AuthPrivacyChain: A Blockchain-Based Access Control Framework With Privacy Protection in Cloud

Cloud is a computing model that provides sharing and supports ubiquitous on-demand access computing, providing new data processing and services for many industries, significantly reducing user computing and storage costs, and improving ease of use. With the development of cloud-scale and intensification, cloud security has become an essential issue in the field of cloud computing. Access control is one of the critical security technologies for protecting sensitive data stored in the cloud by enterprises and individuals. Since the centralized access control mechanism is adopted in the cloud, the sensitive data in the cloud are easy to be tampered with or leaked by hackers or cloud internal managers. To address this issue, we propose a blockchain-based access control framework with privacy protection called AuthPrivacyChain. Firstly, we use the account address of the node in blockchain as the identity, and at the same time, redefine the access control permission of data for the cloud, which is encrypted and stored in blockchain. After that, we design processes of access control, authorization, and authorization revocation in AuthPrivacyChain. Finally, we implement AuthPrivacyChain based on enterprise operation system (EOS), and the results show that AuthPrivacyChain can not only prevent hackers and administrators from illegally accessing resources, but also protect authorized privacy.


I. INTRODUCTION
Cloud computing [1]- [3], as a new computing model, can provide users with services of omnipresence, and reduce the cost of user storage and computing, and improve the convenience of use, so more and more businesses and individuals choose to store data in cloud. However, with the development of cloud computing scale and intensification, research on fog computing and edge computing has also gradually risen [4]- [6], cloud security issues have become an important factor restricting cloud computing development [7]- [9]. In July 2017, the cloud security alliance (CSA) published a ''Security The associate editor coordinating the review of this manuscript and approving it for publication was Jun Wu . Guidance for Critical Areas of Focus in Cloud Computing v4.0'' [10], which identified 14 cloud computing security focus areas, among which access control is one of the core technologies of cloud security. Meanwhile, access control is also the current research hotspot [11]- [13], the purpose is to use access control to prevent resources stored in cloud from being accessed or stolen by illegal users. The main three service systems of cloud computing, infrastructure as a service (IaaS), platform as a service (PaaS) and software as a service (SaaS), all need to protect relevant resources through access control [14], so access control plays an important role in cloud.
Compared with the traditional computing model, the computing and storage mode of cloud computing have undergone many changes, which are mainly reflected in the following five aspects: 1) users cannot control the resources in cloud; 2) lack of trust between users and cloud; 3) migration technology may cause data to change the security domain; 4) multitenant technology makes the access subject to be redefined; 5) virtualization technology may lead resources to be stolen on the same physical device [15]. With these challenges, a lot of researches in cloud access control has appeared in academia [16]- [21] and the industry has also tried to implement existing access control technologies. However, both of them have centralized storage and management modes for identity, key, authority, authentication information, etc [22]. So the access control technology still has two aspects problem of security and privacy: 1) An external attacker attacks the trusted center, tamper with the authorized database stored on the central server, and illegally access or steal the resources stored by users in cloud. 2) The system administrator of cloud manages the authorization database and has the right to access and manage the resources, so a malicious system administrator of cloud may take advantage of the privilege to illegally access the resources or tampering the authorization database to illegally access. In this paper, we propose AuthPrivacyChain -a blockchain-based access control framework with privacy protection in cloud to solve the above problems. Our contributions are as follows: • Decentralized access control architecture. Authprivacychain uses the decentralized and tamper-proof blockchain [23]- [25] to store access control rights and uses blockchain account address as the identity, then design the access control, authorization and authorization revocation process.
• Authorized privacy protection. Due to the transparency of blockchain, it is easy to disclose users' privacy. Authprivacychain encrypts and stores access control rights in blockchain, effectively protecting the privacy of users.
• Security. Authprivacychain can not only guarantee the confidentiality, integrity, availability, authenticity and accountability of the resources, but also resist various external and internal attacks. Paper organization. The section II introduces related work. Section III introduces the problem and attack model. Section IV Introduces AuthPrivacychain's access control process, authorization process and authorization revocation process in detail. Section V analyzes the security of the AuthPriva-cyChain. Section VI is experiments and performance tests. Finally, summarizes in Section VII.

