B-FLACS: blockchain-based flexible lightweight access control scheme for data sharing in cloud

Qi, Tao; Cui, Xiaohui

doi:10.1007/s10586-022-03782-1

Cited by 5 publications

(2 citation statements)

References 28 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Figure 9 presents the packet sending rate of Input: mapAttrSet.fowSN, matchPolicySet Output: collaborativePolicy (1) fowPath � U; path � null; action � null; collaborativePolicy � ∅ (2) for (i � 0; i < getNum(matchPolicySet); i++) do (3) path ← getPath(matchPolicySet.policy[i]) (4) action ← getAction(matchPolicySet.policy[i]) (5) if (matchPolicySet.policy [i].policyType � � SOURCE) then (6) if (action � � forward) then (7) fowPath ← fowPath ∧ path (8) else if (action � � drop) then (9) fowPath ← fowPath ∧ path ( 10) else (11) report error (12) continue (13) end if (14) else if (matchPolicySet.policy [i].policyType � � TRANSFER) then (15) if (path! � null) then (16) report error ( 17) continue ( 18) else (19) if (action � � drop) then (20) domID ← getDomID(matchPolicySet.policy[i]) (21) fowPath ← fowPath ∧ domID ( 22) else (23) continue (24) end if (25) end if (26) else (27) report error ( 28) continue (29) end if (30) end for (31) egress switches S12, S13, and S14 in AS1, respectively, under baseline and BPFC-SDNs.…”

Section: Validation Of Information-sharing and Policymentioning

confidence: 99%

“…Specifcally, there are some security schemes that apply blockchain to SDN, such as blockchain-based secure routing for multidomain SDN [27], blockchain-based multicontroller deployment [28], and blockchain-based SDN fow rule verifcation [29]. Moreover, there are some schemes that apply blockchain to attribute-based access control [30,31]. Tese schemes are mainly designed to achieve access control of data resources rather than control of the forwarding path of datafows.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

BPFC-SDNs: A Blockchain-Based and Policy-Oriented Forwarding Control for the SDN Interdomain

Hanzo

Chang

et al. 2023

Security and Communication Networks

View full text Add to dashboard Cite

Policy-oriented forwarding control has been widely recognized in a software-defined network (SDN). However, in the multidomain SDN scenario, policy-oriented forwarding control confronts the challenges that the lack of a higher-level abstraction policy paradigm, cross-domain policy unknowability and policy conflict, a distributed and untrusted communication environment, and latency sensitivity. To tackle these challenges, this article proposes BPFC-SDNs, a blockchain-based and policy-oriented forwarding control for the SDN interdomain. As the basis of BPFC-SDNs, we define an attribute-based interdomain forwarding control policy paradigm and implement secure and trusted cross-domain information and policy sharing based on blockchain. The main idea of BPFC-SDNs is to achieve cross-domain dataflow forwarding control based on the global collaborative policy. Specifically, we propose a physically centralized and logically isolated architecture to ensure efficient and secure information exchange between the SDN and blockchain. Moreover, we design a combined on-chain and off-chain functional model to separate forwarding control from the blockchain, which enables forwarding control based on trusted data while avoiding the introduction of high latency and computational overhead of the blockchain. Finally, we implement a prototype for BPFC-SDNs, and the experimental results indicate that BPFC-SDNs can provide effective forwarding control for the SDN interdomain with acceptable latency and good scalability.

show abstract