockchain testing strategyBlockchain testing strategy
Blockchain testing strategy
 
Introduction to blockchains
Introduction to blockchainsIntroduction to blockchains
Introduction to blockchains
 
Attribute-Based Encryption for Cloud Security
Attribute-Based Encryption for Cloud SecurityAttribute-Based Encryption for Cloud Security
Attribute-Based Encryption for Cloud Security
 
Identity based proxy-oriented data uploading and remote data integrity checki...
Identity based proxy-oriented data uploading and remote data integrity checki...Identity based proxy-oriented data uploading and remote data integrity checki...
Identity based proxy-oriented data uploading and remote data integrity checki...
 
Kaleido Platform Overview and Full-stack Blockchain Services
Kaleido Platform Overview and Full-stack Blockchain ServicesKaleido Platform Overview and Full-stack Blockchain Services
Kaleido Platform Overview and Full-stack Blockchain Services
 
PPT FOR IDBSDDS SCHEMES
PPT FOR IDBSDDS SCHEMESPPT FOR IDBSDDS SCHEMES
PPT FOR IDBSDDS SCHEMES
 
Hyperledger Fabric
Hyperledger FabricHyperledger Fabric
Hyperledger Fabric
 
Attribute based encryption with verifiable outsourced decryption
Attribute based encryption with verifiable outsourced decryptionAttribute based encryption with verifiable outsourced decryption
Attribute based encryption with verifiable outsourced decryption
 
Multi-tenant Framework for SDN Virtualization
Multi-tenant Framework for SDN VirtualizationMulti-tenant Framework for SDN Virtualization
Multi-tenant Framework for SDN Virtualization
 
Attributes based encryption with verifiable outsourced decryption
Attributes based encryption with verifiable outsourced decryptionAttributes based encryption with verifiable outsourced decryption
Attributes based encryption with verifiable outsourced decryption
 
Blockchain Hyper Ledger Fabric : Bangkok Conference
Blockchain Hyper Ledger Fabric : Bangkok ConferenceBlockchain Hyper Ledger Fabric : Bangkok Conference
Blockchain Hyper Ledger Fabric : Bangkok Conference
 
Ibm blockchain - Hyperledger 15.02.18
Ibm blockchain - Hyperledger 15.02.18Ibm blockchain - Hyperledger 15.02.18
Ibm blockchain - Hyperledger 15.02.18
 
Privacy preserving public auditing for regenerating-code-based cloud storage
Privacy preserving public auditing for regenerating-code-based cloud storagePrivacy preserving public auditing for regenerating-code-based cloud storage
Privacy preserving public auditing for regenerating-code-based cloud storage
 
Advanced Cryptography for Cloud Security
Advanced Cryptography for Cloud SecurityAdvanced Cryptography for Cloud Security
Advanced Cryptography for Cloud Security
 
Privacy Preserving Public Auditing for Data Storage Security in Cloud
Privacy Preserving Public Auditing for Data Storage Security in Cloud Privacy Preserving Public Auditing for Data Storage Security in Cloud
Privacy Preserving Public Auditing for Data Storage Security in Cloud
 
Understanding blockchains
Understanding blockchainsUnderstanding blockchains
Understanding blockchains
 
IDC - Blockchain Threat Model
IDC - Blockchain Threat ModelIDC - Blockchain Threat Model
IDC - Blockchain Threat Model
 
Identity based distributed provable data possession in multicloud storage
Identity based distributed provable data possession in multicloud storageIdentity based distributed provable data possession in multicloud storage
Identity based distributed provable data possession in multicloud storage
 
Blockchin architecture & use cases -part-2
Blockchin architecture & use cases -part-2Blockchin architecture & use cases -part-2
Blockchin architecture & use cases -part-2
 
Privacy preserving public auditing for regenerating-code-based cloud storage
Privacy preserving public auditing for regenerating-code-based cloud storagePrivacy preserving public auditing for regenerating-code-based cloud storage
Privacy preserving public auditing for regenerating-code-based cloud storage
 