II. RELATED WORK
In this section, we discuss the current research status of traditional cloud computing access control and then discuss the research status of using blockchain combined with cloud, especially to solve cloud security issues, including cloud access control issues. Finally, makes a brief summary of the current status of cloud access control research.
In the era of big data, the security of information content and storage has received much attention [26], [27], as one of the important means to solve cloud security in the field of cloud computing, there are many research achievements in cloud access control, mainly includes three aspects. First, in terms of the access control model of cloud computing, including task-based, attribute-based, usage control (UCON) based and Bell-LaPadula (BLP) based access control models. For attribute-based access control, [28] combined role-based access control (RBAC) and attribute-based access control (ABAC), the upper layer was composed of RBAC to support model validation and review, while the lower layer used the characteristics of ABAC to automatically create RBAC models. For UCON-based access control, [29] proposed a new UCON model to solve subject attribute variability and obligation processing in cloud. For BLP-based access control, [30] proposed a virtual machine system based on the BLP model, which realized simple virtual machine isolation and efficient sharing. Second, in terms of access control based on the attribute-based encryption (ABE) cryptosystem, [31] proposed an access control framework that could authenticate users and protected the privacy of data in cloud, and ABE encryption storage of data could be carried out after the authentication. Reference [32] proposed a multi-authorization center access control model and certificate authority (CA) managed unique user identifier (UID) and the unique authorization identifier (AID) for each user. Finally, In terms of multi-tenancy and virtualized access control in cloud, [33] proposed a multi-tenancy based on access control model, tenants were only responsible for managing their own access control, while cloud service provider (CSP) was responsible for adding, deleting and managing cloud tenants, and was responsible for related security issues. Reference [34] proposed and designed rolebased multi-tenant access control (RB-MTAC). This model can determine user identity and applicable roles through user identity management and achieves data and program isolation through efficient management of tenant access rights, aiming to improve multi-tenant security and privacy in cloud. Reference [20] proposed a hypervisor-based multi-tenant access control mechanism: CloudPolice, which used the hypervisor to dynamically coordinate the virtual machine access control policies.
With the rise of blockchain [35], [36], there are a lot of research achievements that combine blockchain technology with cloud technology. First, in the service combination, [37] proposed a service composition strategy based on the service overlay networks (SON) theory and designed an efficient service path generation algorithm across the service overlay layer. Second, in the service fees, [38] proposed a blockchain concept of market negotiation, aiming to solve the problem of multiple rounds of a bilateral negotiation between consumers and cloud service transactions in the future. Reference [39] introduced the fair payment framework BPay of cloud VOLUME 8, 2020 computing outsourcing services based on the blockchain, which was compatible with bitcoin blockchain and ethereum blockchain.
In addition, research on the use of blockchain to solve cloud security has become popular, but most of them are research on specific security aspects. First, in terms of data storage, [40] proposed a distributed cloud storage security architecture, and before uploading files, the files were divided into encrypted data blocks and then the design of a genetic algorithm designed to solve the problem of file copy placement. According to the European SUNFISH project data integrity problem, [41] proposed a used in cloud database design based on the blockchain, to ensure data integrity. Reference [42] proposed a safe system of distributed data storage and keyword search service BlockDS to solve the traditional reliance on a trusted third party in cloud storage as large storage providers. Second, in terms of data sources, [43] proposed a blockchain-based cloud data source framework to solve the problem of reliability data sources in cloud platforms by using blockchain consensus mechanism. Reference [44] proposed a distributed trusted cloud data source system to prevent tampering by collecting and verifying cloud data sources and embedding source data into blockchain transactions. Reference [45] designed a proofof-stake (PoS) based coherence protocol CloudPoS to solve the problem of a consistency model based on an encrypted stream in the traditional data source system and improve security. Finally, in terms of deposit certificate, [46] proposed a cloud data deletion protocol to solve the behavior of tampering users by tampering with data deletion results when cloud server is not trusted. Reference [47] proposed a cloud computing electronic forensics model to improve evidence preservation based on merkle tree and formula algorithm, aiming at solving the centralized electronic forensics in cloud computing environment. Reference [48] combined blockchain and cryptographic signature techniques to propose a cloud forensics scheme, but the scheme relied too heavily on trusted center nodes CA and provenance auditor (PA).
However, the current research using blockchain to solve cloud access control is still in its infancy. Reference [49] proposed a system to solve the medical data sharing problem of medical big data servers in the untrusted environment, the two-layer blockchain designed by the system was based on a completely consistent mechanism. Reference [50] proposed a multi-user system prototype to solve the problem of access control of data in the untrusted cloud and design a set of cryptographic protocols to ensure key privacy. Reference [51] proposed an ABE access control in cloud, but ABE was not extensible when the user revoked.
In conclusion, although the academic circle has made a lot of research achievements in the above, there are still many shortcomings in the related research on using blockchain to solve cloud access control, especially there are few research achievements in cloud access control with privacy protection.

