Open Access

ARTICLE

EduASAC: A Blockchain-Based Education Archive Sharing and Access Control System

Ronglei Hu¹, Chuce He¹, Yaping Chi², Xiaoyi Duan¹, Xiaohong Fan¹, Ping Xu¹, Wenbin Gao^1,*

1 Department of Electronics and Communication Engineering, Beijing Electronic Science and Technology Institute, Beijing, 100070, China
2 Department of Cyberspace Security, Beijing Electronic Science and Technology Institute, Beijing, 100070, China

* Corresponding Author: Wenbin Gao. Email:

Computers, Materials & Continua 2023, 77(3), 3387-3422. https://doi.org/10.32604/cmc.2023.042000

Received 14 May 2023; Accepted 03 November 2023; Issue published 26 December 2023

Abstract

In the education archive sharing system, when performing homomorphic ciphertext retrieval on the storage server, there are problems such as low security of shared data, confusing parameter management, and weak access control. This paper proposes an Education Archives Sharing and Access Control (EduASAC) system to solve these problems. The system research goal is to realize the sharing of security parameters, the execution of access control, and the recording of system behaviors based on the blockchain network, ensuring the legitimacy of shared membership and the security of education archives. At the same time, the system can be combined with most homomorphic ciphertext retrieval schemes running on the storage server, making the homomorphic ciphertext retrieval mechanism controllable. This paper focuses on the blockchain access control framework and specifically designs smart contracts that conform to the business logic of the EduASAC system. The former adopts a dual-mode access control mechanism combining Discretionary Access Control (DAC) and Mandatory Access Control (MAC) and improves the tagging mode after user permission verification based on the Authentication and Authorization for Constrained Environments (ACE) authorization framework of Open Authorization (OAuth) 2.0; the latter is used in the system to vote on nodes to join requests, define access control policies, execute permission verification processes, store, and share system parameters, and standardize the behavior of member nodes. Finally, the EduASAC system realizes the encryption, storage, retrieval, sharing, and access control processes of education archives. To verify the performance of the system, simulation experiments were conducted. The results show that the EduASAC system can meet the high security needs of education archive sharing and ensure the system’s high throughput, low latency, fast decision-making, and fine-grained access control ability.

---

Keywords

---