Similar to Modeling Multi-Layer Access Control Policies of a Hyperledger-Fabric-Based Agriculture Supply Chain

Block chain fundamentals and hyperledger
Block chain fundamentals and hyperledgerBlock chain fundamentals and hyperledger
Block chain fundamentals and hyperledger
sendhilkumarks
 
BlockChain-1.pptx
BlockChain-1.pptxBlockChain-1.pptx
BlockChain-1.pptx
HussainPashaShaik1
 
Design patterns
Design patternsDesign patterns
Design patterns
ACCESS Health Digital
 
Lecture27 cc-security2
Lecture27 cc-security2Lecture27 cc-security2
Lecture27 cc-security2
Ankit Gupta
 
The Role of Blockchain in Future Integrations
The Role of Blockchain in Future IntegrationsThe Role of Blockchain in Future Integrations
The Role of Blockchain in Future Integrations
Srinath Perera
 
Cloud security issues and concerns
Cloud security   issues and concernsCloud security   issues and concerns
Cloud security issues and concerns
Mrinal Baowaly
 
Myths of validation
Myths of validationMyths of validation
Myths of validation
Jeff Thomas
 
Alliance Compant Presentation
Alliance Compant PresentationAlliance Compant Presentation
Alliance Compant Presentation
Alliance Tech Solution Pvt Ltd
 
Lessson 1
Lessson 1Lessson 1
Data Domain-Driven Design
Data Domain-Driven DesignData Domain-Driven Design
Data Domain-Driven Design
Kiran Kumar Chittoori
 
Kolegov tkachenko-Non-Invasive Elimination of Logical Access Control Vulnerab...
Kolegov tkachenko-Non-Invasive Elimination of Logical Access Control Vulnerab...Kolegov tkachenko-Non-Invasive Elimination of Logical Access Control Vulnerab...
Kolegov tkachenko-Non-Invasive Elimination of Logical Access Control Vulnerab...
Positive Hack Days
 
Identity Management Standardization in the cloud computing
Identity Management Standardization in the cloud computingIdentity Management Standardization in the cloud computing
Identity Management Standardization in the cloud computing
OmerZia11
 
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
Denny Lee
 
3 the system architecture
3 the system architecture3 the system architecture
3 the system architecture
javadch
 
Non-Invasive Elimination of Logical Access Control Vulnerabilities in Web A...
Non-Invasive Elimination of  Logical Access Control  Vulnerabilities in Web A...Non-Invasive Elimination of  Logical Access Control  Vulnerabilities in Web A...
Non-Invasive Elimination of Logical Access Control Vulnerabilities in Web A...
Denis Kolegov
 
BlockChain-1.pptx
BlockChain-1.pptxBlockChain-1.pptx
BlockChain-1.pptx
BiswaranjanSwain19
 
Hyperledger Austin meetup July 10, 2018
Hyperledger Austin meetup July 10, 2018Hyperledger Austin meetup July 10, 2018
Hyperledger Austin meetup July 10, 2018
Oracle Developers
 
Oracle - Hyperledger Silicon Valley meetup, June 20, 2018
Oracle - Hyperledger Silicon Valley meetup, June 20, 2018Oracle - Hyperledger Silicon Valley meetup, June 20, 2018
Oracle - Hyperledger Silicon Valley meetup, June 20, 2018
Oracle Developers
 
Cloud security
Cloud securityCloud security
Cloud security
Adeel Javaid
 
Ppt 1
Ppt 1Ppt 1

Similar to Modeling Multi-Layer Access Control Policies of a Hyperledger-Fabric-Based Agriculture Supply Chain (20)

Block chain fundamentals and hyperledger
Block chain fundamentals and hyperledgerBlock chain fundamentals and hyperledger
Block chain fundamentals and hyperledger
 
BlockChain-1.pptx
BlockChain-1.pptxBlockChain-1.pptx
BlockChain-1.pptx
 
Design patterns
Design patternsDesign patterns
Design patterns
 
Lecture27 cc-security2
Lecture27 cc-security2Lecture27 cc-security2
Lecture27 cc-security2
 