III. PROBLEM
Whether it is the three types of access control methods in cloud studied by academic or cloud access control actually used by industry, there are two common characteristics: • One or more trusted centers. The three types of access control proposed by the academic, including traditional cloud access control models, encryption-based access control models, and virtualized access control, all require one or more trusted centers to store identities, keys, authorization rights, etc. First, in cloud access control model, the UCON-based model requires trusted centers to store access rights and permissions-related obligations and conditions. Second, in encryption-based access control, ABE-based access control requires one or more trusted centers to manage and distribute the keys. Finally, in virtualization access control, store the access control rights of virtual machines (VMs) in a trusted center. In addition, the cloud access control actually used in the industry requires a trusted center to store user identity information and access rights.
• Internal trusted system administrator (SA). Cloud provides three typical services for users: IaaS, PaaS and SaaS. Although they provide different services, all of them need internal trusted SA to manage access policies. For example, IaaS mainly provides users with computing power and storage space and requires SA to monitor and manage access to infrastructure environments. PaaS mainly provides users with a platform for developing and executing applications, which requires SA monitors and manages the access control of the platform; SaaS mainly provides users with the applications they need and also requires SA to manage and maintain the access control policies. In conclusion, as shown in Figure 1, the advanced view of cloud access control can abstract four entities: CSP, data user (DU), data owner (DO), SA. SA managing the access control policy database (ACPD).
Due to the two characteristics mentioned above in cloud access control, there are two problems when attacked: Problem 1 External Attackers Tamper With ACPD: Attackers attack trusted authorization centers, and tamper with ACPD, causing data leakage or steal data. For instance, an attacker steals ACPD and impersonates an authorized user to access or steal resources, or tampers with ACPD, increasing permissions for illegal access, or deletes legitimate user permissions, destroying confidentiality, availability and integrity.
Problem 2 Malicious SA Privilegs Access or Tampers With ACPD For instance, malicious SA uses his/her privilege to bypass identity authentication and access resources illegally, causing privacy leaks and destroying confidentiality and integrity; malicious SA tampers with ACPD, causing privacy leaks and destroying confidentiality, integrity and availability.

IV. AN ACCESS CONTROL FRAMEWORK WITH PRIVACY PROTECTION
In order to solve the above problems, we propose AuthPri-vacyChain -a blockchain-based access control framework with privacy protection in cloud. This Section contains the system model, initialization, access control, authorization, and revocation. The system model is shown in Figure 2, which is consisted of four entities: • Cloud. It provides authentication and data storage for users. Cloud determines access rights of DU or DO by Blockchain.
• Blockchain. It is open, transparent, tamper-proof, and irreversible, and the same as the distributed database, we use it as an authorization policy database for access control.
• DO. DO uploads the resources to Cloud and publishes the resource's access rights to Blockchain.
• DU. DU can access the resources if he has permission from Cloud. We assume Cloud is semi-trusted, that is, the software, hardware, asymmetric key and business processes of the Cloud are trusted, but the Cloud SA is not. Blockchain is assumed to be trustful. First, DO uploads the resources to the Cloud and then publishes authorization by registration transactions in blockchain. DU sends a resource request to Cloud, and Cloud queries blockchain, and judge whether the request has permission, finally reply to the request. Next, we will introduce some symbols used later. First, we listed some important functions and symbols, as shown in Table 1. Then, we listed some key fields and set, as shown in Table 2.

