Research Article
Trusted and Efficient Cross-Domain Access Control System Based on Blockchain
| (1) | Input: request, Uid, sig | | (2) | output: string | | (3) | % invoke by DMS to make an access control. | | (4) | % sig = | | (5) | % request = 00|| || devID || op, op is an access control order. | | (6) | if verify (uID, sig) = true then | | (7) | role = getURole (uID) | | (8) | if role = = ‘9000’ then | | (9) | { | | (10) | recordAudit (request, ‘9000’); | | (11) | return ‘9000’; | | (12) | } | | (13) | DMS_ID_sou = find_DMS_ID (uID) % find DMS’s ID whose DMS_ID_sou.DO = = uID.DO | | (14) | DMS_ID_des = find_DMS_ID (devID) % find DMS’s ID whose DMS_ID_des.DO = = devID.DO | | (15) | role’ = mapRole (role, DMS_ID_sou||DMS_ID_des); | | (16) | if role’ = = ‘9001’ then | | (17) | { | | (18) | recordAudit (request, ‘9001’); | | (19) | return ‘9001’; | | (20) | } | | (21) | policy = getPolicy (devID) | | (22) | if policy = = ‘9002’ then | | (23) | { | | (24) | recordAudit (request, ‘9002’) | | (25) | return ‘9002’; | | (26) | } | | (27) | if ((role, devID, op) policy) then | | (28) | recordAudit (request, permit); | | (29) | addAHL (uID||devID||op); | | (30) | return permit; | | (31) | else | | (32) | recordAudit (request, ‘9003’); | | (33) | return ‘9003’; | | (34) | else | | (35) | return ‘sign_error’; |
|
