An Exploration of Blockchain Enabled Decentralized Capability based Access Control Strategy for Space Situation Awareness
share
Space situation awareness (SSA) includes tracking of active and inactive resident space objects (RSOs) and space weather assessment through space environmental data collection and processing. To enhance SSA, the dynamic data-driven applications systems (DDDAS) framework couples on-line data with off-line models to enhance system performance. For information management, there is a need for identity authentication and access control strategy to ensure the integrity of exchanged data as well as to grant authorized entities access right to data and services. Due to decentralization and heterogeneity nature of SSA systems, it is very challenging to build a efficient centralized access control system, which could either be a performance bottleneck or the single point of failure. Inspired by the blockchain technology, this paper introduces BlendCAC, a decentralized authentication and capability-based access control mechanism to enable effective protection for devices, services and information in SSA networks. To achieve secure identity authentication, the BlendCAC leverages the blockchain to create virtual trust zones, in which distributed components could identify and update each other in a trustless network environment. A robust identity-based capability token management strategy is proposed, which takes advantage of the smart contract for registration, propagation, and revocation of the access authorization. A proof-of-concept prototype has been implemented and tested on a private Ethereum blockchain network. The experimental results demonstrate the feasibility of the BlendCAC scheme to offer a decentralized, scalable, lightweight and fine-grained access control solution for space system towards SSA.
READ FULL TEXT