Review of Access Control Research for Blockchain Data Sharing

doi:10.3778/j.issn.1673-9418.2410079

Abstract

Abstract: With the advent of the digital age, data sharing plays a crucial role in promoting social and economic development as well as technological progress. How to effectively control access to the data sharing process while ensuring data security and privacy is an urgent problem to be solved. Firstly, the applications of access control technology in the existing blockchain projects are presented. Secondly, the research issues of access control for blockchain data sharing are formally defined. Then, the data sharing process is divided into the preparation stage, the data upload stage, and the authorization and access stage. In these three stages, the research status of blockchain data sharing access control technology is systematically organized and the advantages and limitations of related technologies are summarized. Among them, the attribute encryption, searchable encryption, homomorphic encryption, and proxy re-encryption technologies in the data upload stage of blockchain access control are analyzed in detail. Finally, the deficiencies in the existing research on blockchain data sharing access control are summarized, including the insufficiency of the dynamicity of access control policies, the difficulty in converting legal provisions into policies, the poor security of smart contracts, the insufficiently lightweight encryption algorithms, and the coarse data classification granularity. Prospects are proposed from five aspects: dynamic policy generation based on large language models, automatic conversion of legal policies using natural language processing technology, establishment of security standards for smart contracts, development of lightweight encryption algorithms, and realization of automatic data classification with the aid of machine learning technology.

Key words: blockchain, smart contract, data sharing, access control

摘要： 随着数字化时代的到来，数据共享在推动社会经济发展和技术进步方面发挥着重要作用。如何在保障数据安全和隐私的前提下，有效地对数据共享过程进行访问控制，是一个亟待解决的问题。介绍了现有区块链项目中访问控制技术的应用情况。对区块链数据共享的访问控制研究问题进行了形式化定义。将数据共享过程划分为准备阶段、数据上传阶段、授权与访问阶段，在这三个阶段系统整理了区块链数据共享访问控制技术的研究现状并总结了相关技术的优点和局限性，其中着重分析了数据上传阶段中区块链访问控制的属性加密、可搜索加密、同态加密和代理重加密技术。总结了现有区块链数据共享访问控制研究中存在的不足，包括访问控制策略动态性不足、法律条款转化为策略困难、智能合约安全性欠佳、加密算法不够轻量级以及数据分级粒度较粗等问题，并从基于大语言模型的动态策略生成、利用自然语言处理技术实现法律策略自动转化、建立智能合约安全规范标准、开发轻量级加密算法，以及借助机器学习技术实现数据自动分级五个方面提出了展望。

关键词: 区块链, 智能合约, 数据共享, 访问控制

FENG Xinhao, LI Leixiao, LIU Dongjiang, DU Jinze, LIN Hao. Review of Access Control Research for Blockchain Data Sharing[J]. Journal of Frontiers of Computer Science and Technology, 2025, 19(8): 1981-2000.

冯鑫昊, 李雷孝, 刘东江, 杜金泽, 林浩. 面向区块链数据共享的访问控制研究综述[J]. 计算机科学与探索, 2025, 19(8): 1981-2000.

References

[1] TEDERSOO L, KüNGAS R, ORAS E, et al. Data sharing practices and data availability upon request differ across scientific disciplines[J]. Scientific Data, 2021, 8: 192.
[2] ZHONG C, LIU K, LIANG Z H, et al. Research on data security sharing in blockchain: challenges and prospects[C]//Proceedings of the 2022 IEEE International Conference on Electrical Engineering, Big Data and Algorithms. Piscataway: IEEE, 2022: 1322-1327.
[3] PIAO C H, HAO Y R, YAN J Q, et al. Privacy preserving in blockchain-based government data sharing: a service-on-chain (SOC) approach[J]. Information Processing & Management, 2021, 58(5): 102651.
[4] LIU S H, CHEN L Q, YU H T, et al. BP-AKAA: blockchain-enforced privacy-preserving authentication and key agreement and access control for IIoT[J]. Journal of Information Security and Applications, 2023, 73: 103443.
[5] LI X Y, ZHAO H M, DENG W. BFOD: blockchain-based privacy protection and security sharing scheme of flight operation data[J]. IEEE Internet of Things Journal, 2024, 11(2): 3392-3401.
