Fairaccess

Editor's Notes

• #9: Current digital economy is based on the reliance on a certain trusted authority. Our all online transactions rely on trusting someone to tell us the truth—it can be an email service provider telling us that our email has been delivered; it can be a certification authority telling us that a certain digital certificate is trustworthy; or it can be a social network such as Facebook telling us that our posts regarding our life events have been shared only with our friends or it can be a bank telling us that our money has been delivered reliably to our dear ones in a remote country. The fact is that we live our life precariously in the digital world by relying on a third entity for the security and privacy of our digital assets. The fact remains that these third party sources can be hacked, manipulated or compromised. This is where the blockchain technology comes handy. It has the potential to revolutionize the digital world by enabling a distributed consensuss ​where each and every online transaction, past and present, involving digital assets can be verified at any time in the future. It does this without compromising the privacy of the digital assets and parties involved. The distributed consensus​ and anonymity​ are two important characteristics of blockchain technology. Cryptocurrencies are a new form of virtual currency, first introduced with creation of Bitcoin, developed by Satoshi Nakamoto in [11]. A cryptocurrency is a decentralized digital currency built on cryptographic protocols providing an open, self-regulating alternative to classical currencies managed by central authorities such as banks. It is the first technology to successfully overcome the problem related to how consensus can be reached in a group of anonymous participants, some of whom may be behaving with malicious intent without the intervention of any centralized party. Actually, specific nodes known as miners are responsible for collecting transactions, solving challenging computational puzzles (proof-of-work) to reach consensus, and adding the transactions in form of blocks to a distributed public ledger known as the blockchain. In October 2015, the 1st Global Blockchain Summit was held in Shanghai. Geeks, entrepreneurs, academic experts, investors, corporate executives, and regulatory policy makers gathered and discussed the business applications and opportunities of blockchain technology in industry, such as Payment, Internet of Things, securities trading, digital assets management. Over 200 guests from the financial industry, including banking, payments, securities and commodities attended the summit
• #10: Bitcoin has no central authority, yet somehowe very full node has a complete copy of a public ledger that it can trust as the authoritative record. The blockchain is not created by a central authority, but is assembled independently by every node in the network. Somehow, every node in the network, acting on information transmitted across insecure network connections, can arrive at the same conclusion and assemble a copy of the same public ledger as everyone else Satoshi Nakamoto’s main invention is the decentralized mechanism for emergent consensus. Emergent, because consensus is not achieved explicitly—there is no election or fixed moment when consensus occurs. Instead, consensus is an emergent artifact of the asynchronous interaction of thousands of independent nodes, all following simple rules. All the properties of bitcoin, including currency, transactions, payments, and the security model that does not depend on central authority or trust, derive from this invention.
• #12: User: can be either a Resource Owner (RO), belonging to supplier organization, who exposes his resources and control access over it, or a Requestor, belonging to a requesting organization. He is considered as the owner of the requester resource aiming to access to a supplier resource. Each of those entities: RO, Requestor and their resources are identified with bitcoin-like addresses, interacting between each other through transactions. Wallet: every user has a wallet that stores his credentials, addresses and the transactions related to them. It contains all the keys needed to register and identify his resources, sign his transactions, ask for access. In our framework, we consider a wallet as authorization management point (AMP), it could be a web or mobile application, through the wallet, the RO could register his resources need to be protected and define his access control policies. Then, the main functionalities of a wallet are: 1) generating keys and addresses. 2) Transforming the access control policies to a transactions and broadcast those later to the network.3) validating received transactions from the network. In our proposed framework, in order to fulfill the P&SP objectives, we will use the following mechanisms: In FairAccess, we use, Bitcoin-like addresses: to identify all interacting entities. Smart contract to express fine-grained and contextual access control policies enveloped inside transactions. We opt for authorization tokens as access control model distributed by the blockchain. We use blockchain firstly to ensure evaluating and enforcing access policies and secondly to ensure token integrity and detect token double spending. The detail of each mechanism is described below:
• #13: A private key A.sk is a number, picked at random. From the private key, an elliptic curve multiplication and a one-way cryptographic function is used to generate a public key A.pk From the public key A.pk, a one-way cryptographic hash function H is used to generate an address. The private key is used to create signatures that are required to prove ownership of a resource Identification enabling pseudonymous thing to thing interaction: as state in [20], the Identity of Things is a growing outcome of the Internet of Things. FairAccess identity establishment method meet this requirement. Actually, in FairAccess, users either a Resource Owner or a Requester and their resources are identified through cryptographic identities, called addresses. An address is basically the hash of an ECDSA public key and a user in possession of the corresponding private key is said to own the address. We believe, this identity establishment model will have strong impact on IoT for these reasons: Bitcoin-like addresses can be assigned to all IoT resources either persons or devices alike. Fridges, houses and lamps can have a Bitcoin-like address, effectively enabling a thing to thing communication, furthermore transactions can be carried out equally well by machines and humans enabling direct machine-to-machine interaction.
