Access Control (AC) is a fundamental aspect of modern technology infrastructure. While most primitive versions of AC use an Access Control List (ACL) to represent access, a more versatile variant called Attribute-Based Access Control (ABAC) has quickly become a popular approach to implementing AC due to its flexibility and scalability and enabling cross-domain access.
This thesis proposes a Blockchain-based ABAC scheme with delegatable permission tokens through the use of Hyperledger Fabric and Java Web Tokens (JWT). Fabric is used to store various attribute and revocation transactions necessary in an ABAC system, while JWT's purpose is to delegate access to entities outside the organization domain. Both aspects of the implementation show consistent results while staying within the acceptable performance parameters and reveals the proposed model is a suitable and scalable solution for AC.
Keywords: Blockchain, Access Control, ABAC, Hyperledger Fabric, Java Web Token