[6] MA R N, ZHANG L Y, WU Q, et al. BE-TRDSS: blockchain-enabled secure and efficient traceable-revocable data-sharing scheme in industrial Internet of things[J]. IEEE Transactions on Industrial Informatics, 2023, 19(11): 10821-10830.
[7] 熊啸, 李雷孝, 高静, 等. 区块链在车联网数据共享领域的研究进展[J]. 计算机科学与探索, 2022, 16(5): 1008-1024.
XIONG X, LI L X, GAO J, et al. Research progress of blockchain in Internet of vehicles data sharing[J]. Journal of Frontiers of Computer Science and Technology, 2022, 16(5): 1008-1024.
[8] EBRAHIMI A M, ADAMS B, OLIVA G A, et al. A large-scale exploratory study on the proxy pattern in ethereum[J]. Empirical Software Engineering, 2024, 29(4): 81.
[9] SAJID ULLAH S, OLESHCHUK V, PUSSEWALAGE H S G. A survey on blockchain envisioned attribute based access control for Internet of things: overview, comparative analysis, and open research challenges[J]. Computer Networks, 2023, 235: 109994.
[10] 韦可欣, 李雷孝, 高昊昱, 等. 区块链访问控制技术在车联网中的应用研究综述与展望[J]. 计算机工程与应用, 2023, 59(24): 26-45.
WEI K X, LI L X, GAO H Y, et al. Review and prospect of blockchain access control technology in Internet of vehicles[J]. Computer Engineering and Applications, 2023, 59(24): 26-45.
[11] SOOKHAK M, JABBARPOUR M R, SAFA N S, et al. Blockchain and smart contract for access control in healthcare: a survey, issues and challenges, and open issues[J]. Journal of Network and Computer Applications, 2021, 178: 102950.
[12] POLITOU E, CASINO F, ALEPIS E, et al. Blockchain mutability: challenges and proposed solutions[J]. IEEE Transactions on Emerging Topics in Computing, 2021, 9(4): 1972-1986.
[13] ZHENG Z B, XIE S A, DAI H N, et al. An overview of blockchain technology: architecture, consensus, and future trends[C]//Proceedings of the 2017 IEEE International Congress on Big Data. Piscataway: IEEE, 2017: 557-564.
[14] YE Q, LANG Y K, GUO H F, et al. Efficient lattice-based traceable ring signature scheme with its application in blockchain[J]. Information Sciences, 2023, 648: 119536.
[15] XIE M Y, LIU J, CHEN S Y, et al. Primary node election based on probabilistic linguistic term set with confidence interval in the PBFT consensus mechanism for blockchain[J]. Complex & Intelligent Systems, 2023, 9(2): 1507-1524.
[16] JIANG Z G, ZHENG Z B, CHEN K, et al. Exploring smart contract recommendation: towards efficient blockchain development[J]. IEEE Transactions on Services Computing, 2023, 16(3): 1822-1832.
[17] DELMOLINO K, ARNETT M, KOSBA A, et al. Step by step towards creating a safe smart contract: lessons and insights from a cryptocurrency lab[C]//Proceedings of the 2016 International Workshops on Financial Cryptography and Data Security. Cham: Springer, 2016: 79-94.
[18] ZHENG Z B, XIE S A, DAI H N, et al. An overview on smart contracts: challenges, advances and platforms[J]. Future Generation Computer Systems, 2020, 105: 475-491.
[19] 卢玉, 王静宇, 刘立新, 等. 拍卖机制驱动的数据激励共享方案[J]. 计算机科学与探索, 2024, 18(8): 2203-2220.
LU Y, WANG J Y, LIU L X, et al. Auction mechanism driven data incentive sharing solution[J]. Journal of Frontiers of Computer Science and Technology, 2024, 18(8): 2203-2220.
[20] JUSSEN I, M?LLER F, SCHWEIHOFF J, et al. Issues in inter-organizational data sharing: findings from practice and research challenges[J]. Data & Knowledge Engineering, 2024, 150: 102280.
