Role-Based Access Control in ShieldCure
Hello, this is ShieldCure Team.
Today, we would like to introduce RBAC (Role-Based Access Control) model applied to ShieldCure MainNet. Before getting into details of RBAC, would like to explain a comprehensive information, in regards to Access Control (AC). AC refers to that users, who have appropriate authorization, are only allowed to access to the specific system or information. In other words, it is a function to permit or refuse what someone uses something. AC could be a fundamental measure in system security.
There are three types of Access Control as below :
1. Discretionary Access Control (DAG)
2. Mandatory Access Control (MAG)
3. Role-Based Access Control (RBAG)
Discretionary Access Control (DAC) is a model to allow an information owner to determine a security level of information, as well as herewith to set access control. A user obtains an information authorization, by Access Control Lists (ACL) in regards to information, being revised. DAC model is based on the ownership of information. This allows users to have a partial or a whole authorization.
Mandatory Access Control (MAC) refers to that users obtain an information authorization from a supervisor. And the supervisor is only able to assign authority. The access to information is based on the security level in which security classification is given to a user. There is a high possibility of risks such as potential confliction of authorization, because it is required to form a new category whenever authorization is assigned, and the supervisor is only allowed to modify the security level or classification.
The two types of AC mentioned above are time consuming, hardly renewal of each user’s authorization in the changed condition, because they have 1:1 structure between a user and access authorization, so that a high possibility of error does exist. And a disadvantage of MAC is low availability, while DAC can be vulnerable to security when veiled attacks or lots of participants exist in a decentralized environment.
RBAC, started from Multi-User System in early 1970 year, sets a role based on duties assigned to network participants by supplementing other 2 types of access control (DAC & MAC). A system administrator assigns access authorization.
RBAC (Role-Based Access Control) is a way to effectively manage a number of nodes in decentralized ecosystem like blockchain and to control illegal access. In order to manage delegated nodes, it has a large advantage of easier system management by utilizing a role, but not utilizing each delegated node’s identity information.
If RBAC system is configured, it is very efficient to allocate or remove a user to a given role and change the authorization. Also the cost of system management and monitor is less than other types of access control. This enhanced efficiency can decrease work time to operate system management.
RBAC, explained above, is scheduled to apply to ShieldCure MainNet.
SHIELDCURE has two different classes of nodes — Priority Node, and Candidate Node. The priority node plays a role in collecting, verifying and adding transaction into blocks. The Candidate node is the node not belong to priority node, among nodes who participate to SHIELDCURE network. The candidate node is entitled to be the priority node through voting by the stake holders, and the candidate node can confirm the agreed blocks.
ShieldCure empowers each node making up ShieldCure network by a role. The Priority node and the Candidate node have their authority to create, own, execute, modify, and read the transaction information included in a block unit or block, in according to their individual roles. The nodes, making up the network, control the authorities, as previously stated, by a weighted combination of the node’s account and key. This enables to establish a structure of hierarchical qualification management that reflects how the authority is actually configured, so that the nodes are able to easily control transactions. This multi-control structure is an effective way to improve security and, if properly used, can reduce the threat of hacking. Eventually ShieldCure provides a high level of framework to control, with a breakdown of details — who, what, when, and under which conditions.
Today, we had a fruitful time to know RBAC (Role-Based Access Control) model. For further details, please kindly refer to the ShieldCure White Paper.
Thanks for your time.
“KEEP YOUR IDENTITY”