The Role of Blockchain in Future Integrations
The Role of Blockchain in Future IntegrationsThe Role of Blockchain in Future Integrations
The Role of Blockchain in Future Integrations
 
Cloud security issues and concerns
Cloud security   issues and concernsCloud security   issues and concerns
Cloud security issues and concerns
 
Myths of validation
Myths of validationMyths of validation
Myths of validation
 
Alliance Compant Presentation
Alliance Compant PresentationAlliance Compant Presentation
Alliance Compant Presentation
 
Lessson 1
Lessson 1Lessson 1
Lessson 1
 
Data Domain-Driven Design
Data Domain-Driven DesignData Domain-Driven Design
Data Domain-Driven Design
 
Kolegov tkachenko-Non-Invasive Elimination of Logical Access Control Vulnerab...
Kolegov tkachenko-Non-Invasive Elimination of Logical Access Control Vulnerab...Kolegov tkachenko-Non-Invasive Elimination of Logical Access Control Vulnerab...
Kolegov tkachenko-Non-Invasive Elimination of Logical Access Control Vulnerab...
 
Identity Management Standardization in the cloud computing
Identity Management Standardization in the cloud computingIdentity Management Standardization in the cloud computing
Identity Management Standardization in the cloud computing
 
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
SQLCAT: Addressing Security and Compliance Issues with SQL Server 2008
 
3 the system architecture
3 the system architecture3 the system architecture
3 the system architecture
 
Non-Invasive Elimination of Logical Access Control Vulnerabilities in Web A...
Non-Invasive Elimination of  Logical Access Control  Vulnerabilities in Web A...Non-Invasive Elimination of  Logical Access Control  Vulnerabilities in Web A...
Non-Invasive Elimination of Logical Access Control Vulnerabilities in Web A...
 
BlockChain-1.pptx
BlockChain-1.pptxBlockChain-1.pptx
BlockChain-1.pptx
 
Hyperledger Austin meetup July 10, 2018
Hyperledger Austin meetup July 10, 2018Hyperledger Austin meetup July 10, 2018
Hyperledger Austin meetup July 10, 2018
 
Oracle - Hyperledger Silicon Valley meetup, June 20, 2018
Oracle - Hyperledger Silicon Valley meetup, June 20, 2018Oracle - Hyperledger Silicon Valley meetup, June 20, 2018
Oracle - Hyperledger Silicon Valley meetup, June 20, 2018
 
Cloud security
Cloud securityCloud security
Cloud security
 
Ppt 1
Ppt 1Ppt 1
Ppt 1
 

More from Dilum Bandara

Introduction to Machine Learning
Introduction to Machine LearningIntroduction to Machine Learning
Introduction to Machine Learning
Dilum Bandara
 
Time Series Analysis and Forecasting in Practice
Time Series Analysis and Forecasting in PracticeTime Series Analysis and Forecasting in Practice
Time Series Analysis and Forecasting in Practice
Dilum Bandara
 
Introduction to Dimension Reduction with PCA
Introduction to Dimension Reduction with PCAIntroduction to Dimension Reduction with PCA
Introduction to Dimension Reduction with PCA
Dilum Bandara
 
Introduction to Descriptive & Predictive Analytics
Introduction to Descriptive & Predictive AnalyticsIntroduction to Descriptive & Predictive Analytics
Introduction to Descriptive & Predictive Analytics
Dilum Bandara
 
Introduction to Concurrent Data Structures
Introduction to Concurrent Data StructuresIntroduction to Concurrent Data Structures
Introduction to Concurrent Data Structures
Dilum Bandara
 
Hard to Paralelize Problems: Matrix-Vector and Matrix-Matrix
Hard to Paralelize Problems: Matrix-Vector and Matrix-MatrixHard to Paralelize Problems: Matrix-Vector and Matrix-Matrix
Hard to Paralelize Problems: Matrix-Vector and Matrix-Matrix
Dilum Bandara
 