[21] MA W, WEI X B, WANG L L. A security-oriented data-sharing scheme based on blockchain[J]. Applied Sciences, 2024, 14(16): 6940.
[22] OKEGBILE S D, CAI J, ALFA A S. Practical Byzantine fault tolerance-enhanced blockchain-enabled data sharing system: latency and age of data package analysis[J]. IEEE Transactions on Mobile Computing, 2024, 23(1): 737-753.
[23] WANG Z, LIN J Q, CAI Q W, et al. Blockchain-based certificate transparency and revocation transparency[J]. IEEE Transactions on Dependable and Secure Computing, 2022, 19(1): 681-697.
[24] FONG P W L. Relationship-based access control: protection model and policy language[C]//Proceedings of the 1st ACM Conference on Data and Application Security and Privacy. New York: ACM, 2011: 191-202.
[25] YUAN E, TONG J. Attributed based access control (ABAC) for web services[C]//Proceedings of the 2005 IEEE International Conference on Web Services. Piscataway: IEEE, 2005: 569.
[26] FERRAIOLO D F, CUGINI J A, KUHN D R. Role-based access control (RBAC): features and motivations[C]//Proceedings of the 11th Annual Computer Security Application Conference, 1995: 241-248.
[27] NAKAMURA S, ENOKIDO T, TAKIZAWA M. Information flow control based on capability token validity for secure IoT: implementation and evaluation[J]. Internet of Things, 2021, 15: 100423.
[28] 王于丁, 杨家海, 徐聪, 等. 云计算访问控制技术研究综述[J]. 软件学报, 2015, 26(5): 1129-1150.
WANG Y D, YANG J H, XU C, et al. Survey on access control technologies for cloud computing[J]. Journal of Software, 2015, 26(5): 1129-1150.
[29] CRUZ J P, KAJI Y, YANAI N. RBAC-SC: role-based access control using smart contract[J]. IEEE Access, 2018, 6: 12240-12251.
[30] GAI K K, SHE Y F, ZHU L H, et al. A blockchain-based access control scheme for zero trust cross-organizational data sharing[J]. ACM Transactions on Internet Technology, 2023, 23(3): 1-25.
[31] ZAIDI T, USMAN M, AFTAB M U, et al. Fabrication of flexible role-based access control based on blockchain for Internet of things use cases[J]. IEEE Access, 2023, 11: 106315-106333.
[32] HAO X H, REN W, FEI Y Y, et al. A blockchain-based cross-domain and autonomous access control scheme for Internet of things[J]. IEEE Transactions on Services Computing, 2023, 16(2): 773-786.
[33] ZHANG Y Y, YUTAKA M, SASABE M, et al. Attribute-based access control for smart cities: a smart-contract-driven framework[J]. IEEE Internet of Things Journal, 2021, 8(8): 6372-6384.
[34] WANG P, XU N, ZHANG H B, et al. Dynamic access control and trust management for blockchain-empowered IoT[J]. IEEE Internet of Things Journal, 2022, 9(15): 12997-13009.
[35] LI Z Y, HAO J L, LIU J, et al. An IoT-applicable access control model under double-layer blockchain[J]. IEEE Transactions on Circuits and Systems II: Express Briefs, 2021, 68(6): 2102-2106.
[36] LI J T, HAN D Z, WU Z D, et al. A novel system for medical equipment supply chain traceability based on alliance chain and attribute and role access control[J]. Future Generation Computer Systems, 2023, 142: 195-211.
[37] HATHALIYA J J, TANWAR S. Role and attribute-based access control scheme for decentralized medicine supply chain[J]. Journal of Information Security and Applications, 2024, 85: 103851.
[38] AKHTAR A, BARATI M, SHAFIQ B, et al. Blockchain based auditable access control for business processes with event driven policies[J]. IEEE Transactions on Dependable and Secure Computing, 2024, 21(5): 4699-4716.
[39] DI FRANCESCO MAESA D, MORI P, RICCI L. Blockchain based access control[C]//Proceedings of the 17th IFIP WG 6.1 International Conference on Distributed Applications and Interoperable Systems. Cham: Springer, 2017: 206-220.