A. INITIALIZATION
Initialization consists of three entity registrations (Cloud, DO and DU) and resource publishing.

1) REGISTRATION OF CLOUD
For becoming a legitimate user or node of blockchain, Cloud, DO and DU must registration in blockchain firstly. Before designing registration workflow, we introduce three function including KGen, AGen and SynData, and one interface ISave, which all have been realized by blockchain. KGen() aims to generate K W which input null, and output K W ; AGen() aims to create wallet address, and input K pub , output Addr; SynData() aims to synchronize data from time t i to t j . It input t i and t j , output blockdata ij . ISave() is a blockchain storage interface that inputs address, signature private key, storage content and time, and outputs tranID.
Then we design the registration workflow of Cloud is shown in Figure 3, including three steps.

2) REGISTRATION OF USER
We design the registration workflow of DO and DU, as shown in Figure 4, includes two steps. Because the registration process of DO is the same as DU, we collectively call it user registration.

3) RESOURCE PUBLISHING
Resource publishing is that DO upload resources to cloud and publish the metadata on of resources to blockchain. Before designing the registration workflow, we introduce one function ResUp() and one interface ISend() of blockchain. ResUp() aims to upload resources to cloud by DO, which inputs resContent and resUpURL, outputs resInfo; ISend () is a blockchain transaction interface, which inputs K pri_from , Addr from , Addr to , index, content and timestamp, and outputs tranID.
We design the registration workflow of resource publishing, it is shown in Figure 5, include three steps.

B. ACCESS CONTROL
The access control is that the user requests resource in cloud, and cloud determines whether users can access the resource according to the permissions stored in blockchain. If the user has rights, cloud will let users access the resource, and the access record will be stored in blockchain. Before designing workflow of access control, we introduce one function that is VerifyCap and one interface that is IQuery, VerifyCap() which realized by Cloud is aim to verify the inclusion relationship between two permission set, which input resCAP 1 , K priC , and resCAP_S 2 , and outputs true or false, if resCAP 1 contains resCAP_S 2 , returns true, otherwise returns false. IQuery() which realized by blockchain is a transaction query interface, which inputs index, Addr 1 and Addr 2 where index represents query index value, Addr 1 and Addr 2 represents trading parties, and outputs tran.
We design an access control workflow, as shown in Figure 6, include six steps.
User->Cloud: E(ks 4 , Addr user || resInfo')|| E(K pubC ,ks 4 ). User sends a request to Cloud, where resInfo' represents resource what user want to access.   authorizes the DU, and the indirect authorization is authorized by the granted DU to other users.

1) DIRECT AUTHORIZATION
Direct authorization is that the owner of the resource grants access to other users. We design direct authorization workflow of resource publishing, it is shown in Figure 7, include seven steps. DU1->Cloud: E(ks 5 , auth_flag|| Addr U 1 || Addr DO || resInfo)|| E(K pubC , ks 5 ). DU1 sends an authorization request to Cloud, where auth_flag is authorization flag. Cloud decrypts to get Addr U 1 , Addr DO and resInfo.
Cloud: VerifyCap(resInfo.resCAP, K priC , resCAP_S). Cloud checks that Addr DO is indeed the host of resource, and calls VerifyCap to confirm that the permissions requested by DU1 are within the scope of host's authorization. If the request is outside the scope of the authorization, the authorization process is terminated immediately. otherwise, go to .

2) INDIRECT AUTHORIZATION
Indirect authorization means that the authorized DU authorizes other users, including at least five entities: DO (resource owner), DU1 (authorizer), DU2 (requester), Blockchain and Cloud. the specific interaction process is shown in Figure 8. From Figure 8, the steps of indirect authorization are basically the same as direct authorization, the difference between indirect authorization and direct authorization is that authorized users need to send indirect authorization notice (E(ks 9 , auth_flag|| Addr U 2 || resInfo|| authTime)|| E(K pubDO , ks 9 )) to DO, so we will not be repeated here.

