A blockchain based approach for the authorization policies delegation in emergency situations

Abstract There are many facets to implementing security within an organization and one such measure is the authorization or the access control process. The recent rise of decentralized file systems such as interplanetary file system (IPFS) allow for decentralized storage of resource using content addressing. Naturally, the authorization process for handling these resources needs to be decentralized as well and decentralized ledger technologies, such as the blockchain with the support of smart contracts can be used to manage the authorization process. In this article, we propose an approach which allows for decoupling authorization logic from the core capabilities of a smart contract and providing advance authorization capabilities, such as contextual delegation, to be readily available. The proposed approach is expressive and can handle many aspects related to authorization such as role‐based access control, conflicts, and redundancy reduction. We have used an efficient and modular approach for designing smart contracts. This makes them easier to manage and redeploy, if needed. The data structures used in the smart contracts are carefully chosen to minimize the gas cost, as evident from performance evaluation results.