DEVELOPMENT OF ACCESS CONTROL ON IPFS FILE SYSTEM
Rapid technological developments encourage the migration of conventional data storage to digital data in the form of a file system. The use of blockchain technology and IPFS is often popularly used to build a secure and distributed file storage system. However, there still are some problems in...
Saved in:
| Main Author: | |
|---|---|
| Format: | Final Project |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/56325 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| Summary: | Rapid technological developments encourage the migration of conventional data
storage to digital data in the form of a file system. The use of blockchain technology
and IPFS is often popularly used to build a secure and distributed file storage
system. However, there still are some problems in maintaining the confidentiality
of the stored data and access control. Therefore, in this final project, a system is
proposed to handle access control problems with encryption processes and
mechanisms of key sharing for several users who have access rights. The encryption
process is carried out to maintain the confidentiality of the data, while the key
sharing is carried out to define the access control. The built-in access control
regulates access rights to the process grant and revokes access and transfer files.
The author builds a file system consisting of client applications connected to IPFS
and Hyperledger Fabric as the blockchain network. The encryption and key sharing
process are carried out on the client application. Any files encrypted will be stored
on IPFS, while the file metadata will be stored on the Hyperledger Fabric. Testing
is done by building applications that are connected to the storage system and tested
in terms of functionality and security. The entire functional test scenario includes
the process of sharing files, file transfer, and system security factors include files
stored on IPFS which are encrypted files. Any user with access rights to the files
can conduct operations against the file, while users who do not have access to or
have already been revoked access to a file, can not carry out any operation on the
file, assuming the user does not save the file before being revoked access. Thus,
access control is successfully established and the data is stored in the system kept
confidential. However, the system built still has limitations in key security
protection in the client application because the file encryption process is carried out
on the client application. |
|---|