Introduction to Map-Reduce Programming with Hadoop
Introduction to Map-Reduce Programming with HadoopIntroduction to Map-Reduce Programming with Hadoop
Introduction to Map-Reduce Programming with Hadoop
Dilum Bandara
 
Embarrassingly/Delightfully Parallel Problems
Embarrassingly/Delightfully Parallel ProblemsEmbarrassingly/Delightfully Parallel Problems
Embarrassingly/Delightfully Parallel Problems
Dilum Bandara
 
Introduction to Warehouse-Scale Computers
Introduction to Warehouse-Scale ComputersIntroduction to Warehouse-Scale Computers
Introduction to Warehouse-Scale Computers
Dilum Bandara
 
Introduction to Thread Level Parallelism
Introduction to Thread Level ParallelismIntroduction to Thread Level Parallelism
Introduction to Thread Level Parallelism
Dilum Bandara
 
CPU Memory Hierarchy and Caching Techniques
CPU Memory Hierarchy and Caching TechniquesCPU Memory Hierarchy and Caching Techniques
CPU Memory Hierarchy and Caching Techniques
Dilum Bandara
 
Data-Level Parallelism in Microprocessors
Data-Level Parallelism in MicroprocessorsData-Level Parallelism in Microprocessors
Data-Level Parallelism in Microprocessors
Dilum Bandara
 
Instruction Level Parallelism – Hardware Techniques
Instruction Level Parallelism – Hardware TechniquesInstruction Level Parallelism – Hardware Techniques
Instruction Level Parallelism – Hardware Techniques
Dilum Bandara
 
Instruction Level Parallelism – Compiler Techniques
Instruction Level Parallelism – Compiler TechniquesInstruction Level Parallelism – Compiler Techniques
Instruction Level Parallelism – Compiler Techniques
Dilum Bandara
 
CPU Pipelining and Hazards - An Introduction
CPU Pipelining and Hazards - An IntroductionCPU Pipelining and Hazards - An Introduction
CPU Pipelining and Hazards - An Introduction
Dilum Bandara
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
Dilum Bandara
 
High Performance Networking with Advanced TCP
High Performance Networking with Advanced TCPHigh Performance Networking with Advanced TCP
High Performance Networking with Advanced TCP
Dilum Bandara
 
Introduction to Content Delivery Networks
Introduction to Content Delivery NetworksIntroduction to Content Delivery Networks
Introduction to Content Delivery Networks
Dilum Bandara
 
Peer-to-Peer Networking Systems and Streaming
Peer-to-Peer Networking Systems and StreamingPeer-to-Peer Networking Systems and Streaming
Peer-to-Peer Networking Systems and Streaming
Dilum Bandara
 
Mobile Services
Mobile ServicesMobile Services
Mobile Services
Dilum Bandara
 

More from Dilum Bandara (20)

Introduction to Machine Learning
Introduction to Machine LearningIntroduction to Machine Learning
Introduction to Machine Learning
 
Time Series Analysis and Forecasting in Practice
Time Series Analysis and Forecasting in PracticeTime Series Analysis and Forecasting in Practice
Time Series Analysis and Forecasting in Practice
 
Introduction to Dimension Reduction with PCA
Introduction to Dimension Reduction with PCAIntroduction to Dimension Reduction with PCA
Introduction to Dimension Reduction with PCA
 
Introduction to Descriptive & Predictive Analytics
Introduction to Descriptive & Predictive AnalyticsIntroduction to Descriptive & Predictive Analytics
Introduction to Descriptive & Predictive Analytics
 
Introduction to Concurrent Data Structures
Introduction to Concurrent Data StructuresIntroduction to Concurrent Data Structures
Introduction to Concurrent Data Structures
 
Hard to Paralelize Problems: Matrix-Vector and Matrix-Matrix
Hard to Paralelize Problems: Matrix-Vector and Matrix-MatrixHard to Paralelize Problems: Matrix-Vector and Matrix-Matrix
Hard to Paralelize Problems: Matrix-Vector and Matrix-Matrix
 
