SC-RBAC: A Smart Contract based RBAC Model for DApps

Blockchain technology with its non-centralized, transparent, trustful, traceable and tamper-resistant features draws more and more attention both in commercial and scientific area. Smart contracts and DApps (Decentralized Applications) are programs naturally running automatically on blockchain. Access control is a principle that regulates the access to critical resources. RBAC (Role based Access Control) is one of access control mechanisms and it involves three parts: user, role and permission, with their relations, corresponding to real business. However, traditional implementation of RBAC relies on centralized server which is in danger of being modified, invaded or a single point of failure. The paper proposes a decentralized and smart contract based RBAC model named SC-RBAC for DApps. It is developed by Ethereum’s Solidity and offers a strong compatibility with different DApps. The features of SC-RBAC associated with flexible interfaces, traceability and security enrich the community of DApps. The results of two experiments are discussed to evaluate the overheads of SC-RBAC model.