[40] ROUHANI S, BELCHIOR R, CRUZ R S, et al. Distributed attribute-based access control system using permissioned blockchain[J]. World Wide Web, 2021, 24(5): 1617-1644.
[41] CHEN E, ZHU Y, ZHOU Z Y, et al. Policychain: a decentralized authorization service with script-driven policy on blockchain for Internet of things[J]. IEEE Internet of Things Journal, 2022, 9(7): 5391-5409.
[42] DI FRANCESCO MAESA D, MORI P, RICCI L. A blockchain based approach for the definition of auditable access control systems[J]. Computers & Security, 2019, 84: 93-119.
[43] ACHOUR I, AYED S, IDOUDI H. On the implementation of access control in ethereum blockchain[C]//Proceedings of the 2021 International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies. Piscataway: IEEE, 2021: 483-487.
[44] BELLAJ B, OUADDAH A, CRESPI N, et al. A transpilation-based approach to writing secure access control smart contracts[C]//Proceedings of the 2023 5th Conference on Blockchain Research & Applications for Innovative Networks and Services. Piscataway: IEEE, 2023: 1-7.
[45] GAO S, PIAO G R, ZHU J M, et al. TrustAccess: a trustworthy secure ciphertext-policy and attribute hiding access control scheme based on blockchain[J]. IEEE Transactions on Vehicular Technology, 2020, 69(6): 5784-5798.
[46] WU N N, XU L, ZHU L H. A blockchain based access control scheme with hidden policy and attribute[J]. Future Generation Computer Systems, 2023, 141: 186-196.
[47] YANG K W, YANG B, ZHOU Y W, et al. Privacy protection of task in crowdsourcing: policy-hiding and attribute updating attribute-based access control based on blockchain[J]. Wireless Communications and Mobile Computing, 2022: 7787866.
[48] DAI W Q, TUO S Y, YU L L, et al. HAPPS: a hidden attribute and privilege-protection data-sharing scheme with verifiability[J]. IEEE Internet of Things Journal, 2022, 9(24): 25538-25550.
[49] MA H B, ZHOU D H, LI P, et al. EVOAC-HP: an efficient and verifiable outsourced access control scheme with hidden policy[J]. Sensors, 2023, 23(9): 4384.
[50] WANG L Y, DING W X, YAN Z, et al. EDDAC: an efficient and decentralized data access control scheme with attribute privacy preservation[J]. IEEE Internet of Things Journal, 2024, 11(8): 14579-14592.
[51] ZHANG Z Q, ZHANG J B, YUAN Y L, et al. An expressive fully policy-hidden ciphertext policy attribute-based encryption scheme with credible verification based on blockchain[J]. IEEE Internet of Things Journal, 2022, 9(11): 8681-8692.
[52] KOTHA S K, RANI M S, SUBEDI B, et al. A comprehensive review on secure data sharing in cloud environment[J]. Wireless Personal Communications, 2022, 127(3): 2161-2188.
[53] GUO L F, YANG X L, YAU W C. TABE-DAC: efficient traceable attribute-based encryption scheme with dynamic access control based on blockchain[J]. IEEE Access, 2021, 9: 8479-8490.
[54] ZHANG Q Y, XU C, ZHONG H, et al. Revocable and efficient blockchain-based fine-grained access control against EDoS attacks in cloud storage[J]. IEEE Transactions on Computers, 2024, 73(8): 2012-2024.
[55] FENG L B, LIN J Y, QIU F, et al. SDAC-BBPP: a secure dynamic access control scheme with blockchain-based privacy protection for IIoT[J]. IEEE Transactions on Network and Service Management, 2024, 21(3): 3179-3193.
[56] LI J H, LI D M, ZHANG X M. A secure blockchain-assisted access control scheme for smart healthcare system in fog computing[J]. IEEE Internet of Things Journal, 2023, 10(18): 15980-15989.
[57] GE C P, LIU Z, SUSILO W, et al. Attribute-based encryption with reliable outsourced decryption in cloud computing using smart contract[J]. IEEE Transactions on Dependable and Secure Computing, 2024, 21(2): 937-948.
[58] 周权, 卫凯俊, 陈民辉, 等. 基于区块链的国密轻量级属性基访问控制方案[J]. 密码学报, 2024, 11(5): 1126-1138.
