DF-RBAC: Dynamic and Fine-grained Role-Based Access Control Scheme with Smart Contract

Abstract Access control is a technology that can guarantee the security of information in network transmission, in which role-based access control is to separate the subject from the permission, and to assign the permission by distributing the corresponding role of the user. However, the traditional role-based access control scheme is generally centralized, the allocation of user’s role lacks fine granularity, and there is static in the allocation of the role and permission, which is not consistent with the distributed and dynamic network architecture nowadays. Hence, we propose a dynamic and fine-grained role-based access control model DF-RBAC, which can realize the flexible assignment of roles by resource owners and security verification of assigned roles. Further, we take advantage of blockchain technology and cryptography technology to combine with the DF-RBAC framework to achieve access to the activity log security audit function, which can ensure the security of the overall architecture. By safety and experimental analysis, our framework has proved to be feasible.