Introduction to Map-Reduce Programming with Hadoop
Introduction to Map-Reduce Programming with HadoopIntroduction to Map-Reduce Programming with Hadoop
Introduction to Map-Reduce Programming with Hadoop
 
Embarrassingly/Delightfully Parallel Problems
Embarrassingly/Delightfully Parallel ProblemsEmbarrassingly/Delightfully Parallel Problems
Embarrassingly/Delightfully Parallel Problems
 
Introduction to Warehouse-Scale Computers
Introduction to Warehouse-Scale ComputersIntroduction to Warehouse-Scale Computers
Introduction to Warehouse-Scale Computers
 
Introduction to Thread Level Parallelism
Introduction to Thread Level ParallelismIntroduction to Thread Level Parallelism
Introduction to Thread Level Parallelism
 
CPU Memory Hierarchy and Caching Techniques
CPU Memory Hierarchy and Caching TechniquesCPU Memory Hierarchy and Caching Techniques
CPU Memory Hierarchy and Caching Techniques
 
Data-Level Parallelism in Microprocessors
Data-Level Parallelism in MicroprocessorsData-Level Parallelism in Microprocessors
Data-Level Parallelism in Microprocessors
 
Instruction Level Parallelism – Hardware Techniques
Instruction Level Parallelism – Hardware TechniquesInstruction Level Parallelism – Hardware Techniques
Instruction Level Parallelism – Hardware Techniques
 
Instruction Level Parallelism – Compiler Techniques
Instruction Level Parallelism – Compiler TechniquesInstruction Level Parallelism – Compiler Techniques
Instruction Level Parallelism – Compiler Techniques
 
CPU Pipelining and Hazards - An Introduction
CPU Pipelining and Hazards - An IntroductionCPU Pipelining and Hazards - An Introduction
CPU Pipelining and Hazards - An Introduction
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
High Performance Networking with Advanced TCP
High Performance Networking with Advanced TCPHigh Performance Networking with Advanced TCP
High Performance Networking with Advanced TCP
 
Introduction to Content Delivery Networks
Introduction to Content Delivery NetworksIntroduction to Content Delivery Networks
Introduction to Content Delivery Networks
 
Peer-to-Peer Networking Systems and Streaming
Peer-to-Peer Networking Systems and StreamingPeer-to-Peer Networking Systems and Streaming
Peer-to-Peer Networking Systems and Streaming
 
Mobile Services
Mobile ServicesMobile Services
Mobile Services
 

Recently uploaded

Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
Fermin Galan
 
GreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-JurisicGreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-Jurisic
Green Software Development
 
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptxLORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
lorraineandreiamcidl
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata
 
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxTop Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
rickgrimesss22
 
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
Adele Miller
 
openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
Shane Coughlan
 
Hand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User ValidationCode KataHand Rolled Applicative User ValidationCode Kata
Hand Rolled Applicative User Validation Code Kata
Philip Schwarz
 
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, FactsALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
Green Software Development
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdfAutomated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
timtebeek1
 
在线购买加拿大英属哥伦比亚大学毕业证本科学位证书原版一模一样
在线购买加拿大英属哥伦比亚大学毕业证本科学位证书原版一模一样在线购买加拿大英属哥伦比亚大学毕业证本科学位证书原版一模一样
在线购买加拿大英属哥伦比亚大学毕业证本科学位证书原版一模一样
mz5nrf0n
 
Using Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional SafetyUsing Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional Safety
Ayan Halder
 
Empowering Growth with Best Software Development Company in Noida - Deuglo
Empowering Growth with Best Software  Development Company in Noida - DeugloEmpowering Growth with Best Software  Development Company in Noida - Deuglo
Empowering Growth with Best Software Development Company in Noida - Deuglo
Deuglo Infosystem Pvt Ltd
 
Quarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden ExtensionsQuarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden Extensions
Max Andersen
 
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeA Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
Aftab Hussain
 