ZHOU Q, WEI K J, CHEN M H, et al. Blockchain-based domestic cryptographic lightweight attribte-based access control scheme[J]. Journal of Cryptologic Research, 2024, 11(5): 1126-1138.
[59] XIAO M Y, HUANG Q, MIAO Y, et al. Blockchain based multi-authority fine-grained access control system with flexible revocation[J]. IEEE Transactions on Services Computing, 2022, 15(6): 3143-3155.
[60] REN Z X, YU Y M, YAN E H, et al. L2-MA-CPABE: a ciphertext access control scheme integrating blockchain and off-chain computation with zero knowledge proof[J]. Journal of King Saud University - Computer and Information Sciences, 2024, 36(10): 102247.
[61] JIANG P, LIU Q, ZHU L H. SanIdea: exploiting secure blockchain-based access control via sanitizable encryption[J]. IEEE Transactions on Information Forensics and Security, 2023, 19: 1589-1600.
[62] CHEN Y W, MENG L H, ZHOU H, et al. A blockchain-based medical data sharing mechanism with attribute-based access control and privacy protection[J]. Wireless Communications and Mobile Computing, 2021(1): 6685762.
[63] SU J, ZHANG L Y, MU Y. BA-RMKABSE: blockchain-aided ranked multi-keyword attribute-based searchable encryption with hiding policy for smart health system[J]. Future Generation Computer Systems, 2022, 132: 299-309.
[64] XU Z G, ZHANG S G, HAN H M, et al. Blockchain-aided searchable encryption-based two-way attribute access control research[J]. Security and Communication Networks, 2022(1): 2410455.
[65] LI P, ZHOU D H, MA H B, et al. Flexible and secure access control for EHR sharing based on blockchain[J]. Journal of Systems Architecture, 2024, 146: 103033.
[66] DU R Z, MA C X, LI M Y. Privacy-preserving searchable encryption scheme based on public and private blockchains[J]. Tsinghua Science and Technology, 2023, 28(1): 13-26.
[67] 周雄, 王峥, 程哲凡. 车联网中的区块链和可搜索加密数据共享方案[J/OL]. 小型微型计算机系统 [2024-11-07].http://kns.cnki.net/kcms/detail/21.1106.TP.20241105.1704. 028.html.
ZHOU X, WANG Z, CHENG Z F. Blockchain and searchable encrypted data sharing scheme in Internet of vehicles[J/OL]. Journal of Chinese Computer Systems [2024-11-07].http://kns.cnki.net/kcms/detail/21.1106.TP.20241105.1704.028. html.
[68] GAO H M, LUO S S, MA Z F, et al. BFR-SE: a blockchain-based fair and reliable searchable encryption scheme for IoT with fine-grained access control in cloud environment[J]. Wireless Communications and Mobile Computing, 2021(1): 5340116.
[69] LIANG W, YANG Y, YANG C, et al. PDPChain: a consortium blockchain-based privacy protection scheme for personal data[J]. IEEE Transactions on Reliability, 2023, 72(2): 586-598.
[70] REGUEIRO C, SECO I, DE DIEGO S, et al. Privacy-enhancing distributed protocol for data aggregation based on blockchain and homomorphic encryption[J]. Information Processing & Management, 2021, 58(6): 102745.
[71] ZENG S C, HSU C, HARN L, et al. Efficient and privacy-preserving skyline queries over encrypted data under a blockchain-based audit architecture[J]. IEEE Transactions on Knowledge and Data Engineering, 2024, 36(9): 4603-4617.
[72] CHEN P C, KUO T H, WU J L. A study of the applicability of ideal lattice-based fully homomorphic encryption scheme to ethereum blockchain[J]. IEEE Systems Journal, 2021, 15(2): 1528-1539.
[73] MA Z F, WANG J Y, GAI K K, et al. Fully homomorphic encryption-based privacy-preserving scheme for cross edge blockchain network[J]. Journal of Systems Architecture, 2023, 134: 102782.
[74] MANZOOR A, BRAEKEN A, KANHERE S S, et al. Proxy re-encryption enabled secure and anonymous IoT data sharing platform based on blockchain[J]. Journal of Network and Computer Applications, 2021, 176: 102917.