• #15: The use of scripts to lock outputs and unlock inputs means that through use of the programming language, transactions can contain an infinite number of conditions. This enables our framework to express fine grained access control policies. Actually, a policy is a set of rules and conditions (based on a specific context or attribute, etc) that a requester entity has to fulfill in order to obtain the Access Token and gets access to the specific resource. This rules could be expressed by any access control model but must be transformed to a script language considered as locking script placed on the output of a transaction. Fortunately, new blockchain protocols are being developed including full Turing completeness capability, allowing anyone to write smart contracts and decentralized applications with their own arbitrary rules for ownership, transaction formats and state transition functions [21]. The use of those advanced language such as Etherum, will certainly enable our FairAccess framework to express fine-grained context-aware access control policies. We believe that Smart contracts are a promising emergent field to express, granular, contextual and contractual access control model in general and in IoT in particular.
• #16: in FairAccess, the blockchain is considered as a database or, a policy retrieval point, where all access control policies for each pair (resource, requester) , are stored in form of SmartContracts, it serves also as logging databases that ensures auditing functions. Furthermore, it prevents forgery of token through transactions integrity checks and detects token reuse through the double spending detection mechanism The block chain is a database that stores all processed transactions and Smart contract in chronological order shared by all users or nodes participating. We assume this memory to be tamperproof under the same adversarial model used in Bitcoin and other cryptocurrencies. The block chain technology provides everyone with a working proof of a decentralized trust. FairAccess provides several useful mechanisms using the blockchain. In fact, policy retrieval point, where all access control policies for each pair (resource, requester) , are stored in form of transactions, it serves also as logging databases that ensures auditing functions. Furthermore, it prevents forgery of token through transactions integrity checks and detects token reuse through the double spending detection mechanism
• #17: The peer to peer nodes verify the transaction and record it in the block chain in case of success validation. At this stage, the network witnesses that the RO has entitled the Requester to get access to the specific service provided by a protected Resource. But the Requester could not get yet access to the target service till he meets the access control policy and execute the SmartContract to get the token. The sequence of GrantAccess transactions can be shown as follows: At the end of this phase, if the transaction appears in the blockchain, it means that the network witnesses that the Resource owner had entitled the requester to access that resource but the requester could not access yet till he unlocks the access condition by successfully executing the SmartContract and get the access token 𝑇𝐾𝑁𝑟𝑞,𝑟𝑠 To do so, the requester has to prove to the network that he fulfills really the access conditions in a new transaction called GetAccess transaction which is the objective of the second phase. 1. The RO defines for the couple (Resource, Requester) an access control policy 𝑃𝑂𝐿𝐼𝐶𝑌𝑟𝑠,𝑟𝑞 2. The wallet transforms this access control policy to a SmartContract 𝑃𝑂𝐿𝐼𝐶𝑌𝑟𝑠,𝑟𝑞 →𝜋𝑥 3. The wallet generates a GrantAccess Transaction in the following form: 𝑇𝑥=(𝑚,𝑠𝑖𝑔𝑟𝑠(𝑚)) 𝑤ℎ𝑒𝑟𝑒 𝑚= (𝐼𝐷𝑥,𝑓𝑟𝑜𝑚 ( 𝑟𝑠),𝑡𝑜( 𝜋𝑥) 5. Each node verifies the transaction within the transaction validation process. 6. If the transaction is valid the access control policy is recorded in the blockchain in form of SmartContract. Else, the transaction will be rejected. At the end of this phase, if the transaction appears in the blockchain, it means that the network witnesses that the Resource owner had entitled the requester to access that resource but the requester could not access yet till he unlocks the access condition by successfully executing the SmartContract and get the access token 𝑇𝐾𝑁𝑟𝑞,𝑟𝑠 To do so, the requester has to prove to the network that he fulfills really the access conditions in a new transaction called GetAccess transaction which is the objective of the second phase.