Preparing Non - Technical Founders for Engaging a Tech Agency
Preparing Non - Technical Founders for Engaging  a  Tech AgencyPreparing Non - Technical Founders for Engaging  a  Tech Agency
Preparing Non - Technical Founders for Engaging a Tech Agency
ISH Technologies
 
socradar-q1-2024-aviation-industry-report.pdf
socradar-q1-2024-aviation-industry-report.pdfsocradar-q1-2024-aviation-industry-report.pdf
socradar-q1-2024-aviation-industry-report.pdf
SOCRadar
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
mz5nrf0n
 
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR  SPRING BOOT (SPRING IO)GOING AOT WITH GRAALVM FOR  SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
Alina Yurenko
 

Recently uploaded (20)

Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604Orion Context Broker introduction 20240604
Orion Context Broker introduction 20240604
 
GreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-JurisicGreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-Jurisic
 
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptxLORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
 
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxTop Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
 
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
 
openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain SecurityopenEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
 
Hand Rolled Applicative User Validation Code Kata
Hand Rolled Applicative User ValidationCode KataHand Rolled Applicative User ValidationCode Kata
Hand Rolled Applicative User Validation Code Kata
 
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, FactsALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdfAutomated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
 
在线购买加拿大英属哥伦比亚大学毕业证本科学位证书原版一模一样
在线购买加拿大英属哥伦比亚大学毕业证本科学位证书原版一模一样在线购买加拿大英属哥伦比亚大学毕业证本科学位证书原版一模一样
在线购买加拿大英属哥伦比亚大学毕业证本科学位证书原版一模一样
 
Using Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional SafetyUsing Xen Hypervisor for Functional Safety
Using Xen Hypervisor for Functional Safety
 
Empowering Growth with Best Software Development Company in Noida - Deuglo
Empowering Growth with Best Software  Development Company in Noida - DeugloEmpowering Growth with Best Software  Development Company in Noida - Deuglo
Empowering Growth with Best Software Development Company in Noida - Deuglo
 
Quarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden ExtensionsQuarkus Hidden and Forbidden Extensions
Quarkus Hidden and Forbidden Extensions
 
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeA Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
 
Preparing Non - Technical Founders for Engaging a Tech Agency
Preparing Non - Technical Founders for Engaging  a  Tech AgencyPreparing Non - Technical Founders for Engaging  a  Tech Agency
Preparing Non - Technical Founders for Engaging a Tech Agency
 
socradar-q1-2024-aviation-industry-report.pdf
socradar-q1-2024-aviation-industry-report.pdfsocradar-q1-2024-aviation-industry-report.pdf
socradar-q1-2024-aviation-industry-report.pdf
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
 
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR  SPRING BOOT (SPRING IO)GOING AOT WITH GRAALVM FOR  SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
 

Modeling Multi-Layer Access Control Policies of a Hyperledger-Fabric-Based Agriculture Supply Chain