[75] LONG Y Y, PENG C G, CHEN Y L, et al. BFFDT: blockchain-based fair and fine-grained data trading using proxy re-encryption and verifiable commitment[J]. IEEE Internet of Things Journal, 2024, 11(23): 38508-38520.
[76] 郭庆, 田有亮, 万良. 基于代理重加密的区块链数据受控共享方案[J]. 电子学报, 2023, 51(2): 477-488.
GUO Q, TIAN Y L, WAN L. Blockchain data controlled sharing scheme based on proxy re-encryption[J]. Acta Electronica Sinica, 2023, 51(2): 477-488.
[77] WANG F Q, CUI J, ZHANG Q Y, et al. Lightweight and secure data sharing based on proxy re-encryption for blockchain-enabled industrial Internet of things[J]. IEEE Internet of Things Journal, 2024, 11(8): 14115-14126.
[78] CHEN B W, HE D B, KUMAR N, et al. A blockchain-based proxy re-encryption with equality test for vehicular communication systems[J]. IEEE Transactions on Network Science and Engineering, 2021, 8(3): 2048-2059.
[79] GOSWAMI P, FAUJDAR N, DEBNATH S, et al. ZSS signature-based audit message verification process for cloud data integrity[J]. IEEE Access, 2023, 11: 145485-145502.
[80] BERA B, SAHA S, DAS A K, et al. Designing blockchain-based access control protocol in IoT-enabled smart-grid system[J]. IEEE Internet of Things Journal, 2021, 8(7): 5744-5761.
[81] EGALA B S, PRADHAN A K, BADARLA V, et al. Fortified-chain: a blockchain-based framework for security and privacy-assured Internet of medical things with effective access control[J]. IEEE Internet of Things Journal, 2021, 8(14): 11717-11731.
[82] WEI P C, WANG D H, ZHAO Y, et al. Blockchain data-based cloud data integrity protection mechanism[J]. Future Generation Computer Systems, 2020, 102: 902-911.
[83] LIU H Y, HUANG H, ZHOU Y P, et al. Improvement of blockchain-based multi-layer location data sharing scheme for Internet of things[J]. Computer Communications, 2023, 201: 131-142.
[84] QIN X M, HUANG Y F, YANG Z, et al. LBAC: a lightweight blockchain-based access control scheme for the Internet of things[J]. Information Sciences, 2021, 554: 222-235.
[85] PUTRA G D, DEDEOGLU V, KANHERE S S, et al. Trust-based blockchain authorization for IoT[J]. IEEE Transactions on Network and Service Management, 2021, 18(2): 1646-1658.
[86] HUANG M M, YUAN L Y, PAN X, et al. Trusted edge and cross-domain privacy enhancement model under multi-blockchain[J]. Computer Networks, 2023, 234: 109881.
[87] TIAN J, TIAN J F, DU R Z. MSLShard: an efficient sharding-based trust management framework for blockchain-empowered IoT access control[J]. Journal of Parallel and Distributed Computing, 2024, 185: 104795.
[88] ALQBAISHI A A, AHMED A E S. Reputation evaluation using fuzzy logic for blockchain-based access control in an IoT environment[J]. IEEE Access, 2024, 12: 97386-97404.
[89] HEWA T, YLIANTTILA M, LIYANAGE M. Survey on blockchain based smart contracts: applications, opportunities and challenges[J]. Journal of Network and Computer Applications, 2021, 177: 102857.
[90] SAHA R, KUMAR G, CONTI M, et al. DHACS: smart contract-based decentralized hybrid access control for industrial Internet-of-things[J]. IEEE Transactions on Industrial Informatics, 2022, 18(5): 3452-3461.
[91] TAPAS N, LONGO F, MERLINO G, et al. Experimenting with smart contracts for access control and delegation in IoT[J]. Future Generation Computer Systems, 2020, 111: 324-338.
[92] XIE M D, FU Q, HONG H B, et al. ABBDAC: a novel attribute-based blockchain data access control scheme in cloud environment[J]. IEEE Internet of Things Journal, 2024, 11(24): 40218-40228.