D. AUTHORIZATION REVOCATION
Authorization revocation refers to the revocation of authorization by authorized users. Authorization revocation is a 70610 VOLUME 8, 2020 very complex process. In order to standardize the authorization revocation process, we define the following rules: • Who authorizes, who revokes. • The owner can revoke the direct authorization and indirect authorization.
• Only when the authorized user revokes all authorizations can the previous level authorized user to revoke the authorization of this authorized user. According to the above three rules, authorization revocation includes basic authorization revocation and complex authorization revocation. The basic authorization revocation is the basic operating unit of authorization revocation, which means that the authority that no longer has indirect authorization is revoked. For example, we assumed that DU1 authorizes to DU2, and DU2 no longer has any indirect authorization. The specific interaction process is as follows. We design workflow of basic authorization revocation, it is shown in Figure 9, include six steps. DU1->Cloud: E(ks 10 , auth_revoc|| Addr U 1 || Addr U 2 || resInfo)|| E(K pubC , ks 10 ). DU1 sends the information of authorization revocation to Cloud, where auth_revoc is flag of authorization revocation request.
Complex authorization revocation usually refers to the authorization revocation with one or more indirect authorizations. However, all complex authorization revocations are completed by basic authorization revocations step by step. For example, we assume the following scenario: DU1 has the authorization, DU1 authorizes to DU2, and DU2 not only uses the permission to access the resource but also authorizes the authorization to DU3. As can be seen from Figure 10, the specific interaction process is as follows.

V. CHARACTERISTICS AND SECURITY ANALYSIS A. CHARACTERISTIC ANALYSIS
For decentralization, traditional cloud access control includes identity authentication, authorization, access permissions, and auditing. Cloud as a trusted center for access control and all processes are centralized. User is usually authenticated by username and password which is stored by cloud authentication database. Authorization-related information is directly stored in cloud ACPD. The access record is usually stored in cloud log database. However, for AuthPriva-cyChain, it does not have a trusted center, nor does it require users to treat cloud as a trusted center. User is authenticated by Addr which generates by K W . Authorization-related information is directly stored in blockchain. Access record is stored in blockchain too. For performance, in terms of identity authentication, AuthPrivacyChain is better than traditional access control, because it uses Addr instead of username and password. In terms of identity authentication authorization and access control, AuthPrivacyChain is slightly lower than the traditional access control, because it needs to access blockchain, but it can reduce the gap by choosing the appropriate super node to access blockchain.

B. SECURITY ANALYSIS 1) FOR CONFIDENTIALITY
On the one hand, no matter the general user or the SA, AuthPrivacyChain can ensure that the data stored by the user in cloud will not be disclosed to or used by the unauthorized person, thus ensuring the confidentiality of the DO's data. On the other hand, in AuthPrivacyChain, the information transmission among DU, DO, Cloud and Blockchain are encrypted, and the access control permission is also encrypted and stored in blockchain, so ensuring the confidentiality and privacy of AuthPrivacyChain. For integrity. On the one hand, for the data uploaded by users, AuthPrivacyChain provides eight protection mechanisms for data integrity and permission integrity for users. It sets the reshash member in the data structure resInfo and the resCAPhash in the data structure resCAP. On the other hand, AuthPrivacyChain can provide users with system integrity, which can ensure that the system can perform the predetermined functions in a normal way and avoid intentional or unintentional unauthorized manipulation. For availability. AuthPrivacyChain can work quickly and cannot refuse access to authorized users. For authenticity. On the one hand, DU, DO, Cloud and Blockchain in AuthPrivacyChain can be verified and trusted, because to join the system, they must first public their own certificate (public key). On the other hand, for the information transmission of AuthPrivacyChain, information and information sources are correct to be able to verify that the user is who he claims to be and that every input to the system comes from a trusted source. Because when AuthPrivacyChain delivers the information, it requires the private key of the receiver to be decrypted. For accountability, AuthPrivacyChain is not an absolutely safe system. Therefore, AuthPrivacyChain must be able to track down the party responsible for security leakage. We design AuthPrivacyChain to keep activity records of entities in blockchain, so as to allow post-audit analysis, and then track security events or resolve disputes.
From the above analysis, we can see that AuthPriva-cyChain can not only prevent attacks from external users but also prevent internal management attacks when request access to resources, everyone must be authenticated, including SA.