  • 1. Australia’s National Science Agency Modeling Multi-Layer Access Control Policies of a Hyperledger-Fabric-Based Agriculture Supply Chain rmat it correctly: Use the styles within this template H.M.N. Dilum Bandara, Shiping Chen, Mark Staples, and Yilin Sai Data61, CSIRO Sydney, Australia Dilum.Bandara@csiro.au
  • 2. • Blockchains’ transparency & immutability  Enhance traceability & trust in agriculture supply chains • Users worry about business confidentiality  Prefer to keep data off-chain • Better clarity on “who can see what data”  Encourage active data contribution • While blockchains are proposed for access control in other systems, no detailed study on blockchain platforms’ access control • Propose a process to model & verify such complex policies • A case study of an agriculture traceability platform based on Hyperledger Fabric • Model its 5 layers of multi-layered & multi-model access control policies • Model & validate safeness of those policies using NIST’s access control rule logic circuit simulator • Conduct a reflective privacy assessment to answer “which other participants can see my data?” • Enhance supply chain participants’ confidence in storing data on-chain Research Contribution 2 |
  • 3. Q. Lu et al. (2021) • Many use cases • Provenance & traceability for food safety & biosecurity • Supporting farmer cooperatives, agriculture finance, & precision agriculture • Needs to ensure business confidentiality of data • Direct competitors – Farmers • Indirect competitors – Farmer & Distributor • Permissioned blockchains can partly address such concerns • Use multiple access control models spanning multiple layers • However, it’s nontrivial to determine “who can see what data” • Consequently, most data are kept off-chain • Limits automation, efficiency, & real-time compliance enforcement Blockchain in Agriculture 3 | Q. Lu et al., “Integrated model‐driven engineering of blockchain applications for business processes and asset management,” Software: Practice and Experience, 51(5), 2021, 1059-1079.
  • 4. Supply Chain Scenario • Derived from a real blockchain- based traceability platform for an agriculture supply chain • Client • A keystone company in the ecosystem • Had the greatest exposure to regulatory compliance risks • Did the integration • A consortium governs the platform • Subset of parties hosted a blockchain node • Others connected via API • Build on-top of Hyperledger Fabric using cloud-native technologies 4 |
  • 5. Hyper Ledger Fabric • A modular, permissioned, & open-source blockchain framework • Emphasizes data privacy & performance • Logical partitioning of the ledger 1. Channels – Hides transactions from non-members 2. Private Data Collections (PDCs) – Hides data on a transaction • Policy-driven access control • Process 100s to 1,000 TPS under varying conditions • Applied in multiple horizontally & vertically integrated supply chains 5 | ABAC - Attribute-Based Access Control ACL – Access Control List PBAC - Policy-Based Access Control RBAC - Role-Based Access Control RBAC-A - RBAC, attribute centric
  • 6. Gain supply chain participants’ confidence to contribute data & actively engage in blockchain governance by answering: 1. How to model multi-model, multi-layer, & dynamic access control policies in the traceability platform? 2. Are those policies free of conflicts & effective in ensuring data safeness? 3. Which other parties can see my data? Goal 6 |
  • 7. Modeling Access Control Policies 7 |
  • 8. • Entities in a Fabric network have unique identities • X.509 certificate • An identity belongs to an organization & has a set of attributes • Organizational Unit (OU) – Node OU – special OU used to confer a role on an identity • Role 1. client – Invoke smart contracts 2. admin – Network management, Invoke smart contracts 3. peer – Maintain ledger, Endorse transactions by executing & signing their results 4. orderer – Order transactions into blocks • Union of identity & its attributes is called a principal • Farmer.client Subjects 8 | Source: https://hyperledger-fabric.readthedocs.io
  • 9. • Users issue transactions that invoke chaincodes • Can also subscribe to blockchain events streams • These endpoints are resources requiring access control • Fabric lists 19 resources in configtx.yaml • Specified using component/resource format, e.g., • _lifecycle/CommitChaincodeDefinition • event/Block • Other resources that need protection • Data in a smart contract • Smart contract functions • API endpoints Objects 9 |
  • 10. • Describe how an identity or role (aka., subject) may access a resource (aka., object) • Fabric defines 6 high-level actions 1. Readers – Read data 2. Writers – Write data 3. Admins – Administrative actions 4. Endorsement – Execute transactions & sign their results 5. LifecycleEndorsement – Endorsement related to lifecycle management actions of a chaincode 6. BlockValidation – Packaging transactions into a block & signing it • Only read & write actions are distinguished at chaincode & API layers Actions 10 |
