THE DEVELOPMENT OF BLOCKCHAIN-BASED ACCESS CONTROL WITH A DECENTRALIZED XACML APPROACH: A CASE STUDY ON PAYMENT GATEWAY
Entering the digital era, the need for secure and reliable access control is increasingly critical, especially in the context of financial transactions, which have significantly evolved from traditional methods to digital solutions. Blockchain has emerged as an innovative solution to address issu...
Saved in:
| Main Author: | |
|---|---|
| Format: | Final Project |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/85479 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| Summary: | Entering the digital era, the need for secure and reliable access control is increasingly
critical, especially in the context of financial transactions, which have significantly
evolved from traditional methods to digital solutions. Blockchain has emerged as an
innovative solution to address issues of data integrity and reliance on a single point of
failure faced by conventional databases. Through decentralization, blockchain offers a
new way to maintain data integrity, ensuring that each transaction is recorded
permanently and cannot be altered without consensus.
To implement dynamic and adaptive access control, the concept of Attribute-Based
Access Control (ABAC) is used. Within this ABAC approach, XACML is chosen as the
framework due to its capability to define complex and adaptive access policies. The
payment gateway case study is selected to test and implement a prototype of the
Blockchain-Based Access Control (BAC) system with the XACML approach, involving
three main entities: merchant, attribute authority, and payment provider. In the system
development, the BRMS Engine is used for complex decision-making, stored on
blockchain chaincode.
The system implementation is proof-of-concept, where the blockchain network is run
locally using the Hyperledger Fabric test-network template. The system encompasses
three decentralized applications for the merchant, attribute authority, and payment
provider, managing attributes, policies, and payment transactions. Test results indicate
that the blockchain-based access control system successfully enhances transaction data
integrity, with auditability proven to be transparent. The blockchain approach with
XACML shows great potential as a solution to address the weaknesses of traditional
access control systems in payment gateways. |
|---|