VI. EXPERIMENT AND EVALUATION A. EXPERIMENTAL ENVIRONMENT
We implemented a prototype to analyze performance of the framework. Our experimental environment is all based on Alibaba Cloud, configured as 2 core, 8G RAM, 100G storage, and the system is ubuntu 16.04. There are three test machines, and Blockchain, Cloud and users (DO or DU ) are deployed. The experiment uses two typical test chains of EOS, namely Kylin and Jungle, and a local test chain based on EOS.
Then, in the access control process, we need to find resCAP_S in blockchain and decrypt it. We use the  EOS-encrypt library, use public key encryption, then use private key decryption. Moreover, we use the advanced encryption standard (AES) algorithm to ensure the privacy of communication.
We try to do many access control experiments as shown in Table 3. ''\'' means unexecuted.

B. PERFORMANCE EVALUATION
In the AuthPrivacy evaluation, we will focus on time performance overhead. The complete access control process includes four parts: identity authentication, authorization, access permission, and audit. In AuthPrivacyChain, Addr is used as identity authentication, and access permissions need to query resCAP_S in blockchain and verify permissions. The hash value of resID is used as a unique identifier which may affect the query efficiency, so we first test the hash cost overhead, as shown in Table 4.
Secondly, the overhead of authorization needs to be analyzed. we tested it on two typical open test chains of EOS, namely Jungle and Kylin, and three different types of nodes are tested on each test chain. The overhead of authorization in three types of nodes for Kylin is shown in Figure 11(a), the best average performance is the node of K-1 (api-kylin.eoslaomao.com) for Kylin. The overhead of authorization in three types of nodes for Jungle is shown in Figure 11(b), the best average performance is the node of J-2 (jungle.eosam.sterdam.net) for Jungle.
The experimental results show that the authorization publish performance is related to the selected blockchain and the nodes connecting blockchain. Selecting the appropriate blockchain and configuring the nodes will greatly improve the performance. As shown in Figure 11(c), the optimal performance of the Jungle is about 4.4s, the optimal performance of Kylin is about 0.4s, and the optimal performance of the localhost less than 0.02s.
Then we tested the read and write throughput of AuthPriva-cyChain and the traditional cloud (Alibaba Cloud's MySQL database). The comparison is shown in Figure 12.The test tool is JMeter, the Alibaba Cloud database is Mysql, and AuthPrivacyChain uses the Kylin test chain. Figure 12 (a) shows the read access throughput. AuthPrivacyChain has a small delay when processing read requests. Figure 12 (b) shows the throughput of permission to write. When the transaction is larger than 400, the throughput of AuthPrivacyChain processing request is slightly higher than that of Mysql.
Finally, the overhead of access control needs to be analysis too. We compare AuthPrivacyChain to the traditional cloud access control platform. AuthPrivacyChain uses Kylin's node api-kylin.eoslaomao.com. The traditional cloud access control platform uses OneDrive and Alibaba Cloud. Assume that the user has logged in to the corresponding device, ignoring the interference of network factors and the time of user input, only considering the time of access control, as shown in Figure 13.
According to Figure 13, the overall performance of Auth-PrivacyChain and traditional access control is very similar. Traditional access control is done in cloud, and AuthPrivacy-Chain's access control needs to interact with blockchain.
In conclusion, both the authorization and access control performance are related to the configuration of blockchain. The choice of blockchain has an impact on performance. For  the same blockchain, you can configure nodes to achieve better performance.

VII. CONCLUSION
Among the security-related problems of the existing blockchain and cloud, the research results of using blockchain to solve the privacy protection access control in cloud are few. Most of the traditional cloud access control has one or more trusted centers and trusted internal administrators, so it is very likely to suffer internal and external attacks.
In order to solve the problem of illegal access to resources by attackers in cloud, this paper designs an access control framework AuthPrivacyChain with privacy protection in cloud environment. All authorization-related transactions are posted by the user to blockchain. This paper implements the framework model based on the EOS blockchain and regards access permission and other information as an additional description of blockchain transactions. The experimental results show that only users with access rights can access resources. so our solution can satisfy with confidentiality, integrity, availability, authenticity, and accountability, and can not only prevent attacks from external users but also prevent internal management attacks.