  • 11. • A set of rules that defines how decisions are made & specific outcomes are reached • Reflect business needs • Fabric evaluates signatures attached to a transaction & validates that they fulfill access control needs • 2 types of policies 1. Signature – Requires a transaction to include explicit sign-off from principals 2. ImplicitMeta – Aggregates result of policies deeper in a configuration tree Policies 11 | /Channel/Application/Endorsement: Type: Signature Rule: AND(Farmer.peer, Processor.peer) /Channel/Application/Admins: Type: ImplicitMeta Rule: MAJORITY Admins …/Farmer/Admins …/Processor/Admins …/Client/Admins (Any 2 organizations out of 3 can satisfy MAJORITY) /Channel/Application/Farmer/Admins: Type: Signature Rule: OR(Farmer.admin)
  • 13. • Focus on safety properties • Fundamental security requirements on whether a policy leaks access permission to unauthorized or unintended subjects • 3 types of safety property violations (aka., faults) 1. Privilege leakage – A subject can access objects prohibited by security requirements 2. Privilege blocking – A subject’s legitimate access to an object is blocked 3. Privilege conflict – Multiple access control rules result in conflicting decisions • Many tools to validate access control policies against safety properties • Li et al. [18] compared 8 tools under 11 metrics • We chose NIST’s Access Control Rule Logic Circuit Simulation (ACRLCS) technique • Models policies as a hierarchically-designed digital logic circuit • Supports static, dynamic, & historical access control models; separation of duty • Real-time detection of privilege leakage, blocking, & conflicts Verification Tool Section 13 | A. Li et al., “Evaluating the capability and performance of access control policy verification tools,” in 2015 IEEE Military Communications Conf. (MILCOM), 2015, pp. 366–371.
  • 14. • Channel & PDC membership as Boolean functions • Compliance Manager (CM), Framer (FR), Processor (PR), Transporter (TR), & Primary Consumer (PC) are in Post Harvest PDC • PDCPostHarvest = CM + FA + PR + TR + PC • Default set of action-related policies in Fabric for Compliance Manager organization • Readers = CM.client + CM.admin + CM.peer • Writers = CM.client + CM.admin • Admins = CM.admin • Endorsement = CM.peer Representing Policies with ACRLCS 14 |
  • 15. Representing Policies with ACRLCS (Cont.) 15 | /Channel/Admins = MAJORITY Admins /Channel/Application/Admins = MAJORITY Admins /Channel/Orderer/Admins = MAJORITY Admins CM BR AC DR FA PR CO Admins = CM.admin Similarly, AND gate can be used to link hierarchical & multi-layer policies
  • 16. • To detect faults, ACRLCS requires Grant & Deny circuits • There’s a conflict if both Grant & Deny circuits result in logical 1 • Grant – admin role can change channel configuration • Deny – client, peer, & orderer roles can’t change channel configuration • When it’s difficult to specify security properties either in a grant or deny circuit • To detect privilege leakage, look for outputs that result in 1 but should have been 0 • To detect privilege blocking, look for outputs that result in 0 but should have been 1 Access Control Evaluation 16 | _lifecycle/CommitChaincodeDefinition: /Channel/Application/Writers Writers = CM.admin + CM.client Grant Deny Even clients can install chaincode
  • 17. • Which other participants can see my data? • Assume the position of a potential data accessor for the sake of assessing the privacy implications of access control policies • A farmer (FA) may want to know how the distributor (DR) sees their data • Distributor can only see farmers inputs not outputs Reflective Privacy Assessment 17 | PDCPreHarvest PDCPostHarvest Channel
  • 18. • Enterprise blockchain-based applications adopt multi-layered & multi-model access control policies • Proposed a process to model & verify such policies to determine “who has access to what data?” • Demonstrated it using an agriculture tractability platform built on Hyperledger Fabric • Used NIST’s ACRLCS technique to verify polices • Identified 2 access control faults in Fabric’s default policies • Used ACRLCS circuits simulation for reflective privacy assessment • ACRLCS can capture a broader set of models  Our process could be applied to other blockchain-based applications & frameworks • Future work • Model workflow access control as many business processes are enforced using smart contracts • Develop a test oracle to generate transactions to validate access control implementation of an entire blockchain-based application Summary 18 |
  • 19. Australia’s National Science Agency Dilum.Bandara@csiro.au linkedin.com/in/dilumb/

Editor's Notes

  1. transparency & immutability amplify business confidentiality concerns
  2. Model policies Model & validate safeness of those policies reflective privacy assessment
  3. Subjects, objects, actions, & their attributes are represented as Boolean variables
  4. Architectural Trade-off Analysis Method (ATAM)