(1.School of Cyber Science and Engineering, Southeast University, Nanjing 211189, China; 2.The Sixty-third Research Institute, National University of Defense Technology, Nanjing 210007, China; 3.Laboratory for Big Data and Decision, National University of Defense Technology, Changsha 410073, China)
Abstract: Traditional centralized access control models have limitations in certain scenarios. Particularly in government agencies, military application, and other special contexts, data security management requires considerations of confidentiality, integrity, and the need for flexible and stringent access control mechanisms. Moreover, existing hierarchical access control methods suffer from single point of failure issues in the evaluation and verification of access level boundaries, as well as the risk of level boundary leakage. To overcome these limitations, this paper proposes a hierarchical access control method for blockchain-based data exchange, incorporating homomorphic encryption for protecting the level boundaries. Experimental results demonstrate that this approach effectively addresses security concerns regarding unauthorized access to data subjects and exhibits high operational efficiency in key functionalities.
Key words : blockchain; data exchange;ABAC (Attribute-Based Access Control);MAC (Mandatory Access Control); hierarchical access control
