Blockchain/ Distributed Ledger

Expand all | Collapse all

NIST Blockchain for Access Control Systems: NIST IR 8403

  • 1.  NIST Blockchain for Access Control Systems: NIST IR 8403

    Posted May 26, 2022 12:21:00 PM
      |   view attached
    Hi All,

    NIST has published NIST Internal Report (NIST IR) 8403, Blockchain for Access Control Systems.

    Protecting system resources against unauthorized access is the primary objective of an access control system. As information systems rapidly evolve, the need for advanced access control mechanisms that support decentralization, scalability, and trust – all major challenges for traditional mechanisms – has grown.

    Blockchain technology offers high confidence and tamper resistance implemented in a distributed fashion without a central authority, which means that it can be a trustable alternative for enforcing access control policies. This document presents analyses of blockchain access control systems from the perspectives of properties, components, architectures, and model supports, as well as discussions on considerations for implementation.

    ------------------------------
    Michael Roza CPA, CISA, CIA, MBA, Exec MBA
    ------------------------------


  • 2.  RE: NIST Blockchain for Access Control Systems: NIST IR 8403

    Posted May 27, 2022 08:42:00 AM
    So one major comment: BLockchain provides an implicitly time-series database (in the sense of stuff is put into the blockchain generally in the order it is created/submitted). If the logic of the system is "control data needs to be put into the blockchain before it is acted upon" then you can say with reasonable certainty that any following actions were affected by those rules (assuming no significant lag/etc.).

    So for once, you'd be able to match up access logs and WHY something was allowed/blocked with the then-current state of the access control rules. So this mixing of policy and log data, which at first I had a gut reaction of "ewwww no" actually has a pretty interesting security management benefit.

    ------------------------------
    Kurt Seifried
    Chief Blockchain Officer and Director of Special Projects
    Cloud Security Alliance
    [email protected]
    ------------------------------