• #18: In this phase, the device A will create a new transaction, that we call a GetAccess transaction. The GetAccess transaction is send to the SmartContract to get the token and access to a service being hosted on the device B. The sequence of GetAccess transactions can be shown as follows: 1. The requester device sends a request access 2. The target device redirects the requester to the address of The SmartContract to get the token 3. The wallet gets the SmartContract address 𝜋𝑥 4. The requester fulfills access control condition placed in 𝜋𝑥 and generates an unlocking data considered as input to the SmartContract. 𝑀𝑒𝑒𝑡𝐴𝑐𝑐𝑒𝑠𝑠𝐶𝑜𝑛𝑡𝑟𝑜𝑙𝑃𝑜𝑙𝑖𝑐𝑦( 𝜋𝑥𝑥)→ 𝜓 5. The wallet generates a GetAccess transaction type in the following form: 𝑇𝑥= (𝐼𝐷𝑥,𝑓𝑟𝑜𝑚 ( 𝑟𝑞,𝜓),𝑡𝑜 (𝜋𝑥) 6. The wallet broadcasts the transaction to the network 7. The network nodes verify and validate the transaction if it was valid it will be included in the blockchain else it will be rejected and a notification is sent to its sender. 8. Once the transaction appears in the blockchain. It means the network witnesses that the requester has full filled the access condition (execution of the SmartContract) then the SmartContract will generates and delivers an access token to the requester in another transaction called AllowAccessTransaction
• #19: POSITIVE Indicators Pseudonymity and Unlikability: The use of pseudonymous Bitcoin-like addresses that are publicly verifiable yet unlinkable to user identities enables privacy-preserving access control achievement since no real-world name or identifying information are required. Lightweight: Actually, enforcing access control policies by the blockchain relieves IoT constrained devices from the burden of handling a vast amount of access control-related information and at the same time mitigate the need for outsourcing these functionalities to a trusted powerful entity. In fact, devices only need to easily verify the validity of the access token securely held on the blockchain. Moreover, using digital keys as identification and authentication at once reduces communication cost, since no further authentication mechanisms are required to get the token. Only signatures are sufficient. User driven & transparency: In FairAccess, user is the only one who is responsible to define a granular access control policies over his own data. Distributed nature and the lack of a central authority: Each node in the network shares his data with others nodes directly, without the intervention of any third or trusted entity Fine-granularity: we argue that FairAccess is generic and not restricted to the use of any specific access control model. Actually, the use of smart contact enables Fair Access to implement an expressive and granular access control policies, expressed by any access control model as soon as this model could be transcoded to a script language. dentification enabling pseudonymous thing to thing interaction: as state in [10], the Identity of Things is a growing outcome of the Internet of Things. FairAccess identity establishment method meet this requirement. Actually, in FairAccess, users either a Resource Owner or a Requester and their resources are identified through cryptographic identities, called addresses. An address is basically the hash of an ECDSA public key and a user in possession of the corresponding private key is said to own the address. We believe, this identity establishment model will have strong impact on IoT for these reasons: Bitcoin-like addresses can be assigned to all IoT resources either persons or devices alike. Fridges, houses and lamps can have a Bitcoin-like address, effectively enabling a thing to thing communication, furthermore transactions can be carried out equally well by machines and humans enabling direct machine-to-machine interaction.