International Journal of Science, Engineering and TechnologyAuthors: Dr. Pankaj Malik, Ankit Sahu, Aadarsh Sahu, Harshita Modi, Harsh Solanki, Dishank Solanki
Abstract: The increasing use of cloud computing has resulted in increasingly dynamic and multi-tenant settings where conventional Role-Based Access Control (RBAC) systems find it difficult to provide fine-grained and context-aware access control. This paper introduces a blockchain-based Attribute-Based Access Control (ABAC) framework that uses smart contracts to implement access policies in a decentralized, transparent, and tamper-proof way. The system suggested, the paper enables policy definitions and attribute assessments to be directly encoded into smart contracts, making possible automated, real-time access decisions without the need for a central authority. It was explained using Ethereum smart contracts and tested through a prototype in a simulated healthcare cloud setting, where access of confidential patient records was controlled by dynamic attributes like user role, department, and clearance level. Experimental results illustrate that the system proposed performs secure and reliable access control with a mean decision latency of 350 ms and gas cost of 82,000 units per transaction. The system accommodates dynamic attribute updates and revocation with zero service downtime and provides full auditability using immutable blockchain logs. In comparison with conventional ABAC systems, the smart contract-based solution enhanced consistency in policy enforcement by 22% and removed single points of failure. These findings affirm the feasibility of decentralised ABAC as a viable solution for securing dynamic cloud services.
